www.correiodopovo.com.br Open in urlscan Pro
179.191.182.65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://correiodopovo.com.br/
Effective URL:
https://www.correiodopovo.com.br/
Submission: On June 21 via api (June 21st 2023, 5:03:53 pm UTC) from US — Scanned from DE

Summary HTTP 1293 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 154 IPs in 16 countries across 121 domains to perform 1293 HTTP transactions. The main IP is 179.191.182.65, located in Offenbach, Germany and belongs to Azion Technologies Ltda., BR. The main domain is www.correiodopovo.com.br. The Cisco Umbrella rank of the primary domain is 521244.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 24th 2022. Valid for: a year.

This is the only time www.correiodopovo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 14	189.16.116.12 189.16.116.12	4230 (CLARO S.A.) (CLARO S.A.)
135	179.191.182.65 179.191.182.65	52580 (Azion Tec...) (Azion Technologies Ltda.)
9	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
6	95.101.148.43 95.101.148.43	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.19.54.139 3.19.54.139	16509 (AMAZON-02) (AMAZON-02)
6	35.201.123.184 35.201.123.184	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
126	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	95.101.149.35 95.101.149.35	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.32.99.47 13.32.99.47	16509 (AMAZON-02) (AMAZON-02)
1 1	2a03:2880:f27... 2a03:2880:f277:c0:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f27... 2a03:2880:f276:e8:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
6	52.1.252.251 52.1.252.251	14618 (AMAZON-AES) (AMAZON-AES)
10	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
13	2606:4700::68... 2606:4700::6812:160e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2606:4700::68... 2606:4700::6810:ef3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	34.207.18.4 34.207.18.4	14618 (AMAZON-AES) (AMAZON-AES)
3	13.249.9.34 13.249.9.34	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
34	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
16	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	18.164.52.38 18.164.52.38	16509 (AMAZON-02) (AMAZON-02)
1	54.82.20.194 54.82.20.194	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
5	2a00:1450:400... 2a00:1450:4001:82a::200d	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	3.23.208.81 3.23.208.81	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	2600:9000:219... 2600:9000:219c:2600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
10	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
11 33	2.16.202.74 2.16.202.74	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8 9	3.64.137.20 3.64.137.20	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.53.219 35.210.53.219	15169 (GOOGLE) (GOOGLE)
1	212.36.83.208 212.36.83.208	15699 (AS_ADAM A...) (AS_ADAM Adam Datacenter)
4 6	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
5	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
2 18	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
43	81.17.55.99 81.17.55.99	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
43	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.232.160.141 3.232.160.141	14618 (AMAZON-AES) (AMAZON-AES)
1	18.155.129.99 18.155.129.99	16509 (AMAZON-02) (AMAZON-02)
58	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	20.114.189.70 20.114.189.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
9	69.20.43.192 69.20.43.192	27357 (RACKSPACE) (RACKSPACE)
6	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
22 72	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
10	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
5 5	35.214.210.61 35.214.210.61	15169 (GOOGLE) (GOOGLE)
22	146.20.132.111 146.20.132.111	27357 (RACKSPACE) (RACKSPACE)
7 8	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
5 5	54.234.180.12 54.234.180.12	14618 (AMAZON-AES) (AMAZON-AES)
29	146.20.132.167 146.20.132.167	27357 (RACKSPACE) (RACKSPACE)
1	34.234.140.75 34.234.140.75	14618 (AMAZON-AES) (AMAZON-AES)
1 7	2606:4700:10:... 2606:4700:10::ac43:8f4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	95.101.148.198 95.101.148.198	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
6	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 7	104.102.35.84 104.102.35.84	16625 (AKAMAI-AS) (AKAMAI-AS)
6	34.102.185.99 34.102.185.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
20	46.4.10.49 46.4.10.49	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
2 3	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
4	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1 4	176.9.26.250 176.9.26.250	24940 (HETZNER-AS) (HETZNER-AS)
78	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
1 3	185.86.138.153 185.86.138.153	201081 (SMARTADSE...) (SMARTADSERVER)
7	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
7	2a05:d018:d29... 2a05:d018:d29:3605:6ce8:f044:1eeb:8f7f	16509 (AMAZON-02) (AMAZON-02)
1	213.202.235.10 213.202.235.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	167.233.14.134 167.233.14.134	24940 (HETZNER-AS) (HETZNER-AS)
1	3.11.176.98 3.11.176.98	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
12	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2606:4700:1::... 2606:4700:1::6813:884e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2.23.197.190 2.23.197.190	16625 (AKAMAI-AS) (AKAMAI-AS)
2	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
3 3	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
4 8	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	54.155.101.92 54.155.101.92	16509 (AMAZON-02) (AMAZON-02)
2 2	185.86.138.150 185.86.138.150	201081 (SMARTADSE...) (SMARTADSERVER)
3	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
4	2600:9000:206... 2600:9000:206f:e800:15:6f6c:b180:93a1	16509 (AMAZON-02) (AMAZON-02)
3	94.130.102.164 94.130.102.164	24940 (HETZNER-AS) (HETZNER-AS)
3	138.201.63.164 138.201.63.164	24940 (HETZNER-AS) (HETZNER-AS)
3	116.202.48.214 116.202.48.214	24940 (HETZNER-AS) (HETZNER-AS)
3	138.201.63.117 138.201.63.117	24940 (HETZNER-AS) (HETZNER-AS)
1	18.66.147.120 18.66.147.120	16509 (AMAZON-02) (AMAZON-02)
1	18.155.129.96 18.155.129.96	16509 (AMAZON-02) (AMAZON-02)
17	23.32.184.192 23.32.184.192	16625 (AKAMAI-AS) (AKAMAI-AS)
4 12	104.102.45.165 104.102.45.165	16625 (AKAMAI-AS) (AKAMAI-AS)
4	194.97.158.1 194.97.158.1	5539 (SPACENET ...) (SPACENET SpaceNET AG)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	139.162.58.205 139.162.58.205	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
3	69.166.1.12 69.166.1.12	27630 (AS-XFERNET) (AS-XFERNET)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
3 3	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 3	213.155.156.166 213.155.156.166	1299 (TWELVE99 ...) (TWELVE99 Arelion)
3 3	52.49.243.219 52.49.243.219	16509 (AMAZON-02) (AMAZON-02)
1 1	202.241.208.100 202.241.208.100	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
2	54.238.123.169 54.238.123.169	16509 (AMAZON-02) (AMAZON-02)
1	35.157.246.107 35.157.246.107	16509 (AMAZON-02) (AMAZON-02)
1 4	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	188.166.17.21 188.166.17.21	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
5	23.32.184.180 23.32.184.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.201.255.110 23.201.255.110	16625 (AKAMAI-AS) (AKAMAI-AS)
4 5	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	2600:9000:245... 2600:9000:2450:7000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
6 6	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
4 4	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	185.86.138.154 185.86.138.154	201081 (SMARTADSE...) (SMARTADSERVER)
1 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
2 2	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	3.127.111.154 3.127.111.154	16509 (AMAZON-02) (AMAZON-02)
1 2	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4	198.47.127.206 198.47.127.206	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 6	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
4 4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 5	67.220.224.150 67.220.224.150	16509 (AMAZON-02) (AMAZON-02)
7	198.47.127.205 198.47.127.205	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	34.255.231.185 34.255.231.185	16509 (AMAZON-02) (AMAZON-02)
8	185.64.190.89 185.64.190.89	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	52.56.247.104 52.56.247.104	16509 (AMAZON-02) (AMAZON-02)
3	18.138.182.210 18.138.182.210	16509 (AMAZON-02) (AMAZON-02)
3	35.160.227.216 35.160.227.216	16509 (AMAZON-02) (AMAZON-02)
8	54.205.191.114 54.205.191.114	14618 (AMAZON-AES) (AMAZON-AES)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2606:4700:20:... 2606:4700:20::ac43:494b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.157.2.229 37.157.2.229	198622 (ADFORM) (ADFORM)
11	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5 5	52.208.166.9 52.208.166.9	16509 (AMAZON-02) (AMAZON-02)
1 1	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
1	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	77.243.51.121 77.243.51.121	42697 (NETIC-AS) (NETIC-AS)
1 1	141.95.32.72 141.95.32.72	16276 (OVH) (OVH)
8	2600:9000:223... 2600:9000:223d:c400:19:c363:bec0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	18.194.142.62 18.194.142.62	16509 (AMAZON-02) (AMAZON-02)
1	54.172.233.79 54.172.233.79	14618 (AMAZON-AES) (AMAZON-AES)
1	64.95.96.108 64.95.96.108	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
1 1	34.102.163.6 34.102.163.6	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	2606:4700:20:... 2606:4700:20::ac43:4663	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	54.77.72.186 54.77.72.186	16509 (AMAZON-02) (AMAZON-02)
1 1	141.95.171.142 141.95.171.142	() ()
2 2	146.59.148.16 146.59.148.16	() ()
1	162.55.120.196 162.55.120.196	() ()
1 1	34.102.253.54 34.102.253.54	() ()
1293	154

14 189.16.116.12 (Porto Alegre, Brazil) 2 redirects

ASN4230 (CLARO S.A., BR)

correiodopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
portal.correiodopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

135 179.191.182.65 (Offenbach, Germany)

ASN52580 (Azion Technologies Ltda., BR)

www.correiodopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.101.148.43 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-43.deploy.static.akamaitechnologies.com

assets.r7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms-media-api.r7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
barra.r7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.19.54.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-54-139.us-east-2.compute.amazonaws.com

ads.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com

tags.cmp.tail.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

126 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-47.fra60.r.cloudfront.net

tagmanager.alright.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f277:c0:face:b00c:0:43fe (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f276:e8:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.1.252.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-252-251.compute-1.amazonaws.com

wfpscripts.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6812:160e (United States)

ASN13335 (CLOUDFLARENET, US)

tags.denakop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:ef3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync2.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.207.18.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-207-18-4.compute-1.amazonaws.com

webservices.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.249.9.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-9-34.cdg53.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:c5a4:625:6563:a5bb (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nr-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.164.52.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-52-38.cdg50.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.82.20.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-20-194.compute-1.amazonaws.com

paywall.correiodopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.23.208.81 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-23-208-81.us-east-2.compute.amazonaws.com

receiver.posclick.dinamize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:219c:2600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

ad.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2.16.202.74 (Frankfurt am Main, Germany) 11 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-74.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.64.137.20 (Frankfurt am Main, Germany) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-137-20.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.36.83.208 (Terrassa, Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)

a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

cpm.denakop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.89.211.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 81.17.55.99 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.160.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-160-141.compute-1.amazonaws.com

digital2.correiodopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.129.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-129-99.cdg52.r.cloudfront.net

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.20.43.192 (United States)

ASN27357 (RACKSPACE, US)

v.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 142.250.186.34 (United States) 22 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.6 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.214.210.61 (Groningen, Netherlands) 5 redirects

ASN15169 (GOOGLE, US)
PTR: 61.210.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 146.20.132.111 (United States)

ASN27357 (RACKSPACE, US)

cs.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2001:678:cb4:bbbb::11 (United Kingdom) 7 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.234.180.12 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-180-12.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 146.20.132.167 (United States)

ASN27357 (RACKSPACE, US)

t.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.234.140.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-140-75.compute-1.amazonaws.com

msgws.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::ac43:8f4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

api.retargetly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.retargetly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.101.148.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-198.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidoomy-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.102.35.84 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-9964-3.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 46.4.10.49 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.94.180.125 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 176.9.26.250 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de

hal900014.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

78 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.138.153 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a05:d018:d29:3605:6ce8:f044:1eeb:8f7f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.10 (Grenzach-Wyhlen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

tagm.tchibo.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidanalytics.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France)

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.14.134 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-2.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.11.176.98 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-176-98.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:1::6813:884e (United States)

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.153 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.190.78 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.101.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-101-92.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.150 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

retargetly-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:206f:e800:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)

vpaid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.130.102.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de

hal900012.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.63.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.63.201.138.clients.your-server.de

hal90006.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 116.202.48.214 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.214.48.202.116.clients.your-server.de

hal900013.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.63.117 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de

hal90003.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-120.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.129.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-129-96.cdg52.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com

vpaid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.102.45.165 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 194.97.158.1 (Coburg, Germany)

ASN5539 (SPACENET SpaceNET AG, DE)
PTR: sammelfrontend.pl2.spacenet.de

www.more-and-more.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.162.58.205 (Singapore) 2 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1471-205.members.linode.com

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.114.159.118 (Bad Durrheim, Germany) 3 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.166 (Sweden) 3 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.49.243.219 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-243-219.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.241.208.100 (Japan) 1 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.238.123.169 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-123-169.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.246.107 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-107.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.166.17.21 (Amsterdam, Netherlands) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.32.184.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-180.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.204.74.118 (Groningen, Netherlands) 4 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2450:7000:1b:5138:8a40:93a1 (United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 46.228.174.117 (United Kingdom) 6 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.223.111.18 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.154 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.131 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.111.154 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-111-154.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.206 (United States)

ASN62713 (AS-PUBMATIC, US)

vid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 67.220.224.150 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.231.185 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-231-185.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.190.89 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

st.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.56.247.104 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-247-104.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.138.182.210 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-182-210.ap-southeast-1.compute.amazonaws.com

vid-io-sin.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.160.227.216 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-227-216.us-west-2.compute.amazonaws.com

vid-io-cle.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.205.191.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-191-114.compute-1.amazonaws.com

vid-io-iad.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:494b (United States)

ASN13335 (CLOUDFLARENET, US)

plugins.soclminer.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
correiodopovo.soclminer.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.208.166.9 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-166-9.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.93.169.131 (United States) 1 redirects

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.51.121 (Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.32.72 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: haproxy-eu-005.roqad.pl

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:223d:c400:19:c363:bec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.142.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-142-62.eu-central-1.compute.amazonaws.com

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.172.233.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-233-79.compute-1.amazonaws.com

api.soclminer.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.95.96.108 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.163.6 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com

ad.mrtnsvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4663 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

static.socialminer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.77.72.186 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-72-186.eu-west-1.compute.amazonaws.com

vid-io-dub.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.171.142 (None, ) 1 redirects

ASN- ()

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.59.148.16 (None, ) 2 redirects

ASN- ()

pixel-eu.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.120.196 (None, )

ASN- ()

matching.truffle.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (None, ) 1 redirects

ASN- ()

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
201	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 155 ade.googlesyndication.com — Cisco Umbrella Rank: 321	1 MB
151	correiodopovo.com.br 2 redirects correiodopovo.com.br — Cisco Umbrella Rank: 504318 www.correiodopovo.com.br — Cisco Umbrella Rank: 521244 portal.correiodopovo.com.br paywall.correiodopovo.com.br digital2.correiodopovo.com.br	2 MB
139	doubleclick.net 24 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 124 cm.g.doubleclick.net — Cisco Umbrella Rank: 244 ad.doubleclick.net — Cisco Umbrella Rank: 184 static.doubleclick.net — Cisco Umbrella Rank: 349 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 730239 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 359	601 KB
78	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 338	3 MB
70	lkqd.net ad.lkqd.net — Cisco Umbrella Rank: 22932 v.lkqd.net — Cisco Umbrella Rank: 16686 cs.lkqd.net — Cisco Umbrella Rank: 3616 t.lkqd.net — Cisco Umbrella Rank: 18760	286 KB
56	rubiconproject.com 8 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 381 fastlane.rubiconproject.com — Cisco Umbrella Rank: 543 eus.rubiconproject.com — Cisco Umbrella Rank: 639 token.rubiconproject.com — Cisco Umbrella Rank: 656 optimized-by.rubiconproject.com — Cisco Umbrella Rank: 4881	29 KB
55	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 822 vpaid.pubmatic.com — Cisco Umbrella Rank: 5210 ads.pubmatic.com — Cisco Umbrella Rank: 547 vid.pubmatic.com — Cisco Umbrella Rank: 7866 image2.pubmatic.com — Cisco Umbrella Rank: 1020 simage2.pubmatic.com — Cisco Umbrella Rank: 761 Failed st.pubmatic.com — Cisco Umbrella Rank: 1133	300 KB
49	smartadserver.com 3 redirects prg.smartadserver.com — Cisco Umbrella Rank: 1488 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 615 sync.smartadserver.com — Cisco Umbrella Rank: 1588 ssbsync.smartadserver.com — Cisco Umbrella Rank: 867	26 KB
48	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 949 c2.taboola.com — Cisco Umbrella Rank: 9232 pm-widget.taboola.com — Cisco Umbrella Rank: 4879 nr-events.taboola.com — Cisco Umbrella Rank: 10910 trc.taboola.com — Cisco Umbrella Rank: 650 vidstat.taboola.com — Cisco Umbrella Rank: 2894 am-trc-events.taboola.com — Cisco Umbrella Rank: 12637 images.taboola.com — Cisco Umbrella Rank: 2011 imprammp.taboola.com — Cisco Umbrella Rank: 12368 am-match.taboola.com — Cisco Umbrella Rank: 12411 wf.taboola.com — Cisco Umbrella Rank: 2926 am-vid-events.taboola.com — Cisco Umbrella Rank: 11638 vidstatb.taboola.com — Cisco Umbrella Rank: 5236 pips.taboola.com — Cisco Umbrella Rank: 1621 cds.taboola.com — Cisco Umbrella Rank: 1928 vidanalytics.taboola.com — Cisco Umbrella Rank: 16210	2 MB
41	stickyadstv.com 11 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 617 cdn.stickyadstv.com — Cisco Umbrella Rank: 4978	577 KB
36	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 39899 hal900014.redintelligence.net — Cisco Umbrella Rank: 402358 hal900012.redintelligence.net — Cisco Umbrella Rank: 441248 hal90006.redintelligence.net — Cisco Umbrella Rank: 371035 hal900013.redintelligence.net — Cisco Umbrella Rank: 415834 hal90003.redintelligence.net — Cisco Umbrella Rank: 306018	472 KB
35	google.com apis.google.com — Cisco Umbrella Rank: 191 accounts.google.com — Cisco Umbrella Rank: 59 adservice.google.com — Cisco Umbrella Rank: 107 www.google.com — Cisco Umbrella Rank: 3	303 KB
26	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 249 secure.adnxs.com — Cisco Umbrella Rank: 476 acdn.adnxs.com — Cisco Umbrella Rank: 611	123 KB
25	gstatic.com fonts.gstatic.com ssl.gstatic.com www.gstatic.com	314 KB
24	springserve.com vpaid.springserve.com — Cisco Umbrella Rank: 11263 vid-io-sin.springserve.com — Cisco Umbrella Rank: 9783 vid-io-cle.springserve.com — Cisco Umbrella Rank: 9672 vid-io-iad.springserve.com — Cisco Umbrella Rank: 8481 vid-io-dub.springserve.com — Cisco Umbrella Rank: 9999	367 KB
19	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80 ajax.googleapis.com — Cisco Umbrella Rank: 422 jnn-pa.googleapis.com — Cisco Umbrella Rank: 279	69 KB
18	youtube.com www.youtube.com — Cisco Umbrella Rank: 97	1 MB
18	denakop.com tags.denakop.com — Cisco Umbrella Rank: 210147 cpm.denakop.com — Cisco Umbrella Rank: 228867	126 KB
15	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	1019 KB
14	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1303 ups.analytics.yahoo.com — Cisco Umbrella Rank: 340 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468	5 KB
12	awin1.com 4 redirects www.awin1.com — Cisco Umbrella Rank: 16217	8 KB
12	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	670 KB
11	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 337 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1032	6 KB
11	tailtarget.com tags.t.tailtarget.com — Cisco Umbrella Rank: 70940 d.tailtarget.com — Cisco Umbrella Rank: 82769 tt-9964-3.seg.t.tailtarget.com — Cisco Umbrella Rank: 263503 b.t.tailtarget.com — Cisco Umbrella Rank: 50198 cm.t.tailtarget.com — Cisco Umbrella Rank: 9264 t.tailtarget.com — Cisco Umbrella Rank: 8461	65 KB
9	bidswitch.net 8 redirects x.bidswitch.net — Cisco Umbrella Rank: 361	3 KB
9	webspectator.com wfpscripts.webspectator.com — Cisco Umbrella Rank: 181576 webservices.webspectator.com — Cisco Umbrella Rank: 157658 msgws.webspectator.com — Cisco Umbrella Rank: 269956 cdn.webspectator.com — Cisco Umbrella Rank: 587488	51 KB
8	turn.com 7 redirects ad.turn.com — Cisco Umbrella Rank: 1039 r.turn.com — Cisco Umbrella Rank: 3929	3 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1007 t.clarity.ms — Cisco Umbrella Rank: 8445 c.clarity.ms — Cisco Umbrella Rank: 1573	28 KB
8	teads.tv 2 redirects a.teads.tv — Cisco Umbrella Rank: 1495 sync.teads.tv — Cisco Umbrella Rank: 1404	1 KB
7	soclminer.com.br plugins.soclminer.com.br — Cisco Umbrella Rank: 156034 api.soclminer.com.br — Cisco Umbrella Rank: 93869 correiodopovo.soclminer.com.br	232 KB
7	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 375	2 KB
7	retargetly.com 1 redirects api.retargetly.com — Cisco Umbrella Rank: 6661 app.retargetly.com — Cisco Umbrella Rank: 23344	8 KB
7	google.de www.google.de — Cisco Umbrella Rank: 4835	882 B
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60 region1.google-analytics.com — Cisco Umbrella Rank: 1832	21 KB
6	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	289 KB
6	r7.com assets.r7.com — Cisco Umbrella Rank: 722039 cms-media-api.r7.com — Cisco Umbrella Rank: 303539 barra.r7.com — Cisco Umbrella Rank: 378877	19 KB
5	bidr.io 5 redirects match.prod.bidr.io — Cisco Umbrella Rank: 602	3 KB
5	simpli.fi 4 redirects um.simpli.fi — Cisco Umbrella Rank: 976	3 KB
5	openx.net us-u.openx.net — Cisco Umbrella Rank: 492 rtb.openx.net — Cisco Umbrella Rank: 1042 vidoomy-d.openx.net — Cisco Umbrella Rank: 40086	931 B
5	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 1145 sync.mathtag.com — Cisco Umbrella Rank: 566	3 KB
5	stackadapt.com 5 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 792	2 KB
5	loopme.me 5 redirects csync.loopme.me — Cisco Umbrella Rank: 1024	1 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 387	110 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 621 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486	4 KB
5	criteo.com gum.criteo.com — Cisco Umbrella Rank: 407 dis.criteo.com — Cisco Umbrella Rank: 601	1 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	218 B
5	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 30435 usr.navdmp.com — Cisco Umbrella Rank: 37976 cdn.navdmp.com — Cisco Umbrella Rank: 7568 sync2.navdmp.com — Cisco Umbrella Rank: 62405	6 KB
4	3lift.com 4 redirects eb2.3lift.com — Cisco Umbrella Rank: 421	2 KB
4	1rx.io 4 redirects sync.1rx.io — Cisco Umbrella Rank: 618	3 KB
4	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 920 s.tribalfusion.com — Cisco Umbrella Rank: 2022	2 KB
4	more-and-more.de www.more-and-more.de — Cisco Umbrella Rank: 285448	5 KB
4	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 1215 pixel.quantserve.com — Cisco Umbrella Rank: 977 cms.quantserve.com — Cisco Umbrella Rank: 846	10 KB
3	socialminer.com 1 redirects static.socialminer.com — Cisco Umbrella Rank: 212277	8 KB
3	smaato.net 3 redirects s.ad.smaato.net — Cisco Umbrella Rank: 805	1 KB
3	360yield.com 3 redirects match.360yield.com — Cisco Umbrella Rank: 2458	1 KB
3	de17a.com 3 redirects d5p.de17a.com — Cisco Umbrella Rank: 4988	871 B
3	adition.com 3 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1651	2 KB
3	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 1089	1 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 21204 api.webgains.io — Cisco Umbrella Rank: 51885	32 KB
3	dotomi.com retargetly-match.dotomi.com — Cisco Umbrella Rank: 29658 dclk-match.dotomi.com — Cisco Umbrella Rank: 3231 pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4315	310 B
3	crwdcntrl.net 1 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 952 sync.crwdcntrl.net — Cisco Umbrella Rank: 948	628 B
3	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 53229 medialead.de — Cisco Umbrella Rank: 52979	912 B
3	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 785	2 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 959 syndication.twitter.com — Cisco Umbrella Rank: 1131	132 KB
3	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 160	3 KB
2	onaudience.com 2 redirects pixel-eu.onaudience.com	1 KB
2	semasio.net 1 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1332	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1012	2 KB
2	rfihub.com 2 redirects p.rfihub.com — Cisco Umbrella Rank: 933	2 KB
2	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 778	802 B
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1281	1 KB
2	bidtheatre.com 2 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2846	1 KB
2	adingo.jp cc.adingo.jp — Cisco Umbrella Rank: 8176	87 B
2	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 44520 ipac.ctnsnet.com — Cisco Umbrella Rank: 6665	925 B
2	appier.net 2 redirects a.c.appier.net — Cisco Umbrella Rank: 16506	1 KB
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6896	909 B
2	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 756	374 B
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 513	1 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 135629	6 KB
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 6081	750 B
2	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 28670	1 KB
2	instagram.com 1 redirects platform.instagram.com — Cisco Umbrella Rank: 8765 www.instagram.com — Cisco Umbrella Rank: 1451	20 KB
2	alright.network tagmanager.alright.network — Cisco Umbrella Rank: 451229	149 KB
2	vidoomy.com ads.vidoomy.com — Cisco Umbrella Rank: 24257 a.vidoomy.com — Cisco Umbrella Rank: 2680	6 KB
1	playground.xyz 1 redirects ads.playground.xyz	463 B
1	truffle.bid matching.truffle.bid
1	erne.co 1 redirects green.erne.co	412 B
1	mrtnsvr.com 1 redirects ad.mrtnsvr.com — Cisco Umbrella Rank: 3053	308 B
1	iprom.net core.iprom.net — Cisco Umbrella Rank: 7132	279 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1615	283 B
1	rqtrk.eu 1 redirects ws.rqtrk.eu — Cisco Umbrella Rank: 3612	352 B
1	zeotap.com mwzeom.zeotap.com — Cisco Umbrella Rank: 3222	439 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 648	655 B
1	adform.net c1.adform.net — Cisco Umbrella Rank: 635	600 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 246	742 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 408	650 B
1	e-volution.ai rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 12226	233 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 572	359 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1091	1 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 434	1 KB
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 1487	708 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 57739	438 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 653	218 B
1	mgid.com cm.mgid.com — Cisco Umbrella Rank: 1359	432 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 35620	2 KB
1	futalis.de futalis.de — Cisco Umbrella Rank: 192473	401 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 191967	931 B
1	tchibo.de tagm.tchibo.de — Cisco Umbrella Rank: 33517	1 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 252	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 123	39 KB
1	trvdp.com go.trvdp.com — Cisco Umbrella Rank: 32478	6 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1107	610 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1141	630 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	1 KB
1	dinamize.com receiver.posclick.dinamize.com — Cisco Umbrella Rank: 600392	25 KB
1	tail.digital tags.cmp.tail.digital	35 KB
0	gammaplatform.com Failed cm-supply-web.gammaplatform.com Failed
0	exelator.com Failed loada.exelator.com Failed
0	audrte.com Failed a.audrte.com Failed
0	chocolateplatform.com Failed cs.chocolateplatform.com Failed
0	fksnk.com Failed fksnk.com Failed
1293	121

	Domain	Requested by
135	www.correiodopovo.com.br	www.correiodopovo.com.br
126	pagead2.googlesyndication.com	www.correiodopovo.com.br pagead2.googlesyndication.com 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com s0.2mdn.net
78	s0.2mdn.net	www.correiodopovo.com.br s0.2mdn.net
72	cm.g.doubleclick.net	22 redirects googleads.g.doubleclick.net 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com www.correiodopovo.com.br eus.rubiconproject.com
58	tpc.googlesyndication.com	securepubads.g.doubleclick.net 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com www.correiodopovo.com.br googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
43	fastlane.rubiconproject.com	tags.denakop.com
43	prg.smartadserver.com	tags.denakop.com
33	ads.stickyadstv.com	11 redirects www.correiodopovo.com.br googleads.g.doubleclick.net ad.lkqd.net cdn.stickyadstv.com
31	googleads.g.doubleclick.net	pagead2.googlesyndication.com 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com www.googletagmanager.com www.youtube.com
29	t.lkqd.net	ad.lkqd.net
22	cs.lkqd.net	ad.lkqd.net
20	hal9000.redintelligence.net	0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com hal900014.redintelligence.net hal900012.redintelligence.net hal900013.redintelligence.net hal90003.redintelligence.net hal90006.redintelligence.net
18	ib.adnxs.com	2 redirects tags.denakop.com googleads.g.doubleclick.net acdn.adnxs.com
18	www.youtube.com	www.correiodopovo.com.br apis.google.com www.youtube.com
18	securepubads.g.doubleclick.net	www.correiodopovo.com.br securepubads.g.doubleclick.net www.googletagservices.com
16	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
15	www.googletagmanager.com	www.correiodopovo.com.br tags.denakop.com www.googletagmanager.com paywall.correiodopovo.com.br tags.t.tailtarget.com adv.office-partner.de
14	www.google.com	www.correiodopovo.com.br www.youtube.com 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com tpc.googlesyndication.com
13	tags.denakop.com	www.correiodopovo.com.br
12	www.awin1.com	4 redirects 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
12	googleads4.g.doubleclick.net	www.correiodopovo.com.br
12	www.googletagservices.com	securepubads.g.doubleclick.net 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
12	0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
12	portal.correiodopovo.com.br	www.correiodopovo.com.br
11	simage2.pubmatic.com	ads.pubmatic.com
10	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com www.correiodopovo.com.br
10	ad.lkqd.net	www.correiodopovo.com.br ad.lkqd.net
10	apis.google.com	www.correiodopovo.com.br apis.google.com accounts.google.com www.youtube.com
9	ads.pubmatic.com	vpaid.pubmatic.com ads.pubmatic.com
9	v.lkqd.net	ad.lkqd.net
9	x.bidswitch.net	8 redirects am-match.taboola.com
9	cdn.taboola.com	www.correiodopovo.com.br cdn.taboola.com
9	fonts.googleapis.com	www.correiodopovo.com.br securepubads.g.doubleclick.net hal900014.redintelligence.net hal900012.redintelligence.net hal900013.redintelligence.net hal90003.redintelligence.net hal90006.redintelligence.net
8	cdn.stickyadstv.com	ad.lkqd.net cdn.stickyadstv.com
8	vid-io-iad.springserve.com	www.correiodopovo.com.br
8	st.pubmatic.com	www.correiodopovo.com.br
8	vpaid.pubmatic.com	vpaid.springserve.com blank
8	image6.pubmatic.com	4 redirects ads.pubmatic.com
7	image2.pubmatic.com	ads.pubmatic.com
7	pr-bh.ybp.yahoo.com	imprammp.taboola.com am-match.taboola.com 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com eus.rubiconproject.com ads.pubmatic.com
7	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com api.retargetly.com 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com eus.rubiconproject.com ads.pubmatic.com
7	sync.teads.tv	2 redirects googleads.g.doubleclick.net api.retargetly.com 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
7	ad.turn.com	7 redirects
7	www.google.de	www.correiodopovo.com.br
6	vid-io-dub.springserve.com
6	s.amazon-adsystem.com	1 redirects eus.rubiconproject.com
6	ups.analytics.yahoo.com	www.correiodopovo.com.br googleads.g.doubleclick.net imprammp.taboola.com am-match.taboola.com 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com ads.pubmatic.com
6	am-trc-events.taboola.com	cdn.taboola.com www.correiodopovo.com.br
6	ajax.googleapis.com	webservices.webspectator.com s0.2mdn.net
6	pixel.rubiconproject.com	4 redirects www.correiodopovo.com.br eus.rubiconproject.com
6	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net 8019191.fls.doubleclick.net
6	ssl.gstatic.com	accounts.google.com www.correiodopovo.com.br
6	connect.facebook.net	www.correiodopovo.com.br connect.facebook.net plugins.soclminer.com.br
5	ade.googlesyndication.com
5	match.prod.bidr.io	5 redirects
5	plugins.soclminer.com.br	www.correiodopovo.com.br plugins.soclminer.com.br correiodopovo.soclminer.com.br
5	aax-eu.amazon-adsystem.com	3 redirects eus.rubiconproject.com ads.pubmatic.com
5	um.simpli.fi	4 redirects ads.pubmatic.com
5	acdn.adnxs.com	tags.denakop.com
5	images.taboola.com	www.correiodopovo.com.br
5	sync.srv.stackadapt.com	5 redirects ad.lkqd.net
5	csync.loopme.me	5 redirects
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	cpm.denakop.com	tags.denakop.com
5	www.facebook.com	www.correiodopovo.com.br connect.facebook.net
5	accounts.google.com	apis.google.com www.correiodopovo.com.br www.gstatic.com
5	wfpscripts.webspectator.com	www.correiodopovo.com.br webservices.webspectator.com
4	token.rubiconproject.com	4 redirects
4	vid.pubmatic.com	vpaid.pubmatic.com
4	eb2.3lift.com	4 redirects
4	sync.1rx.io	4 redirects
4	www.more-and-more.de	hal900012.redintelligence.net hal900013.redintelligence.net hal90003.redintelligence.net hal90006.redintelligence.net
4	vpaid.springserve.com	ad.lkqd.net
4	app.retargetly.com	api.retargetly.com
4	hal900014.redintelligence.net	1 redirects 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com hal900014.redintelligence.net
4	jnn-pa.googleapis.com	www.youtube.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	t.clarity.ms	www.clarity.ms
4	assets.r7.com	www.correiodopovo.com.br assets.r7.com
3	static.socialminer.com	1 redirects plugins.soclminer.com.br
3	vid-io-cle.springserve.com	www.correiodopovo.com.br
3	vid-io-sin.springserve.com	www.correiodopovo.com.br
3	s.ad.smaato.net	3 redirects
3	a.tribalfusion.com	1 redirects 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com ads.pubmatic.com
3	match.360yield.com	3 redirects
3	d5p.de17a.com	3 redirects
3	dsp.adfarm1.adition.com	3 redirects
3	sync.go.sonobi.com	0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
3	hal90003.redintelligence.net	hal9000.redintelligence.net hal90003.redintelligence.net
3	hal900013.redintelligence.net	hal9000.redintelligence.net hal900013.redintelligence.net
3	hal90006.redintelligence.net	hal9000.redintelligence.net hal90006.redintelligence.net
3	hal900012.redintelligence.net	hal9000.redintelligence.net hal900012.redintelligence.net
3	secure.adnxs.com	3 redirects
3	rtb-csync.smartadserver.com	1 redirects googleads.g.doubleclick.net
3	sync.search.spotxchange.com	2 redirects googleads.g.doubleclick.net
3	www.gstatic.com	accounts.google.com www.youtube.com www.gstatic.com
3	pixel.mathtag.com	www.correiodopovo.com.br api.retargetly.com
3	api.retargetly.com	1 redirects wfpscripts.webspectator.com api.retargetly.com
3	d.tailtarget.com	www.correiodopovo.com.br d.tailtarget.com
3	gum.criteo.com	cdn.taboola.com tags.denakop.com
3	region1.google-analytics.com	www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.correiodopovo.com.br
3	sb.scorecardresearch.com	wfpscripts.webspectator.com www.correiodopovo.com.br
2	pixel-eu.onaudience.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	c.clarity.ms	1 redirects
2	api.webgains.io	analytics.webgains.io
2	sync.crwdcntrl.net	1 redirects ads.pubmatic.com
2	dis.criteo.com	ads.pubmatic.com 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
2	sync.mathtag.com	1 redirects ads.pubmatic.com
2	pm.w55c.net	2 redirects
2	p.rfihub.com	2 redirects
2	sync-tm.everesttech.net	1 redirects ads.pubmatic.com
2	rtb.openx.net	0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
2	sync.targeting.unrulymedia.com	2 redirects
2	cms.quantserve.com	1 redirects 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
2	eus.rubiconproject.com	tags.denakop.com eus.rubiconproject.com
2	match.adsby.bidtheatre.com	2 redirects
2	cc.adingo.jp	0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
2	a.c.appier.net	2 redirects
2	ads.travelaudience.com	2 redirects
2	sync.smartadserver.com	2 redirects
2	pixel-sync.sitescout.com	api.retargetly.com ads.pubmatic.com
2	pixel.tapad.com	1 redirects api.retargetly.com
2	8019191.fls.doubleclick.net	1 redirects www.correiodopovo.com.br
2	cdn.retailads.net	1 redirects futalis.de
2	pv.medialead.de	hal900014.redintelligence.net 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
2	b.t.tailtarget.com	d.tailtarget.com
2	am-vid-events.taboola.com	www.correiodopovo.com.br
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	tt-9964-3.seg.t.tailtarget.com	www.correiodopovo.com.br d.tailtarget.com
2	us-u.openx.net	googleads.g.doubleclick.net
2	ad.doubleclick.net	1 redirects www.correiodopovo.com.br
2	trc.taboola.com	cdn.taboola.com
2	nr-events.taboola.com	c2.taboola.com www.correiodopovo.com.br
2	pool.admedo.com	2 redirects
2	pm-widget.taboola.com	cdn.taboola.com pm-widget.taboola.com
2	tags.t.tailtarget.com	www.correiodopovo.com.br
2	platform.twitter.com	www.correiodopovo.com.br platform.twitter.com
2	stg.truvidplayer.com	www.correiodopovo.com.br go.trvdp.com
2	webservices.webspectator.com	wfpscripts.webspectator.com webservices.webspectator.com
2	tag.navdmp.com	www.correiodopovo.com.br tag.navdmp.com
2	www.clarity.ms	www.correiodopovo.com.br www.clarity.ms
2	tagmanager.alright.network	www.correiodopovo.com.br tagmanager.alright.network
2	correiodopovo.com.br	2 redirects
1	correiodopovo.soclminer.com.br	plugins.soclminer.com.br
1	ads.playground.xyz	1 redirects
1	matching.truffle.bid	ads.pubmatic.com
1	green.erne.co	1 redirects
1	ad.mrtnsvr.com	1 redirects
1	core.iprom.net	ads.pubmatic.com
1	ipac.ctnsnet.com	ads.pubmatic.com
1	cm.adgrx.com	ads.pubmatic.com
1	api.soclminer.com.br	plugins.soclminer.com.br
1	vidoomy-d.openx.net	ad.lkqd.net
1	optimized-by.rubiconproject.com	ad.lkqd.net
1	vidanalytics.taboola.com	vidstat.taboola.com
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	ws.rqtrk.eu	1 redirects
1	mwzeom.zeotap.com	ads.pubmatic.com
1	bh.contextweb.com	1 redirects
1	c1.adform.net	ads.pubmatic.com
1	cdn.webspectator.com	wfpscripts.webspectator.com
1	c.bing.com	1 redirects
1	px.ads.linkedin.com	eus.rubiconproject.com
1	t.tailtarget.com	www.correiodopovo.com.br
1	ssbsync.smartadserver.com	0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
1	dclk-match.dotomi.com	0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
1	r.turn.com	0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
1	cm.t.tailtarget.com	www.correiodopovo.com.br
1	ssum-sec.casalemedia.com	1 redirects
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	rtb2-useast.e-volution.ai	0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
1	s.tribalfusion.com	0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
1	match.sharethrough.com	0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
1	tg.socdm.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	id5-sync.com	0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
1	sync.inmobi.com	1 redirects
1	vidstatb.taboola.com	www.correiodopovo.com.br
1	cdn.track.production.webgains.team	0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
1	analytics.webgains.io	track.webgains.com
1	retargetly-match.dotomi.com	api.retargetly.com
1	bcp.crwdcntrl.net	api.retargetly.com
1	tags.bluekai.com	api.retargetly.com
1	cm.mgid.com	api.retargetly.com
1	medialead.de	1 redirects
1	track.webgains.com	www.correiodopovo.com.br
1	futalis.de	hal900014.redintelligence.net
1	adv.office-partner.de	hal900014.redintelligence.net
1	tagm.tchibo.de	www.correiodopovo.com.br
1	imprammp.taboola.com	vidstat.taboola.com
1	barra.r7.com	www.correiodopovo.com.br
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	cms.analytics.yahoo.com	1 redirects
1	sync2.navdmp.com	www.correiodopovo.com.br
1	cdn.navdmp.com	tag.navdmp.com
1	cms-media-api.r7.com	assets.r7.com
1	msgws.webspectator.com	wfpscripts.webspectator.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	usr.navdmp.com	tag.navdmp.com
1	pixel.quantserve.com	www.correiodopovo.com.br
1	go.trvdp.com	stg.truvidplayer.com
1	digital2.correiodopovo.com.br	portal.correiodopovo.com.br
1	a.vidoomy.com	www.correiodopovo.com.br
1	syndication.twitter.com	platform.twitter.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	rules.quantcount.com	secure.quantserve.com
1	cdn.jsdelivr.net	tagmanager.alright.network
1	receiver.posclick.dinamize.com	www.googletagmanager.com
1	paywall.correiodopovo.com.br	www.correiodopovo.com.br
1	c2.taboola.com	www.correiodopovo.com.br
1	secure.quantserve.com	wfpscripts.webspectator.com
1	www.instagram.com	www.correiodopovo.com.br
1	platform.instagram.com	1 redirects
1	a.teads.tv	www.correiodopovo.com.br
1	tags.cmp.tail.digital	www.correiodopovo.com.br
1	ads.vidoomy.com	www.correiodopovo.com.br
0	cm-supply-web.gammaplatform.com Failed	ads.pubmatic.com
0	loada.exelator.com Failed	ads.pubmatic.com
0	a.audrte.com Failed	ads.pubmatic.com
0	cs.chocolateplatform.com Failed	0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
0	fksnk.com Failed	0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
1293	227

This site contains links to these domains. Also see Links.

Domain
lp.correiodopovo.com.br
portal.correiodopovo.com.br
digital.correiodopovo.com.br
leitor.correiodopovo.com.br
ejcj.cpovo.net
outlook.office.com
minhaconta.correiodopovo.com.br
guaiba.com.br
www.recordtvrs.com.br
www.r7.com
www.linkedin.com
www.instagram.com
www.facebook.com
www.youtube.com
twitter.com
www.enpal.de
www.mdm.de
breariancounstone.com
popup.taboola.com

Subject Issuer	Validity	Valid
*.correiodopovo.com.br Go Daddy Secure Certificate Authority - G2	`2022-06-24` - `2023-07-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.r7.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-05` - `2023-11-08`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
*.cmp.tail.digital AlphaSSL CA - SHA256 - G4	`2023-02-24` - `2024-03-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
*.alright.network Amazon RSA 2048 M01	`2023-05-28` - `2024-06-25`	a year	crt.sh
*.webspectator.com Go Daddy Secure Certificate Authority - G2	`2023-06-12` - `2024-07-11`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
denakop.com Cloudflare Inc ECC CA-3	`2023-02-17` - `2024-02-16`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-04` - `2024-05-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-31` - `2023-06-29`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.truvidplayer.com Amazon RSA 2048 M02	`2023-01-22` - `2024-02-20`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-10` - `2023-07-10`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
receiver.posclick.dinamize.com R3	`2023-05-03` - `2023-08-01`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
ad.lkqd.net R3	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-16` - `2024-04-16`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.trvdp.com Amazon RSA 2048 M01	`2023-02-22` - `2023-09-23`	7 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.lkqd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-27` - `2023-07-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.retargetly.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-30` - `2023-12-23`	a year	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
redintelligence.net R3	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
tagm.tchibo.de GeoTrust RSA CA 2018	`2022-10-12` - `2023-10-12`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
pv.medialead.de R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
adv.office-partner.de R3	`2023-05-01` - `2023-07-30`	3 months	crt.sh
*.futalis.de R3	`2023-06-16` - `2023-09-14`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.springserve.com Amazon RSA 2048 M02	`2023-03-01` - `2024-03-29`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G2	`2023-05-18` - `2024-05-17`	a year	crt.sh
*.more-and-more.de Sectigo RSA Domain Validation Secure Server CA	`2023-01-26` - `2024-02-26`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
*.adingo.jp Amazon RSA 2048 M01	`2023-02-13` - `2023-11-11`	9 months	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.e-volution.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-29` - `2023-10-30`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-30` - `2024-04-29`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-01-27` - `2024-01-27`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
soclminer.com.br GTS CA 1P5	`2023-05-25` - `2023-08-23`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-09` - `2024-02-09`	a year	crt.sh
*.soclminer.com.br AlphaSSL CA - SHA256 - G2	`2022-10-14` - `2023-11-15`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-07` - `2023-12-09`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-03` - `2024-03-31`	a year	crt.sh
*.ctnsnet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-04` - `2023-11-06`	10 months	crt.sh
*.iprom.net R3	`2023-05-23` - `2023-08-21`	3 months	crt.sh
socialminer.com GTS CA 1P5	`2023-05-25` - `2023-08-23`	3 months	crt.sh
truffle.bid R3	`2023-05-24` - `2023-08-22`	3 months	crt.sh

This page contains 148 frames:

Primary Page: https://www.correiodopovo.com.br/
Frame ID: 254B24E4DE12C9EC22B965A8F0FBCC20
Requests: 487 HTTP requests in this frame

Frame: https://portal.correiodopovo.com.br/includes/input/capajornal.aspx
Frame ID: AEA714C4AAE25691D31F4ED1610860C5
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.v28TTIwVaSQ.O%2Fd%3D1%2Frs%3DAHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw%2Fm%3D__features__
Frame ID: 86446EBA2C8A6BCC6E2FB7CB5E4310DA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230615/r20190131/zrt_lookup.html
Frame ID: 65142CC072FA0EB0F0582F09E8BE9109
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.v28TTIwVaSQ.O%2Fd%3D1%2Frs%3DAHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw%2Fm%3D__features__
Frame ID: D402EBF1560F90ABBF724F2951C4C395
Requests: 5 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.correiodopovo.com.br
Frame ID: 5A4415769841DCCD27BBEBFC33E21650
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488053582622085&output=html&adk=1812271804&adf=3025194257&lmt=1687367020&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2%2C6%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A144%2C4%3A128%2C8%3A128%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_r&format=0x0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687367020038&bpp=5&bdt=663&idt=363&shv=r20230615&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&nras=1&correlator=836355340348&frm=20&pv=2&ga_vid=246229871.1687367020&ga_sid=1687367020&ga_hid=792804722&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C31075054%2C31075473%2C44788442%2C44794790%2C44789818&oid=2&pvsid=227302566722832&tmod=501397093&uas=0&nvt=1&fsapi=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=393
Frame ID: 132431966AC76C3946ADC430B7D98F11
Requests: 1 HTTP requests in this frame

Frame: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BDC174770D227342797C76F30928EED6
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 4601F80CA932272E2D25FC33A66A5215
Requests: 4 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 3A3FEFA645C5FBA6A685B30BE306393B
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBrL69BWwSS0w0ZIXWL9alG0uEA98vVDzdfrq8sptye_fXtYQAGTGxLx9WsWrQqNmDT8BQ5whdnVyTwizPCQT_Oiv4yqawcd19PiOOjWAsA4lHFr1uK-4JkQTJ9m1YWDesB4QDNqzbny1l_Rajgw0hAQZKC-BMB8eM1aIHqw1BTryL9CMG_FEm0WyVuJDka3rVAeTfVKK9Dc4DfNNmwDa2_AJbXQ4KO3z6PYyLcE4wUQdw4RKaEGTpg2UQQzNEkOXHMLusoJb1qL7xNnkvN2jtqNwpI2rOMMJddTjfmz10GmGTc2hsXJY3j7rvPAkYS9sZzeqs5Si5bDP8YA&sai=AMfl-YRv_gXENshHrohhMMBeZvX8vqv7BVt2ligpUWgdyaKJuUOZIcxa9RjbMnC9pjgrQq1aTiloYNexo1E7rrWydEDm9PDeibbKHpC0Qohs0cM&sig=Cg0ArKJSzDiLTamO38KSEAE&uach_m=[UACH]&adurl=
Frame ID: 860108193A8BCDD825FD650FF3AB263C
Requests: 7 HTTP requests in this frame

Frame: https://www.youtube.com/embed/q-mqyVPJxlA?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Frame ID: 05B0CCEBAA1607C719AB4C32317D76F0
Requests: 21 HTTP requests in this frame

Frame: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CEAF9AA3ADA4952C18F61B3D6DD8D1CD
Requests: 20 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 1B5DF24336D6898625140E8D2BDD879B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNW1WKZsZQNvFcnTKGF_juNMtW707K66KJwjhw_UezI6XzUmHwnCDmAkxWjJbDFnchr-SJ-VQmIEtItM2C_Yla4pk2u3Wxe07Yb2X-n0IV_g_w_5dEfGfY0M-u1ccxn7s740eJRtjknVX8Rgxh5jDJI833rcd4-x0zSccr_dS-BgiNflS6I
Frame ID: 23D43D5804543FBD5D14C8896312D06E
Requests: 5 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 9A89C4A7B0E0D74EFCC890DC7E7A7F6A
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 76BCC74CE5D347FBA7609E41AE915252
Requests: 6 HTTP requests in this frame

Frame: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 864CB639630802907152DBFB424D6B5C
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305252018000/amp4ads-v0.mjs
Frame ID: 5634329E9DEE802A43CCEB3A20040F79
Requests: 15 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: C1C53D9102E29B16E996B834E3192F9E
Requests: 4 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 55BB5D4EF8AFBDB40057B0D33ADF8CE3
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: A39C4557CEA35290A5279A838B727A49
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: DACBFBE67D7D00A2FC940E6F65D9FDEA
Requests: 3 HTTP requests in this frame

Frame: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D449BC8A7F572FBFE1BD5C4306C83D12
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYw9PDmAEwAQ&v=APEucNWMzdRRqcm1RI-XrvEpq6cwzJqrwhOd-MTgZMpEsOA3tBugSCtNxfaU2KlA57PjVWFTa1W_swLjq5JRiWmIuZL6I22Zs2IJ4fKn5g09JTfUXXbAlA575a2uWFWKUWSKJS7AHRj1cOLLa_FlaQQfDch3lfG9cI9hyLcAZQnmtj9-p5fAMLw
Frame ID: 7A1BF40D652F7EE6EC8196BEA0E18B1E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNWiHXq6dMXf10ofspJyX5YcngtUMLymqX8WyUVcO5rq1mNCpp_9mQL5T4V-tLwxgF6ciqA7LQut3-qqOmu-x8vdUbW2YMmssdyXdYvpE-OwKsLXrUbhy8hN2zUJbOb67ib7vHGdXgQ-hXDv_dB08fkZFgx20KxxgfiNaygjufh2dNgnoxk
Frame ID: 8469956AA2A3B937AD1C719E0A83A23E
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwviimws6y95H79MmvdVl2lGj4XUvJElVaZLWAbMmadFUMmz7PLRAapoDdMXwSDm8F616cc_M_rcWY6PAqiocF8oyB6rnSWvOtHGGPjk5fd8Msbvaa30RM4Sw2LCldjMWbBU9TvS6VJOzt53hCbWHe6Yqm7hu712WAdFE4FtOeCA2k34Jh7QCTpvwpzH6E7UrkYW218XRhL3PSqye27Ogw_WRzmCznXW0Km4GIl6fsxvEKF9yGicnz_xB_ZTl73xGxaKM5eAPA2lg9qrA4mpHg1Zj-bf4QSycFeyYeTaykDUXmJGaR9YNFNFPSoCD2sS8BqZPpiau6eM7cdwJ8CqE&sai=AMfl-YTdjB4PaJKC4aIEmn_AOCzCCOaEryM84qBEY4MgJOCKjSa9Y-P4UgqMPuwPv6k60dG98gYLf0SRJgMWoGDI3JLBNWWrUQ9xGvG0xiDR7HNWJKdzZCXuH1mRohsU1g&sig=Cg0ArKJSzFhSy7AXdAl7EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 65AEED6CDC43317F8647BE7DF588B7DD
Requests: 1 HTTP requests in this frame

Frame: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8F72FB199C3718BBE6D70FE1DE3C33AE
Requests: 17 HTTP requests in this frame

Frame: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1ABD8DAB08CD882412CDF566C2F0FAF0
Requests: 17 HTTP requests in this frame

Frame: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C65C67ECD931981335F1138076227AED
Requests: 18 HTTP requests in this frame

Frame: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5AEE7F4ECDA10056207F54095AC56018
Requests: 18 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: BAF1D824FF7F024FD9E3259079ECA0B8
Requests: 6 HTTP requests in this frame

Frame: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2EA999CE8D15A72BF7B055A17177F85E
Requests: 20 HTTP requests in this frame

Frame: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6B9EE88D70B35B6826B2ED7BB5B92458
Requests: 19 HTTP requests in this frame

Frame: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C4B6CE03194FCB53FD0B92B77E6CB8A2
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNXA_D9gQAyc6pI8JEufH-B2aGZehIAUhptSi5q_uFpORkXCZERL_ja4tvqtbL_iKBwrq8qKff7704Q6qXnNozMnkQQl6KtB3FfWFr5p1yRynMj8ibIBvds2fG8QF9rRICwopIYE2qlvfhaniD2W8EqUcvbl2l_meNuEfxFBltB8QW1freU
Frame ID: C35C97E5FAB7FFA2FB1811A1419F8F3F
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNW5X7pexvBIUFOw7xg8NMbUeyhnaKhXEk77k0_bFJgL02-JQt6I6yHeACtZZr-IvAOO0TdlHrA1FIWlK6f_OeANWvpE0YQSx-CxhmgygT-r-Fo83c3OgGFLXPKf4CUr7FhxrnHsu1LkEoCWuoroV3wyym2cKxMSUm1HcMSJYS_uwmDimK0
Frame ID: D713B982CD8D847B81E3E3AB063C5D61
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNW2LA-vYDIcBwdjZbYvu04aNdf5wQfP-VZF8RAQYbFHf-c-DmCbXS3lFBEw9hIhZKVw9eQ5DcJqPdbLi3SH6DKX16TQLYWnGadRlCHfiiix98-N0d2iOlp0YRj1suzvzsMA0Xsle0-O_BRQG8sO0ioC3R-3SQx4-9r2WXuaYCATRO4Xe6Q
Frame ID: 005A0484442D92BC0AECD6E012A1EEEC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNXY3foyET_O2uvG3clqs76Th8O34pN7AIOFEpQEgE1oRpg_C17YkusuzRJnKeXydZYpR9B8AFGf-fOmn3UeBOgu_vUPNX-BiAmilVT1nYAfotqNMmce6O7Fy_eouUDAx9p8B5WMS5DyC1rLC4v3d6NXNwo3GMR42yujtuTVnA3f5a662hk
Frame ID: CF054146E9248A1894073292C658FB40
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 540007BA8425053AC210CF580299811E
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8922A6713CBBA6411D219FE81AA869BD
Requests: 3 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8vj0CLAa0TgBLA97b2RNonQCWBry3sy8AAABgYGDnAMk4Jg7HaDlbKwcjh1s0XM3Wwt3G4la5Zi7bYrdwjIzDISAZx8ThGC1na-Vg5HCLhqvZWrjbWNwq18xlW-wWjpFxOAUOU3aaXJaDWiBrmlx-NwhB0-nwue71ut_vrvFbLi-n3-Q3_G1_u8bvtkssfzkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIoDw7nu1pfd6HB9XnZ_AAAAAAABAAAAQAKAIH69BMBIZ9eJ__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIgm5tTKw5Rw6Rgt0ijAAAAACU6OjgH5mkE1Qsqvz___dbAbgCABCA6J0OZ59Fd1DiLQwAAADAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCRGZmaYJYAADU_AICAKz5BQQAYDNuAADeCMAJOgStGAxWByEWu9lgsVnMDgAAAMCd____fz0g41ytJrbBxrJyDGcm53Kw8qx2y5HJY5stNrvNYHtM_8uqs0WdRfs4TNlpclkOaoGsaXL57WfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVogCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5fJuRceRwCxeW2Vq0mwzWyuVo5tYNV5PZbOPwuIaDtej1MV2MG4tl5fEiwQCRvUieFulENXE4XIPRyLTcmDyzlWthGSxmw4lt45wYFxPHbiKWaE4W6UR22Xecq9XENthYVo7hzORcDlae1W45Mnlss8VmtxnsWw7fZmQcOdzChWW2Fu0mg7VyOZq5dcPVZDbbODyu4WAten1MF-PGYll5_I3ZcLeZ7QaTwb4xG-42s91gMth3mEzP1OdsVF92Io9MNxpuLjub06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7n8iu-LbbV9e9ZOYgNBkUsEVykE43fcnk5_Sa_4W_7W8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf8Rw-zmquFcNZxLRsNVAgAAAAAAAACwBNNMNwEAAABwMpjJaLBbrdOBbDajwWi1XAAR8c26fqjFt1h_tFN2wWZjQOtx6WYVa-yxhvFbLi-n3-Q3_G1_KwOQ4KtnttlnBLFWq2UNAABAABsAAEAAN914ExBmxf3___-PAwAAICOHHgAAwM4-oKuZmZmZmZl_ACrEWq1WtxtrtVo!&cmcv=&pix=undefined&cb=1687367022530&uv=3288&tms=1687367022530&abt=206725b_vA!nonrv_vA!srcol_vA!srcol_vA&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=c1ba1496-90da-4856-87cb-e5fe617a1d88&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 57177C9099A2A44F712CF634071BB9F7
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8vj0CLAa0TgBLA97b2RNonQCWBry3sy8AAABgYGDnAMk4Jg7HaDlbKwcjh1s0XM3Wwt3G4la5Zi7bYrdwjIzDISAZx8ThGC1na-Vg5HCLhqvZWrjbWNwq18xlW-wWjpFxOAUOU3aaXJaDWiBrmlx-NwhB0-nwue71ut_vrvFbLi-n3-Q3_G1_u8bvtkssfzkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIoDw7nu1pfd6HB9XnZ_AAAAAAABAAAAQAKAIH69BMBIZ9eJ__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIgm5tTKw5Rw6Rgt0ijAAAAACU6OjgH5mkE1Qsqvz___dbAbgCABCA6J0OZ59Fd1DiLQwAAADAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCRGZmaYJYAADU_AICAKz5BQQAYDNuAADeCMAJOgStGAxWByEWu9lgsVnMDgAAAMCd____fz0g41ytJrbBxrJyDGcm53Kw8qx2y5HJY5stNrvNYHtM_8uqs0WdRfs4TNlpclkOaoGsaXL57WfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVogCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5fJuRceRwCxeW2Vq0mwzWyuVo5tYNV5PZbOPwuIaDtej1MV2MG4tl5fEiwQCRvUieFulENXE4XIPRyLTcmDyzlWthGSxmw4lt45wYFxPHbiKWaE4W6UR22Xecq9XENthYVo7hzORcDlae1W45Mnlss8VmtxnsWw7fZmQcOdzChWW2Fu0mg7VyOZq5dcPVZDbbODyu4WAten1MF-PGYll5_I3ZcLeZ7QaTwb4xG-42s91gMth3mEzP1OdsVF92Io9MNxpuLjub06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7n8iu-LbbV9e9ZOYgNBkUsEVykE43fcnk5_Sa_4W_7W8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf8Rw-zmquFcNZxLRsNVAgAAAAAAAACwBNNMNwEAAABwMpjJaLBbrdOBbDajwWi1XAAR8c26fqjFt1h_tFN2wWZjQOtx6WYVa-yxhvFbLi-n3-Q3_G1_KwOQ4KtnttlnBLFWq2UNAABAABsAAEAAN914ExBmxf3___-PAwAAICOHHgAAwM4-oKuZmZmZmZl_ACrEWq1WtxtrtVo!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: ED14BC5AA3F90A1E9D6768A65439726A
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsto3n9feTRs6TWN4MJvoaFyxW54ieRYSfF2nMqMXfT1qMdWWr1WlVAlJig7OkmGjR2WbZE02eHNAeC5crE9h6K2MqVNuQE-5p9AUQgX1k8af6QGhp3d_RIy0lCPNLUpFAAUHCKxYNsEUl6ThxxXDAS4rEElrF23k4ocBbR4ghCm5cguUg9nZxKBl-ZgQth8X4r7oGFE15107q1tgScJqmuvvqd4PMx6WzBli3x4L7BPmz9tCWa7ooxTUpWpCzsxajp63buU47xHABQGoma4IzWkC2yBkLb2MHY0fzKtC7YnJQyXB1DyJy2UF81sJvrisk4k-xgMyg&sai=AMfl-YRhJwxGI2TeKeMBhf_Wk1zXfb14jM5IQ7cx34XMwlM6Uk6UKofTCj3vgQ0dY_h5ggus1EsBbujsPaEYk98nstwOX6gNBIaBkxkgKDNcGN1HadVt2lujuifpSvwzNQ&sig=Cg0ArKJSzM2tNwFQreK1EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 9B8547FD7E3ECAF52D20479D9A02377A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNWub_Fl1tWKqxUFgAFyy5_iHS5fRZJpC9ngvO7RcGyUfR_7oYQmrxSxzkoHHPOsOFGU-fDAbR-cVTKQz7E-ZJ4T7eIduaF13w4Hn8IEIQkTLpkAv5pUcsSNmmf7arxdKCz0a5fPVA_knS_TOhEZt4Kt2aXGBc2VFsS5Fwv1uSF5uT_ATNuIxs05VXS45u5pdODD5zz9x6Sb6HA2Ls-N9KYstBBBxA
Frame ID: B01EF2DF9BDBEC171FD1AF884E88410C
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNW1djo7qBWqGf21_7hyL8cD_gAR7rH5h_E1tXiCUDiU6SskqyaIs6UhdwPmmVz0ovsQVl9HkyGnLijurf73LroFG62sG2uatAbMx1_69enARnmRXRn6qEyG7TS8bxhwJkp9Qxd_Wvw9SEHj5aQ3iwQ6Fwf78fFPBR5YFtPZ0knbmW1aAZwIO-rWDNVYHWTiZp3ANkv4vRC2LrM51t8-NWNxGvZseg
Frame ID: 73CE4E779795B6AD6D3F9F3F2E5735F6
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNWYmgpO-bnZEK-7ApZZO0nCH0_q56W2yuWuvQSx689e9GaJtLW11Gu8r7KcKuh31EqDhHOW2lAcuyy5-BmFvUFmtuZfu1WJhL8GQMVPs4Uso_rBYPu0rsoFSJ080e4CeVy4An4fW9XjrDo_8xI_0ivo1nncAlBe7T2J0Q-HAQ3HsEoMpBBZwyY0aBRoUYsjSxJUOsGnmQNB3uFi1C5viwgxqlA4iQ
Frame ID: F6C3C0BFAC75CA53083DC00EA613FD6E
Requests: 3 HTTP requests in this frame

Frame: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Correio%20do%20Povo&md=&mk=&il=0&limit_drop=&userid=a3d22294-814c-48bd-a8b0-b47a487952db&idx=&fullVersionList=&platform=&_rlid=a3d22294-814c-48bd-a8b0-b47a487952db
Frame ID: B6F1772693990684FC40AAA65E1FD6EA
Requests: 15 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.v28TTIwVaSQ.O%2Fd%3D1%2Frs%3DAHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw%2Fm%3D__features__
Frame ID: DD83CC4A69A062CD0AD968516071E4D1
Requests: 4 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=14047100088712104444978012362014&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 51650611A41C72EAEDDC98EF1A4233A7
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: BC45C232AD839D43A5C4B98A5BA3E128
Requests: 2 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2806776007
Frame ID: F6F484D692D3477F87E5C7AE11F520C8
Requests: 2 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJCkl4Ds1P8CFckOogMdcNICPw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6030716497474.007
Frame ID: AA906F1F0970708C4F66A2A320F0947A
Requests: 2 HTTP requests in this frame

Frame: https://hal900014.redintelligence.net/request_content.php?s=14047100088712104444978012362014&a=915b2bc3
Frame ID: 773C474C6799E40C2012503FD0150F5B
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7574746098446268149/index.html?ev=01_250
Frame ID: 7D5DA84367315283185135308A87B42D
Requests: 17 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_3bc8d9fc.js
Frame ID: BA5BCD786B4D5FD304F1D87F5D74E5FB
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=93KdxgAicU&t=1&renderingType=2&ev=01_250
Frame ID: 6003FA7A598CA22EC3A8B15B81F57B9D
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 53F8768DD344CDC6BC354F021933C99F
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8vj0CLAa0TgBLA97b2RNonQCWBry3sy8AAABgYGDnAMk4Jg7HaDlbKwcjh1s0XM3Wwt3G4la5Zi7bYrdwjIzDISAZx8ThGC1na-Vg5HCLhqvZWrjbWNwq18xlW-wWjpFxOAUOU3aaXJaDWiBrmlx-NwhB0-nwue71ut_vrvFbLi-n3-Q3_G1_u8bvtkssfzkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIoDw7nu1pfd6HB9XnZ_AAAAAAABAAAAQAKAIH69BMBIZ9eJ__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIgm5tTKw5Rw6Rgt0ijAAAAACU6OjgH5mkE1Qsqvz___dbAbgCABCA6J0OZ59Fd1DiLQwAAADAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCRGZmaYJYAADU_AICAKz5BQQAYDNuAADeCMAJOgStGAxWByEWu9lgsVnMDgAAAMCd____fz0g41ytJrbBxrJyDGcm53Kw8qx2y5HJY5stNrvNYHtM_8uqs0WdRfs4TNlpclkOaoGsaXL57WfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVogCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5fJuRceRwCxeW2Vq0mwzWyuVo5tYNV5PZbOPwuIaDtej1MV2MG4tl5fEiwQCRvUieFulENXE4XIPRyLTcmDyzlWthGSxmw4lt45wYFxPHbiKWaE4W6UR22Xecq9XENthYVo7hzORcDlae1W45Mnlss8VmtxnsWw7fZmQcOdzChWW2Fu0mg7VyOZq5dcPVZDbbODyu4WAten1MF-PGYll5_I3ZcLeZ7QaTwb4xG-42s91gMth3mEzP1OdsVF92Io9MNxpuLjub06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7n8iu-LbbV9e9ZOYgNBkUsEVykE43fcnk5_Sa_4W_7W8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf8Rw-zmquFcNZxLRsNVAgAAAAAAAACwBNNMNwEAAABwMpjJaLBbrdOBbDajwWi1XAAR8c26fqjFt1h_tFN2wWZjQOtx6WYVa-yxhvFbLi-n3-Q3_G1_KwOQ4KtnttlnBLFWq2UNAABAABsAAEAAN914ExBmxf3___-PAwAAICOHHgAAwM4-oKuZmZmZmZl_ACrEWq1WtxtrtVo!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: F5B3E0C57138C5D5FA51234152803966
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 99C332396681EB88BBF01FDB492D7004
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 16665E7442874D201EF4EC87E1CBC3D5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5886D5E5D7A86E110F8A8DA17FE48A9F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4DF5CA7604A4F4A454A1564CDE839596
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C28025BF07E2AF18CDD0AF035941C2D0
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1703FEE2E2916C02293B260A84EB03BE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9429771FBD0D2EBD32344D615471E86B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7A8E9864FB3D8E9F2D83F7969ACABD61
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=y1rcCyjlwO&t=1&renderingType=2&ev=01_250
Frame ID: 58A2DDAFD54252A351B972CE4CB17ED9
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=QO2mJ3msF6&t=1&renderingType=2&ev=01_250
Frame ID: A6A273664C8CBCE830A0859487F99DBE
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=98lqtTCVOC&t=1&renderingType=2&ev=01_250
Frame ID: 56327021587EB2425E7830BBFC7E58F7
Requests: 14 HTTP requests in this frame

Frame: https://www.more-and-more.de/alvine/tools/track/ht.html?sxx_partner=zanox_de
Frame ID: EE89CBC9B4491B372D220641B28DA11C
Requests: 1 HTTP requests in this frame

Frame: https://hal900012.redintelligence.net/request_content.php?s=83788000101226904444994012362012&a=f017dcc3
Frame ID: 5097985C837FB814724C5BB378679156
Requests: 8 HTTP requests in this frame

Frame: https://www.more-and-more.de/alvine/tools/track/ht.html?sxx_partner=zanox_de
Frame ID: 5DA1B73544A8F92E5E6A1E2FBA1FDFD0
Requests: 1 HTTP requests in this frame

Frame: https://hal900013.redintelligence.net/request_content.php?s=53618800118183104444994012362013&a=73b206d3
Frame ID: 39BBB24A1478339A2EC9112258542121
Requests: 8 HTTP requests in this frame

Frame: https://www.more-and-more.de/alvine/tools/track/ht.html?sxx_partner=zanox_de
Frame ID: 3BEA2D054B8790C38B582CA595838378
Requests: 1 HTTP requests in this frame

Frame: https://hal90003.redintelligence.net/request_content.php?s=36092100092016204444994012362003&a=b2329615
Frame ID: 57604A08ACC78E3F021A07CF678553FE
Requests: 8 HTTP requests in this frame

Frame: https://www.more-and-more.de/alvine/tools/track/ht.html?sxx_partner=zanox_de
Frame ID: 88E409C9B0779138D91B8D8BBB0249B8
Requests: 1 HTTP requests in this frame

Frame: https://hal90006.redintelligence.net/request_content.php?s=12995600088354504444994012362006&a=e4ab59f1
Frame ID: 16CD2CDABF2FBEC1ED62CD1428BCEE36
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367022781,,
Frame ID: CE5136FCDA80C5311D5381D24806A9C3
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E08E3DD73E76BF2B93B28937B00A0AC0
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E17FEB8722BBE902B12B34F593567BB3
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3543C09D4D7F859D3E46CB45556415EC
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4FA4669E2E8D9DF5E7C80D7A0511C3B2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B8643E548458AA0FA55880F6F9D741B5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 505207B472666E75DB10C607D4DD62B1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B6465D52D37878DDEA3D9E7E12145898
Requests: 3 HTTP requests in this frame

Frame: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A9D78D3022935126CAEAA2844C1CF6E5
Requests: 21 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B42064EE5451E177FC6204581F4E8FE3
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 808B5AC9247D56DC3CA9C76941CB08E1
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AFB4ABE5F9EEB32DC88B9EA9AEA4FD80
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 298DF3DBEE494067EF8991B1964E48E1
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5FAC3ED8A62FC74278887E7F5B33F586
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 63498881F72FF8870F574DE33CEF88BA
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F91A5BC8727B3430CA1D99AEB8EAD5C4
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNWUwx-BUGpAsBqVjQNJ8XIXVB00kgh0F-CKypWbxduioiQbgQMU_LePZZ-0qekCWNkmH6xuTLWOFJJ-MVlzbheZnYaR4ESKOrsWf7ZX6PhQr8q1UInxIV6Z6p2AIpgjRzjnY7wL53xEULPxc_RljuVl2mLGvptk2G0TmcLOSvFI3A2k4mQ6EL5c628BAT9gjlnrcOHs-EjFGtRHp5FAfvlHr9BLjQ
Frame ID: 0BE2B242990A628C9B8AE5A37BA54042
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Frame ID: 4FAF36C0C46AD8EAB9B75AEE37EDD6AC
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 7D2A64BDEFB025E79529F3B3551506FC
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6984261806563861649
Frame ID: A9CACF409C59EC9FEA958ED18AC2845C
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 009D692D1F2A03EA2641BF1730609768
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559728343166208
Frame ID: 2EF0CC95967F01ED64C6D0278A1CA174
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CA57F6AE-0E19-4326-BAA9-8F1794321670&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 56BB97CAE33BC03152791EF708167B63
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0A4A93FCCD2444CC2126F1D4889D94C8
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=05DiAdvTqZ&t=1&renderingType=2&ev=01_250
Frame ID: D278C483C62BCAE4A4A40E2F1030E261
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Frame ID: 5486815564895934B804A883A0E6AE51
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Frame ID: 16A124DB0D8029AED3A23FCD266293FE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CBC073EAF5B359262F00E2FD3827235E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Frame ID: 0239FBBC140521BA5A74C05C0056C258
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_3bc8d9fc.js
Frame ID: 4249E1B878214BD334CCDC4308FCB47C
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367022778,,
Frame ID: 404ECEA9800368695B0987E79C0C8571
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Frame ID: AFBD1250D168BFDB7A7744DEBF30A5E9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C5D4FB5E4FEAD84FF40ADDA91C96328A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F69CE5367DD88ADA417E3B0D77F22957
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 153B0A40855794838846DD86C9D1DD6E
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=CA57F6AE-0E19-4326-BAA9-8F1794321670&gdpr=0&gdpr_consent=
Frame ID: 5DA7032D90DC6E2AB067550914F068F8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3W1ZENk9VkDGYAUR2zpNFNpoARbGPFBF0jyffEEa
Frame ID: BAD808CBCDF76F0F8F47C40D17E93F3B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5589260742170955798&gdpr=0&gdpr_consent=
Frame ID: 32706D138F53E5FF714787B874135A44
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7247186184439789714&gdpr=0&gdpr_consent=
Frame ID: 9235A02A55C4097D82F3476CE4881D6C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAA-TU7JJlsAAB_GEcVJ2w&gdpr=0&gdpr_consent=
Frame ID: 05A4E14E3DF45C075A0165D4986763A3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TW1pEDX9XsNcY8UojiLEdCU6Ovg&gdpr=0&gdpr_consent=
Frame ID: B932774E0F7D93E71A860A9D2AF74FF4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 4BBB96362F06F69D800C1920EDD9A6F9
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: B17DB78809F7563BF982051244F4C670
Requests: 7 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: C2C6F2C6AB4D5E36BE6A3FB2A00D0C85
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 1FAFB06A0F06B88D37AB8161B15EE6F8
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: B44CB8F386E882FF36B2A730671889D5
Requests: 6 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_3bc8d9fc.js
Frame ID: F9EAAF6667D545F962FA707C2890028A
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367029424,,
Frame ID: EBC289932216686C7DFE15E38A3BF2E0
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: AB0B624DAB9AF921B365E05C61087DBC
Requests: 4 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 568C8FAF085ADFC8528DF15083C9AFFE
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: A033B980FD284F8D28EF1AE14A307D84
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 13431957BB850E49E5578851DBA9B08F
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: BF26F0E1A7CA3A2C67F8E7B0F3C9DCE7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 0ED180E2C3CEC02FFF9387531A10872B
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: D0DDBB096CC16ADFF4A6A03127E8594A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=CA57F6AE-0E19-4326-BAA9-8F1794321670&gdpr=0&gdpr_consent=
Frame ID: A721098A5BCF4A0A5766C93B5D8C85DC
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: BAC5E68B40C94588EF6C31C05D0C265A
Requests: 1 HTTP requests in this frame

Frame: https://plugins.soclminer.com.br/v3/sdk/tracking/html/view.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&gaEnabled=true&pushNativeEnabled=false&smuid=undefined&v=106&clientId=0cac0779-95ad-4b69-a475-24b14fa669b1&sessionHash=d9c1230c50c5a1920088fb5b1943c767f3c4d574
Frame ID: 5D4C5AA2E11BB5B044D7C1F0F3F04061
Requests: 6 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_3bc8d9fc.js
Frame ID: 17BDC010881670404DDF34B42ED1300A
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367029424,,
Frame ID: D2C06ADF841C89A2EC7525544F183F64
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F28F9F1A60539CCDE5377DC0874D2260
Requests: 3 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhQQnWYnhWYVSSgRQ&gdpr=0&gdpr_consent=
Frame ID: 4CFEF793809982876AA0F6299D7EED2D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ec8a09f1-09fe-47dc-8deb-60a9efac3cb2-003
Frame ID: EE1674B17187E5D33D12AEFC372E9AAE
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: A8B1DBE1A871ECC6D3FF0705AA7DBB0F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D591207245924888BE3C3131620A3141&gdpr=0&gdpr_consent=
Frame ID: 01FB548D11D02E07519795BA7A1988B1
Requests: 1 HTTP requests in this frame

Frame: https://correiodopovo.soclminer.com.br/00000000000000000000000000000000/index.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&name=Correio%20do%20Povo&pluginId=00000000000000000000000000000000&version=0&dns=correiodopovo&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&hasOptIn=false&isMobile=false&gaEnabled=true&googleApp=2
Frame ID: 11D5BEBF4736260A8437424D8FEF9DD8
Requests: 2 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: CA1089EBC5543C3440BC873553D0973D
Requests: 7 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: D83180E878A88B2115347BFCE735D36E
Requests: 7 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: E944A43176132C4D06B19EEB24F1F2CF
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 0BAE90A4ED53F9CEFC27DF62DF7CE609
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Correio do Povo

Page URL History Show full URLs

http://correiodopovo.com.br/ HTTP 301
https://correiodopovo.com.br// HTTP 302
https://www.correiodopovo.com.br/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

RightJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

right\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

1293
Requests

90 %
HTTPS

30 %
IPv6

121
Domains

227
Subdomains

154
IPs

16
Countries

16362 kB
Transfer

38672 kB
Size

180
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://lp.correiodopovo.com.br/assine
Title: Assine

Search URL Search Domain Scan URL

URL: https://portal.correiodopovo.com.br/Faleconosco/?FC=CONOSCO
Title: Trabalhe conosco

Search URL Search Domain Scan URL

URL: https://portal.correiodopovo.com.br/politicadeprivacidade
Title: Política de Privacidade

Search URL Search Domain Scan URL

URL: https://portal.correiodopovo.com.br/faleconosco/?FC=ATENDIMENTO
Title: Atendimento ao assinante

Search URL Search Domain Scan URL

URL: https://portal.correiodopovo.com.br/faleconosco/?FC=GERAL
Title: Fale com a Redação

Search URL Search Domain Scan URL

URL: https://portal.correiodopovo.com.br/Publicidade/
Title: Soluções para seu negócio

Search URL Search Domain Scan URL

URL: https://portal.correiodopovo.com.br/Publicidade/pdf/CP_MIDIAKIT_2023.pdf
Title: Mídia Kit

Search URL Search Domain Scan URL

URL: https://portal.correiodopovo.com.br/Publicidade/pdf/TABELA_DE_PRECOS_2023.pdf
Title: Tabela Comercial

Search URL Search Domain Scan URL

URL: https://portal.correiodopovo.com.br/Publicidade/pdf/Tabela_PubliCP.pdf
Title: Tabela Comercial PubliCP

Search URL Search Domain Scan URL

URL: https://digital.correiodopovo.com.br/
Title: Jornal Digital

Search URL Search Domain Scan URL

URL: http://leitor.correiodopovo.com.br/
Title: Loja Correio do Povo

Search URL Search Domain Scan URL

URL: https://portal.correiodopovo.com.br/Faleconosco/
Title: Atendimento ao assinante

Search URL Search Domain Scan URL

URL: http://ejcj.cpovo.net/
Title: Portal Administrativo

Search URL Search Domain Scan URL

URL: https://portal.correiodopovo.com.br/CPovo/SuporteTecnico/
Title: Provedor

Search URL Search Domain Scan URL

URL: https://outlook.office.com/
Title: Webmail

Search URL Search Domain Scan URL

URL: http://minhaconta.correiodopovo.com.br/
Title: Minha Conta

Search URL Search Domain Scan URL

URL: https://guaiba.com.br/
Title: Rádio Guaíba

Search URL Search Domain Scan URL

URL: https://www.recordtvrs.com.br/
Title: Tv Record RS

Search URL Search Domain Scan URL

URL: https://www.r7.com/
Title: R7.com

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/correio-do-povo/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/correiodopovo/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CorreioDoPovo/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCphn4Z4L2dGNoh7jz_99EOA

Search URL Search Domain Scan URL

URL: https://twitter.com/correio_dopovo

Search URL Search Domain Scan URL

URL: https://www.enpal.de/artikel2/die-solaranlage-die-alles-kann-bekannt-aus-tv
Title: Enpal

Search URL Search Domain Scan URL

URL: https://www.mdm.de/dop
Title: MDM Deutsche Münze

Search URL Search Domain Scan URL

URL: https://breariancounstone.com/1f01a89a-934a-4e03-a0b0-0413b0e7f47a
Title: Lounge 777

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=correiodopovo&utm_medium=referral&utm_content=thumbnails-a:Mid%20Article%20Thumbnails:
Title: por taboola

Search URL Search Domain Scan URL

URL: https://www.youtube.com/CorreiodoPovoPlay
Title: CP Play

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=correiodopovo&utm_medium=referral&utm_content=thumbnails-d:Right%20Rail%201x1%20Home%20Page:
Title: por taboola

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en
Title: Ad

Search URL Search Domain Scan URL

URL: https://portal.correiodopovo.com.br/PoliticadePrivacidade
Title: Política de Privacidade

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://correiodopovo.com.br/ HTTP 301
https://correiodopovo.com.br// HTTP 302
https://www.correiodopovo.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js

Request Chain 226

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=210804831.56902011584974117.6073086 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=210804831.56902011584974117.6073086 HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=1b2e4395-99bc-4397-9f27-8596723f56e1 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=1b2e4395-99bc-4397-9f27-8596723f56e1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=4fbe391c-3659-4cd5-8f79-ce22ae5e9f59&user_group=1&ssp=vidoomy&bsw_param=1b2e4395-99bc-4397-9f27-8596723f56e1 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=1b2e4395-99bc-4397-9f27-8596723f56e1

Request Chain 292

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELq5qgja1shQ1giEwqLjvwY&google_cver=1

Request Chain 293

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJMtbayDHAyZOxDyXo45vQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELq5qgja1shQ1giEwqLjvwY&google_cver=1

Request Chain 294

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFgBhfoPfRAB2fAtatu4p0w&google_cver=1

Request Chain 295

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU4OTI2MDc0MjE3MDk1NTc5OA%3D%3D

Request Chain 321

https://ad.doubleclick.net/ddm/trackimp/N9037.2069703TABOOLA/B30043029.367713896;dc_trk_aid=558732320;dc_trk_cid=192908634;ord=2023-06-21+17%3A03%3A41;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?;dc_ref=correiodopovo.com.br HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N9037.2069703TABOOLA/B30043029.367713896;dc_pre=CNCEtP_r1P8CFdXrEQgd6UwGRw;dc_trk_aid=558732320;dc_trk_cid=192908634;ord=2023-06-21+17%3A03%3A41;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?;dc_ref=correiodopovo.com.br

Request Chain 355

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3b0fd566-02a1-4b0f-9db4-95e140e8e0ef

Request Chain 358

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3792032271343893360

Request Chain 359

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=TW1pEDX9XsNcY8UojiLEdCU6Ovg

Request Chain 386

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3b0fd566-02a1-4b0f-9db4-95e140e8e0ef

Request Chain 389

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3792032271343893360

Request Chain 390

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=TW1pEDX9XsNcY8UojiLEdCU6Ovg

Request Chain 396

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=81125759215 HTTP 302
https://sync2.navdmp.com/sync?prtid=2&id=81125759215&google_gid=CAESEDpT3dJCEtwhjHYbXoeyXQQ&google_cver=1

Request Chain 398

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

Request Chain 400

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENTRZRppciWZHhKhTYKRAd4&google_cver=1

Request Chain 402

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEL7xALUSpgr93apOzwbGPco&google_cver=1

Request Chain 434

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGfQo8nNdMtTN43fZCIvWXs&google_cver=1

Request Chain 435

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=933f53d8-1055-11ee-9d25-192cb16e0206 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTMzZjUzODEtMTA1NS0xMWVlLTlkMjUtMTkyY2IxNmUwMjA2

Request Chain 510

https://hal900014.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=57201e1c70&subid=&uid=c0400d1677787a1f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCK8y1bC2TZO2FIZ6A7_UPm_-XoAOm5b2gab2YnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAooDYljaUbI-qAMBqgSYAk_QzL-5ZGdNcf2q2Mu-2CftQcbUfkQx-rUKksqqBXOyT3CXS51JONI2lnVa4Fmch2FHmeqkG0cBUU9nwWZqvd7Vu0hYc0fq_VSsFhB1fJmoJrT5_OdvoSOz1SFlq4rhebKC9oDZaGaCbq4K1SDhTXNI-4MqH2pFZZcVAORLfqkfm7yeyO1VRjgD7Ku04VLsgKQkVMgTlZ9u1GgMZxvJ1YXo0rdELCFK6hAdofA2olmLWzzSD6GjTE4pKJbilNrQN3NZp1MEIHLM0qW0Yw7IGxNy_QpHDwysH2GYDOhrwQ2JhrPXUy9-lPV4vYfwBFuzz9gv4vrFMXa8KNht64o9nBCaTOF94sCyhQcfmlpy8f0YeGvGtXwadurABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBygQiDLI7b8IcdlIPO7svN-c56WJEoL1dkldzlvZziKR7SRTY_f3yS3Li6-4MbO4tclIp3AG-p1oBNL1flogAug6iUBDuMcKMdnhgB%26sig%3DAOD64_2-dtJl7C8-ig7-HcOrXvyqApkCcw%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-A75K4vXUex7iamCqPzMJX1FMUrREW3ytTVGQH1RwEwfiCuTur6Blx2YUc1WutbyuzxoVbKwlbeAwEYFiPgJbextDhyAH2O75VeVHx5hnRJ97M2qGfdNghQ0EvazFYzcACdKqrUmgDO0mtPEHA8KsDSQDVxZYjAzV1UfA9t9AiBGFyDlL0%26cry%3D1%26dbm_d%3DAKAmf-ATbi0ZUkkr1GArhfdN2DCJIF6yiam9k3-JtbLCITbtcUOuC4jO3RlzbRCMEzXT1K5SQhCI2BlJGRY_bW-RlR85vl46MqLwZRjZTbflhzy9hmuHfNVuNnu6IFNqHkdq1MeqTOfp_v2aUs634uI5UKO14fF_hy-Q8oSSzD4Jrc8bbTGaVGKO1uY9jpEs5XoOGZyojgve_muBpvoPJbGIrTmAhuygohfZzJMHEAO-ZHD2jl8-JPd13JOumpvUfAGF0nRpFMsuC3zNqXuxZVwGBd7xQwZAUXqzjJH4A3WDr09PqJZeXtVe-XFvYEETbsUtejFRWXyaZjM0zeL3DN88JKcd0P_S4fEwZzBExPL-Gfh7-pG4hq6o_81H7QKFoksqGbJOZ9-JSoDhmM3CCebNjrYlfPKLhJ3TbBh847d-M3-pWZyNgKAAgSbzb14rb5ibA414_nsN7k3DO5poSYMBkAjKMT0Dnum1jDEGqLAribyAtvLbZtyirNar4mbmntAXPB-IS0avyuxQjMX-9Pl6n0O7Z-1XBwSKgcmj9_6Rrt3g0bFnI3mC5m5ZB9YeZIVISiK4_Ovy%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=3425197261540&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900014.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=57201e1c70&subid=&uid=c0400d1677787a1f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCK8y1bC2TZO2FIZ6A7_UPm_-XoAOm5b2gab2YnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAooDYljaUbI-qAMBqgSYAk_QzL-5ZGdNcf2q2Mu-2CftQcbUfkQx-rUKksqqBXOyT3CXS51JONI2lnVa4Fmch2FHmeqkG0cBUU9nwWZqvd7Vu0hYc0fq_VSsFhB1fJmoJrT5_OdvoSOz1SFlq4rhebKC9oDZaGaCbq4K1SDhTXNI-4MqH2pFZZcVAORLfqkfm7yeyO1VRjgD7Ku04VLsgKQkVMgTlZ9u1GgMZxvJ1YXo0rdELCFK6hAdofA2olmLWzzSD6GjTE4pKJbilNrQN3NZp1MEIHLM0qW0Yw7IGxNy_QpHDwysH2GYDOhrwQ2JhrPXUy9-lPV4vYfwBFuzz9gv4vrFMXa8KNht64o9nBCaTOF94sCyhQcfmlpy8f0YeGvGtXwadurABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBygQiDLI7b8IcdlIPO7svN-c56WJEoL1dkldzlvZziKR7SRTY_f3yS3Li6-4MbO4tclIp3AG-p1oBNL1flogAug6iUBDuMcKMdnhgB%26sig%3DAOD64_2-dtJl7C8-ig7-HcOrXvyqApkCcw%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-A75K4vXUex7iamCqPzMJX1FMUrREW3ytTVGQH1RwEwfiCuTur6Blx2YUc1WutbyuzxoVbKwlbeAwEYFiPgJbextDhyAH2O75VeVHx5hnRJ97M2qGfdNghQ0EvazFYzcACdKqrUmgDO0mtPEHA8KsDSQDVxZYjAzV1UfA9t9AiBGFyDlL0%26cry%3D1%26dbm_d%3DAKAmf-ATbi0ZUkkr1GArhfdN2DCJIF6yiam9k3-JtbLCITbtcUOuC4jO3RlzbRCMEzXT1K5SQhCI2BlJGRY_bW-RlR85vl46MqLwZRjZTbflhzy9hmuHfNVuNnu6IFNqHkdq1MeqTOfp_v2aUs634uI5UKO14fF_hy-Q8oSSzD4Jrc8bbTGaVGKO1uY9jpEs5XoOGZyojgve_muBpvoPJbGIrTmAhuygohfZzJMHEAO-ZHD2jl8-JPd13JOumpvUfAGF0nRpFMsuC3zNqXuxZVwGBd7xQwZAUXqzjJH4A3WDr09PqJZeXtVe-XFvYEETbsUtejFRWXyaZjM0zeL3DN88JKcd0P_S4fEwZzBExPL-Gfh7-pG4hq6o_81H7QKFoksqGbJOZ9-JSoDhmM3CCebNjrYlfPKLhJ3TbBh847d-M3-pWZyNgKAAgSbzb14rb5ibA414_nsN7k3DO5poSYMBkAjKMT0Dnum1jDEGqLAribyAtvLbZtyirNar4mbmntAXPB-IS0avyuxQjMX-9Pl6n0O7Z-1XBwSKgcmj9_6Rrt3g0bFnI3mC5m5ZB9YeZIVISiK4_Ovy%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=3425197261540&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 518

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3b0fd566-02a1-4b0f-9db4-95e140e8e0ef

Request Chain 521

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3792032271343893360

Request Chain 522

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=TW1pEDX9XsNcY8UojiLEdCU6Ovg

Request Chain 527

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEJqkd46W8RT8mcnam63eqVU&google_cver=1

Request Chain 581

https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Correio%20do%20Povo&md=&mk=&il=0&limit_drop=&userid=a3d22294-814c-48bd-a8b0-b47a487952db&idx=&fullVersionList=&platform= HTTP 302
https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Correio%20do%20Povo&md=&mk=&il=0&limit_drop=&userid=a3d22294-814c-48bd-a8b0-b47a487952db&idx=&fullVersionList=&platform=&_rlid=a3d22294-814c-48bd-a8b0-b47a487952db

Request Chain 614

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEFIMEmN4sWgjp9o5QqVatvQ&google_cver=1

Request Chain 615

https://ads.stickyadstv.com/user-matching?id=11 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YzQyYjgzODhlOTNmYmEzNzY5MWNlZDhlNGEzZWJlMzY=&gdpr=0&gdpr_consent=

Request Chain 616

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEFIMEmN4sWgjp9o5QqVatvQ&google_cver=1

Request Chain 617

https://ads.stickyadstv.com/user-matching?id=11 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ODhhMDI1NmY3ZDRlY2YxZTY4OThjOWQxMmIxMmQ0OWE=&gdpr=0&gdpr_consent=

Request Chain 618

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEFIMEmN4sWgjp9o5QqVatvQ&google_cver=1

Request Chain 619

https://ads.stickyadstv.com/user-matching?id=11 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MmNmOGExMTI5MWVhNmI4OTM1MmZlZTk0YWMxOWUwY2Y=&gdpr=0&gdpr_consent=

Request Chain 636

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=14047100088712104444978012362014&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2806776007

Request Chain 638

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6030716497474.007 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CJCkl4Ds1P8CFckOogMdcNICPw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6030716497474.007

Request Chain 640

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=14047100088712104444978012362014&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=14047100088712104444978012362014&t=htlp&gdpr=1&consent=1&gdpr_consent=

Request Chain 654

https://cm.g.doubleclick.net/pixel?google_nid=retargetly_ddp&google_hm=YTNkMjIyOTQtODE0Yy00OGJkLWE4YjAtYjQ3YTQ4Nzk1MmRi&google_cm HTTP 302
https://app.retargetly.com/sync?pid=11&google_gid=CAESEKtDhWqFufPC6edVg8cxl18&google_cver=1

Request Chain 657

https://pixel.tapad.com/idsync/ex/receive?partner_id=3012&partner_device_id=a3d22294-814c-48bd-a8b0-b47a487952db&_rand=1687367023005 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3012&partner_device_id=a3d22294-814c-48bd-a8b0-b47a487952db&_rand=1687367023005

Request Chain 661

https://secure.adnxs.com/getuid?https://app.retargetly.com/sync?sid=$UID&pid=2 HTTP 302
https://app.retargetly.com/sync?sid=5589260742170955798&pid=2

Request Chain 662

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3a%2f%2fapp.retargetly.com%2fsync%3fpid%3d14%26sid%3d%23PM_USER_ID HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3a%2f%2fapp.retargetly.com%2fsync%3fpid%3d14%26sid%3d%23PM_USER_ID&rdf=1 HTTP 302
https://app.retargetly.com/sync?pid=14&sid=CA57F6AE-0E19-4326-BAA9-8F1794321670

Request Chain 665

https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5Bsas_uid%5D%26pid%3D63 HTTP 302
https://sync.smartadserver.com/getuid?gdpr=0&url=https://app.retargetly.com/sync?sid=[sas_uid]&pid=63&cklb=1 HTTP 302
https://app.retargetly.com/sync?sid=7047329588402905016

Request Chain 790

https://www.awin1.com/cshow.php?s=3004312&v=11842&q=424689&r=296283&pref1=83788000101226904444994012362012&pv=1 HTTP 302
https://www.more-and-more.de/alvine/tools/track/ht.html?sxx_partner=zanox_de

Request Chain 794

https://www.awin1.com/cshow.php?s=3004312&v=11842&q=424689&r=296283&pref1=53618800118183104444994012362013&pv=1 HTTP 302
https://www.more-and-more.de/alvine/tools/track/ht.html?sxx_partner=zanox_de

Request Chain 799

https://ads.travelaudience.com/google_pixel?google_gid=CAESEH6DJYED9B5d3kM4IryLjOc&google_cver=1&google_push=ATf1kGNOzdfslZ228jwsGhIAygNABPT-ijXv6I5lSq79tsjSczz89uCxcmy1nJijOloCMdtfFAYpDUnFCRUaIQ9GLdFJ5liffFTt HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=21KZk-CXQs6GxOMF9_oKHg2&google_push=ATf1kGNOzdfslZ228jwsGhIAygNABPT-ijXv6I5lSq79tsjSczz89uCxcmy1nJijOloCMdtfFAYpDUnFCRUaIQ9GLdFJ5liffFTt

Request Chain 800

https://a.c.appier.net/gcm?google_gid=CAESEHekmP274nZhZSwWtKH1n9Q&google_cver=1&google_push=ATf1kGN90NhVVUuv43jMzE1kS-91nkQ3YGSuaynmhvlZU4BRHd8B1MpFEMg2jaIWbodY8_F-UBrn1zBGtii15AuUwYFZ_FrhEmGD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MUQtekpmTzBCamV5M2RqM2NTMlRaQQ%3D%3D&google_push=ATf1kGN90NhVVUuv43jMzE1kS-91nkQ3YGSuaynmhvlZU4BRHd8B1MpFEMg2jaIWbodY8_F-UBrn1zBGtii15AuUwYFZ_FrhEmGD

Request Chain 803

https://sync.inmobi.com/gob?google_gid=CAESELe2LRHkkXunNwRyCUGBvYU&google_cver=1&google_push=ATf1kGPySnCiRgA_yy6rps9U1hoRdIyO0w2H_elSm9U3WRW4WZ9109C8oahKsUG_Qrem0pHc8MYqZ1y7N0oZ1gMpRag5ZzyDGqfj HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGPySnCiRgA_yy6rps9U1hoRdIyO0w2H_elSm9U3WRW4WZ9109C8oahKsUG_Qrem0pHc8MYqZ1y7N0oZ1gMpRag5ZzyDGqfj

Request Chain 804

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPlMEPAVebI4qulMK2jJbOU&google_cver=1&google_push=ATf1kGPSA2Pz-TVOIKskacdAtk2vfPqgqyQA7ZKLb8g6Sjj26gpu_usjzH5iIqY0w1ouvLttyXVOZmehfCYUXDsdgDCTDOwCuwgiZA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGPSA2Pz-TVOIKskacdAtk2vfPqgqyQA7ZKLb8g6Sjj26gpu_usjzH5iIqY0w1ouvLttyXVOZmehfCYUXDsdgDCTDOwCuwgiZA HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 806

https://www.awin1.com/cshow.php?s=3004312&v=11842&q=424689&r=296283&pref1=36092100092016204444994012362003&pv=1 HTTP 302
https://www.more-and-more.de/alvine/tools/track/ht.html?sxx_partner=zanox_de

Request Chain 810

https://www.awin1.com/cshow.php?s=3004312&v=11842&q=424689&r=296283&pref1=12995600088354504444994012362006&pv=1 HTTP 302
https://www.more-and-more.de/alvine/tools/track/ht.html?sxx_partner=zanox_de

Request Chain 821

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBqpr6qa9dHC7gml1TENCWw&google_cver=1&google_push=ATf1kGPFpTJVOuD3PeX7C7D1L7IaZ2brDwIZF9kNeFnJRvKIwwUVmDEMVNwj-rHjtpAjGab6TGb6i2gsSjX641thANy0ZptTbUfB4g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPFpTJVOuD3PeX7C7D1L7IaZ2brDwIZF9kNeFnJRvKIwwUVmDEMVNwj-rHjtpAjGab6TGb6i2gsSjX641thANy0ZptTbUfB4g&google_hm=MTG0MCRyTKGtqXDWSkMhnPg

Request Chain 822

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBqpnT9kdfGp_VghZQkqYF8&google_cver=1&google_push=ATf1kGO21vBszDMiGC_mE0fdH2I0py9pu_xiVrLlnVmg7D0vjscuIOFmNOL7CHhsB10r9znwvNBUpc950X0-85POj9cEXgUl1JPjSw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NzE4NjE4NDQzOTc4OTcxNA%3D%3D&google_push=ATf1kGO21vBszDMiGC_mE0fdH2I0py9pu_xiVrLlnVmg7D0vjscuIOFmNOL7CHhsB10r9znwvNBUpc950X0-85POj9cEXgUl1JPjSw

Request Chain 823

https://d5p.de17a.com/cookies/google?google_gid=CAESEIC4Pr1cAN3qxjTRj8WGP1k&google_cver=1&google_push=ATf1kGNx-di5G1z6RfXqoaX4rUn57UZArrzgoVYFBcjKnP0Rkl0qJFfsm_o8C-9aZ0nKZWhHCnsIIRQdYK61lA65j4yQ1ojsnsAcmg HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEIC4Pr1cAN3qxjTRj8WGP1k&google_cver=1&google_push=ATf1kGNx-di5G1z6RfXqoaX4rUn57UZArrzgoVYFBcjKnP0Rkl0qJFfsm_o8C-9aZ0nKZWhHCnsIIRQdYK61lA65j4yQ1ojsnsAcmg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNx-di5G1z6RfXqoaX4rUn57UZArrzgoVYFBcjKnP0Rkl0qJFfsm_o8C-9aZ0nKZWhHCnsIIRQdYK61lA65j4yQ1ojsnsAcmg

Request Chain 824

https://match.360yield.com/match/ebda?google_gid=CAESELALkko0qeuSsQhInhBrQe4&google_cver=1&google_push=ATf1kGOqfXFdlPdCRuA_pdBsZ4SI3Bun-EIGyq_E6X3szLKOw7TB1mnl90siIbh8XOdo3EkVlCOJWYlPe0przkz_ogsLaOVwzppn HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESELALkko0qeuSsQhInhBrQe4&google_cver=1&google_push=ATf1kGOqfXFdlPdCRuA_pdBsZ4SI3Bun-EIGyq_E6X3szLKOw7TB1mnl90siIbh8XOdo3EkVlCOJWYlPe0przkz_ogsLaOVwzppn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ZFemrocFR7m3qJt_joICTA&google_push=ATf1kGOqfXFdlPdCRuA_pdBsZ4SI3Bun-EIGyq_E6X3szLKOw7TB1mnl90siIbh8XOdo3EkVlCOJWYlPe0przkz_ogsLaOVwzppn

Request Chain 825

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEKnK0jGKq0mh0_-CdGVFYSg&google_cver=1&google_push=ATf1kGOOB3QbnDfzDG7DcCuaaus7AN8BUVwr6hr9rznjh0DqYEcRB7_XVtlwoqfOosR7jXGMUme_LGtYc2Uc-oVXavatK8usLa40lg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGOOB3QbnDfzDG7DcCuaaus7AN8BUVwr6hr9rznjh0DqYEcRB7_XVtlwoqfOosR7jXGMUme_LGtYc2Uc-oVXavatK8usLa40lg&google_hm=WkpNdGNNQ281c3dBQUhlTzlHOEFBQUFB

Request Chain 829

https://a.tribalfusion.com/i.match?p=b6&u=CAESELXZVmsRu4mj52D_ui3BVVc&google_cver=1&google_push=ATf1kGMTYakWO02CFtHHI2wkDj8xo4Y2926fBE2-IIr8C49lIh3iMbDMc3zWUJD2p0X_YcbJSclfd8KA_R-CXILvbe9fjwMrdDI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMTYakWO02CFtHHI2wkDj8xo4Y2926fBE2-IIr8C49lIh3iMbDMc3zWUJD2p0X_YcbJSclfd8KA_R-CXILvbe9fjwMrdDI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELXZVmsRu4mj52D_ui3BVVc&google_cver=1&google_push=ATf1kGMTYakWO02CFtHHI2wkDj8xo4Y2926fBE2-IIr8C49lIh3iMbDMc3zWUJD2p0X_YcbJSclfd8KA_R-CXILvbe9fjwMrdDI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMTYakWO02CFtHHI2wkDj8xo4Y2926fBE2-IIr8C49lIh3iMbDMc3zWUJD2p0X_YcbJSclfd8KA_R-CXILvbe9fjwMrdDI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 830

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEOPJVZNKUgxY6vwwMQDF9xs&google_cver=1&google_push=ATf1kGMgmI47u72onxAO_w83khW14LMBbI7P2pfyLexGE8gBSbnbOzpmN1xgD-OFdqcry3EzVLt_0wfQtBIJG1Cn_bPN0tbxyQbV HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGMgmI47u72onxAO_w83khW14LMBbI7P2pfyLexGE8gBSbnbOzpmN1xgD-OFdqcry3EzVLt_0wfQtBIJG1Cn_bPN0tbxyQbV

Request Chain 831

https://a.c.appier.net/gcm?google_gid=CAESEHekmP274nZhZSwWtKH1n9Q&google_cver=1&google_push=ATf1kGMWTqpOVvMlZYdfCYNVWuLIYp4PWrYskmtCqYgV1kf8fhlT4nwcjnAzVMiTJiXDXvOYlKyJ3jxJv2dJVh39NT3XSLgDctsn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ODBheEZVS2dBM2U0WTVIRWNTMlRaQQ%3D%3D&google_push=ATf1kGMWTqpOVvMlZYdfCYNVWuLIYp4PWrYskmtCqYgV1kf8fhlT4nwcjnAzVMiTJiXDXvOYlKyJ3jxJv2dJVh39NT3XSLgDctsn

Request Chain 915

https://um.simpli.fi/gp_match?google_gid=CAESEMb1NcJIYREwfFoYEmulgvQ&google_cver=1&google_push=ATf1kGNGaNCGugLHHrAbqctW1-47-sNWRgJgn805Bf7X73oBk4foleIaX96rY_BU_Yc4xWQxMrdx3HReFrsw_krKAmB9YL6Xlyy0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FBC647AAD2E84C508E580F0671B5C4DE&google_push=ATf1kGNGaNCGugLHHrAbqctW1-47-sNWRgJgn805Bf7X73oBk4foleIaX96rY_BU_Yc4xWQxMrdx3HReFrsw_krKAmB9YL6Xlyy0

Request Chain 916

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJbg3PmMW_ktoHb_s_jbvR8&google_cver=1&google_push=ATf1kGPurfZW3KIoflZvHjjNDkZJK1JIdgpWY-I8kQkoWN4nadsu7-gQ-S3UElCzu1tAY-CW1qtaAdybADrmpsHgfv6NQfDVuH8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJbg3PmMW_ktoHb_s_jbvR8&google_hm=ZJMtbayDHAyZOxDyXo45vQAADKIAAAAB&google_nid=index&google_push=ATf1kGPurfZW3KIoflZvHjjNDkZJK1JIdgpWY-I8kQkoWN4nadsu7-gQ-S3UElCzu1tAY-CW1qtaAdybADrmpsHgfv6NQfDVuH8

Request Chain 917

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJSglx82KMpXnxf6iUzMhWA&google_cver=1&google_push=ATf1kGMQFYGQQAQHbTuIIjz-9dAMtAIK62hfshhlhqm2FErV9J3f3cBzNMOLSjhgctLB1nvV4L-clyghQtBS37FKZxdDezeBDwtV HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMQFYGQQAQHbTuIIjz-9dAMtAIK62hfshhlhqm2FErV9J3f3cBzNMOLSjhgctLB1nvV4L-clyghQtBS37FKZxdDezeBDwtV

Request Chain 918

https://match.360yield.com/match/ebda?google_gid=CAESELALkko0qeuSsQhInhBrQe4&google_cver=1&google_push=ATf1kGM1YawnPw1UZZ-1MadT5wsNbEqPP7LxegvGF6mB4lRqzwp_tVx1foDM0xxTj16M0wrTzkdhAYh0ZIjuAupNb5y2VppDyB8S HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ZFemrocFR7m3qJt_joICTA&google_push=ATf1kGM1YawnPw1UZZ-1MadT5wsNbEqPP7LxegvGF6mB4lRqzwp_tVx1foDM0xxTj16M0wrTzkdhAYh0ZIjuAupNb5y2VppDyB8S

Request Chain 919

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEN6xawi3ifcjfPzmKy4pXd4&google_cver=1&google_push=ATf1kGN01jHznuaVJgxpcN2LEoMg3wVAh_8VkAO9c9DvwFHsFvgugXtmKLQ21wZ2kpKlnI0HCgyWH5Vq3LzovH6KCYn1NM6BqowR HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGN01jHznuaVJgxpcN2LEoMg3wVAh_8VkAO9c9DvwFHsFvgugXtmKLQ21wZ2kpKlnI0HCgyWH5Vq3LzovH6KCYn1NM6BqowR&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1687367024825 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-ec8a09f1-09fe-47dc-8deb-60a9efac3cb2-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGN01jHznuaVJgxpcN2LEoMg3wVAh_8VkAO9c9DvwFHsFvgugXtmKLQ21wZ2kpKlnI0HCgyWH5Vq3LzovH6KCYn1NM6BqowR%26google_hm%3DA-yKCfEJ_kfcjetgqe-sPLI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGN01jHznuaVJgxpcN2LEoMg3wVAh_8VkAO9c9DvwFHsFvgugXtmKLQ21wZ2kpKlnI0HCgyWH5Vq3LzovH6KCYn1NM6BqowR&google_hm=A-yKCfEJ_kfcjetgqe-sPLI

Request Chain 920

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEn8oan7ntSl4Bx-hTuM5TI&google_cver=1&google_push=ATf1kGNRRxIOHUVF_FsbJbwwPuQ4TAMuERLJ3h9MPJn5mCHBTDgx1vfT_z0bGNiMU1bfg4OKdnqNoBnpQcyJPs2Tqrv65dL7ivKn HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGNRRxIOHUVF_FsbJbwwPuQ4TAMuERLJ3h9MPJn5mCHBTDgx1vfT_z0bGNiMU1bfg4OKdnqNoBnpQcyJPs2Tqrv65dL7ivKn&google_gid=CAESEEn8oan7ntSl4Bx-hTuM5TI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzcwMjA0MDE2MzMyNjIzMTg2NjU1NA%3D%3D&google_push=ATf1kGNRRxIOHUVF_FsbJbwwPuQ4TAMuERLJ3h9MPJn5mCHBTDgx1vfT_z0bGNiMU1bfg4OKdnqNoBnpQcyJPs2Tqrv65dL7ivKn

Request Chain 930

https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430 HTTP 302
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEDPyC1olhkAlZvXAepsPGqI&google_cver=1&google_ula=862479430,0

Request Chain 931

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENPLbp-Ai3cDDAfHiDgysKY&google_cver=1&google_push=ATf1kGONJ9obPXq7-Qndpqy89ykFPdMcwyac-TirUoR6sgZlsNjAwEhHaXfLEfgQKny9QdrF-KLHdNrgpxGm46E8Ff7BlvCblgWY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzc5MjAzMjI3MTM0Mzg5MzM2MA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENPLbp-Ai3cDDAfHiDgysKY&google_cver=1

Request Chain 933

https://ads.travelaudience.com/google_pixel?google_gid=CAESEH6DJYED9B5d3kM4IryLjOc&google_cver=1&google_push=ATf1kGP0CJ271gyyogAWKcJCmw1rSYyRjKcjXZofUSOQwUagxJROE9zHahnsSdWU6kNGMAX0E9220vAcHiZELBF5ph0GRX3RlZ7u HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=21KZk-CXQs6GxOMF9_oKHg2&google_push=ATf1kGP0CJ271gyyogAWKcJCmw1rSYyRjKcjXZofUSOQwUagxJROE9zHahnsSdWU6kNGMAX0E9220vAcHiZELBF5ph0GRX3RlZ7u

Request Chain 934

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDlJncwfx1kaY0QOMPvLAwM&google_cver=1&google_push=ATf1kGOuCG4ysUMzCE_oc3cz8LyKpigY5xUIwczB_AZp4QxUIo2P95YBEFlakX-aOOTN1-mxrScl18x6rf428HuIguPmpq2vJhsS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOuCG4ysUMzCE_oc3cz8LyKpigY5xUIwczB_AZp4QxUIo2P95YBEFlakX-aOOTN1-mxrScl18x6rf428HuIguPmpq2vJhsS&google_hm=Gy5DlZm8Q5efJ4WWcj9W4Q==

Request Chain 936

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEn8oan7ntSl4Bx-hTuM5TI&google_cver=1&google_push=ATf1kGMMmg_fZS6DYv7m8N-UqnZe_D0KQfg8RL5hJ-HkMELFDtx8Ej5kPUCoKlz5p5s_Y7qGE2Vq9t61DcKzZJnJO4pDT8gwgXfo HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGMMmg_fZS6DYv7m8N-UqnZe_D0KQfg8RL5hJ-HkMELFDtx8Ej5kPUCoKlz5p5s_Y7qGE2Vq9t61DcKzZJnJO4pDT8gwgXfo&google_gid=CAESEEn8oan7ntSl4Bx-hTuM5TI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzcwMjA0MDE2MzMyNjIzMTg2NjU1NA%3D%3D&google_push=ATf1kGMMmg_fZS6DYv7m8N-UqnZe_D0KQfg8RL5hJ-HkMELFDtx8Ej5kPUCoKlz5p5s_Y7qGE2Vq9t61DcKzZJnJO4pDT8gwgXfo

Request Chain 939

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJqtvFtkXYftXDOdm4pmd4o&google_cver=1&google_push=ATf1kGPKIIMrT6xlk_Ig8nRT4gN2hv-aKEmaT6wXRQMv4BDgMWu6DxKIj7G6GQZxkSwwoTp17TdDfwuTDTrLapAI64nR2b9wht8l HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJqtvFtkXYftXDOdm4pmd4o&google_push=ATf1kGPKIIMrT6xlk_Ig8nRT4gN2hv-aKEmaT6wXRQMv4BDgMWu6DxKIj7G6GQZxkSwwoTp17TdDfwuTDTrLapAI64nR2b9wht8l

Request Chain 940

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDlJncwfx1kaY0QOMPvLAwM&google_cver=1&google_push=ATf1kGOPOgxGGXp9reJ-nuyomQHEhhqdLQYFVcWtE0-wqxh8sGUKnuFOawVfysJYD724kKXrZ05ZHbO0lOT4rw7rMrRE692mW94 HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=5108559728343166208&expires=30&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOuCG4ysUMzCE_oc3cz8LyKpigY5xUIwczB_AZp4QxUIo2P95YBEFlakX-aOOTN1-mxrScl18x6rf428HuIguPmpq2vJhsS&google_hm=Gy5DlZm8Q5efJ4WWcj9W4Q==

Request Chain 943

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMo4lnT0689HrSRdfC0zvOE&google_cver=1&google_push=ATf1kGMZR_Hp7orAOk6-1Kw0N3D-LnAFKekD_e7LQtm2MRbTnS9BdcY1pXUBX3kE5LoFBd72eYSzWMPgurSdgNvxN2LgIAyAcI2f HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ylf2rg4ZQya6qY8XlDIWcA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMZR_Hp7orAOk6-1Kw0N3D-LnAFKekD_e7LQtm2MRbTnS9BdcY1pXUBX3kE5LoFBd72eYSzWMPgurSdgNvxN2LgIAyAcI2f

Request Chain 944

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJSglx82KMpXnxf6iUzMhWA&google_cver=1&google_push=ATf1kGMAvXwIiB8-5oIhxAF9rSLHi9tW4rMZQig7LkY8rRrnMKEdtaBQQkDA_KogZLiyH-aNHnSkIlTJvoAeK7FKqjlsrKv8PwvC HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMAvXwIiB8-5oIhxAF9rSLHi9tW4rMZQig7LkY8rRrnMKEdtaBQQkDA_KogZLiyH-aNHnSkIlTJvoAeK7FKqjlsrKv8PwvC

Request Chain 947

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECwmnmQuXSljrph4NUZD9n0&google_cver=1&google_push=ATf1kGO6n0uLEpMdBj6jT2Wg2k9gAv8Pl9n_i_B70Fl1TTkFSfFvGs1cclFKlSYnoVlc0glFtwqWpDQ0JcD_Ht3tSQbsOCnVpyRi HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECwmnmQuXSljrph4NUZD9n0&google_cver=1&google_push=ATf1kGO6n0uLEpMdBj6jT2Wg2k9gAv8Pl9n_i_B70Fl1TTkFSfFvGs1cclFKlSYnoVlc0glFtwqWpDQ0JcD_Ht3tSQbsOCnVpyRi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WFhVYXNjWE4xUWMxZmE1&google_gid=CAESECwmnmQuXSljrph4NUZD9n0&google_cver=1&google_push=ATf1kGO6n0uLEpMdBj6jT2Wg2k9gAv8Pl9n_i_B70Fl1TTkFSfFvGs1cclFKlSYnoVlc0glFtwqWpDQ0JcD_Ht3tSQbsOCnVpyRi

Request Chain 948

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFWDtqLD1mDDn8YGGIA4fDs&google_cver=1&google_push=ATf1kGPQyMeApdlUCmIZ3VQanYUUpqPaka0593IbIS8lDnBKeuk83yWtt17wk5iBcwpqZelWVrRO5zJ6kQojdT5bInRtlABbgZFO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=CQJkky1vRAC2Gv_MZHqnOw&google_push=ATf1kGPQyMeApdlUCmIZ3VQanYUUpqPaka0593IbIS8lDnBKeuk83yWtt17wk5iBcwpqZelWVrRO5zJ6kQojdT5bInRtlABbgZFO

Request Chain 949

https://um.simpli.fi/gp_match?google_gid=CAESEMb1NcJIYREwfFoYEmulgvQ&google_cver=1&google_push=ATf1kGOCEC_2WSPwE-MtV1vevDeA4eUIVl4Ha6SYPfo5Yj6-4BjYjAsT_CVpx6tkhL5fMPhkjhRe4_2UMZhdX6HqYbJDQHMBssSM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D591207245924888BE3C3131620A3141&google_push=ATf1kGOCEC_2WSPwE-MtV1vevDeA4eUIVl4Ha6SYPfo5Yj6-4BjYjAsT_CVpx6tkhL5fMPhkjhRe4_2UMZhdX6HqYbJDQHMBssSM

Request Chain 951

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHHMxPNoYChs4YykgtniO9w&google_cver=1&google_push=ATf1kGOysI9ER3z2KxtLdoeLDyOiTheq0PnnY0QjzR7onr8MLqH5REJcxwCE_vCM1ixv7XR1A2ubv5N2U_eALMiyAmm_k_2zMpSd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEo1WVJBMU0tMUUtM1BWVA==&google_push=ATf1kGOysI9ER3z2KxtLdoeLDyOiTheq0PnnY0QjzR7onr8MLqH5REJcxwCE_vCM1ixv7XR1A2ubv5N2U_eALMiyAmm_k_2zMpSd

Request Chain 952

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPlMEPAVebI4qulMK2jJbOU&google_cver=1&google_push=ATf1kGNwYnIs4XSC72clf34X9zWYGGjCVuoKooaDxn9raVRo1yDs7kLTo-Ew9IHW__lQy9LfYQHcszlYaSZJntkLq8mzOp9okTXC4A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGNwYnIs4XSC72clf34X9zWYGGjCVuoKooaDxn9raVRo1yDs7kLTo-Ew9IHW__lQy9LfYQHcszlYaSZJntkLq8mzOp9okTXC4A HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 953

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEEKc6U85Vw0BwX6v6gWg2_g&google_cver=1&google_push=ATf1kGMUnIZbZ3eMb2o0wXwBHX3iIpBcKb34rL1DHj6seTmj2t3eNjX7EvBSoO4r_JJeAT1BL-8fBcJ266JFKOUrqnyt5wR3qSd0ig HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTU4OTI2MDc0MjE3MDk1NTc5OA%3D%3D&google_gid=CAESEEKc6U85Vw0BwX6v6gWg2_g&google_cver=1&google_push=ATf1kGMUnIZbZ3eMb2o0wXwBHX3iIpBcKb34rL1DHj6seTmj2t3eNjX7EvBSoO4r_JJeAT1BL-8fBcJ266JFKOUrqnyt5wR3qSd0ig

Request Chain 1001

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t

Request Chain 1002

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBKxB3w1iDieiQRG4m2--gs&google_cver=1

Request Chain 1003

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJ5YRA1M-1E-3PVT

Request Chain 1005

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/BhGWvaBYTBfCyPSw8Ml65Mn5EUdSAgOZEtemQ7w0kco?csrc=

Request Chain 1006

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0kT2ZPdoRzeP_1MTqa4ZPg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=0kT2ZPdoRzeP_1MTqa4ZPg

Request Chain 1007

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEo1WVJBMU0tMUUtM1BWVA== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHHMxPNoYChs4YykgtniO9w&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEo1WVJBMU0tMUUtM1BWVA==&google_push=

Request Chain 1008

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWQyZDVlYTg0ZDRlZTMwNDg1ODQ2ZDE3OGNhMzUxZmQwZTRjNWJhYg

Request Chain 1011

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6984261806563861649

Request Chain 1013

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559728343166208

Request Chain 1014

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CA57F6AE-0E19-4326-BAA9-8F1794321670&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CA57F6AE-0E19-4326-BAA9-8F1794321670&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 1015

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ylf2rg4ZQya6qY8XlDIWcA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 1017

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2794372131 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0

Request Chain 1019

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0E1N0Y2QUUtMEUxOS00MzI2LUJBQTktOEYxNzk0MzIxNjcw&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 1020

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKNwclUw68ELuBn7hfKwJeE&google_cver=1

Request Chain 1022

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3753889245533002917

Request Chain 1062

https://um.simpli.fi/gp_match?google_gid=CAESEMb1NcJIYREwfFoYEmulgvQ&google_cver=1&google_push=ATf1kGPOG5GsdmcGYmNgn5j1WcqPpNpHIJsMd3ksI-QwJ_8rbRoqU724ROn-2TotJ3A6hb7WjuvMUWawVvKaAOAaVsbXZZqCBRs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D591207245924888BE3C3131620A3141&google_push=ATf1kGPOG5GsdmcGYmNgn5j1WcqPpNpHIJsMd3ksI-QwJ_8rbRoqU724ROn-2TotJ3A6hb7WjuvMUWawVvKaAOAaVsbXZZqCBRs

Request Chain 1063

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBqpnT9kdfGp_VghZQkqYF8&google_cver=1&google_push=ATf1kGMHTL27M1ztyR65e0AI06G-wZyeIAf9EdBhOGwWlkS9ougHLBDvzfB4m1knI0EylqS5e4hUrhrLG9Ge1248EzxQNCdjxtbwmw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NzE4NjE4NDQzOTc4OTcxNA%3D%3D&google_push=ATf1kGMHTL27M1ztyR65e0AI06G-wZyeIAf9EdBhOGwWlkS9ougHLBDvzfB4m1knI0EylqS5e4hUrhrLG9Ge1248EzxQNCdjxtbwmw

Request Chain 1065

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHHMxPNoYChs4YykgtniO9w&google_cver=1&google_push=ATf1kGPAQ56QcxqwjUwEPEzxa8enM5isbz8asOcMqZ-ZnRjnlZsDBmr_pld33wUf3rIrNeDwzDWpCVAO8CMAC7Qu9_YrWuSXKN9KZw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEo1WVJBMU0tMUUtM1BWVA==&google_push=ATf1kGPAQ56QcxqwjUwEPEzxa8enM5isbz8asOcMqZ-ZnRjnlZsDBmr_pld33wUf3rIrNeDwzDWpCVAO8CMAC7Qu9_YrWuSXKN9KZw

Request Chain 1067

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJSglx82KMpXnxf6iUzMhWA&google_cver=1&google_push=ATf1kGPC3cpTPqP244cyb9lR3u0IZehoiMCS_hYpiaj_dp1AxmXZz2RnoyMgPWtl0nubRRfWlbDJgZyUQ_Vgfq-fNNLczBGp0Vx1HA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGPC3cpTPqP244cyb9lR3u0IZehoiMCS_hYpiaj_dp1AxmXZz2RnoyMgPWtl0nubRRfWlbDJgZyUQ_Vgfq-fNNLczBGp0Vx1HA

Request Chain 1109

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A07A0B93D45C4BE2A3B1305D2B027C51&RedC=c.clarity.ms&MXFR=3F20F1B7C5F06E832784E280C1F06046 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A07A0B93D45C4BE2A3B1305D2B027C51&MUID=1980ED05CA2A69DC0C71FE32CB2A68CA

Request Chain 1135

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3W1ZENk9VkDGYAUR2zpNFNpoARbGPFBF0jyffEEa

Request Chain 1136

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5589260742170955798&gdpr=0&gdpr_consent=

Request Chain 1137

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7247186184439789714&gdpr=0&gdpr_consent=

Request Chain 1138

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBLVRVN0pKbHNBQUJfR0VjVkoydw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAA-TU7JJlsAAB_GEcVJ2w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAA-TU7JJlsAAB_GEcVJ2w&pid=558502&do=add&gdpr=0 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAA-TU7JJlsAAB_GEcVJ2w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=7047329588402905016&gdpr=0&gdpr_consent= HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAA-TU7JJlsAAB_GEcVJ2w&gdpr=0&gdpr_consent=

Request Chain 1139

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TW1pEDX9XsNcY8UojiLEdCU6Ovg&gdpr=0&gdpr_consent=

Request Chain 1141

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CA57F6AE-0E19-4326-BAA9-8F1794321670&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CA57F6AE-0E19-4326-BAA9-8F1794321670&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 1142

https://pixel.onaudience.com/?partner=214&mapped=CA57F6AE-0E19-4326-BAA9-8F1794321670&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bdde43eb43588a9d/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1

Request Chain 1145

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1b2e4395-99bc-4397-9f27-8596723f56e1&gdpr=0&gdpr_consent=&gdpr_pd=

Request Chain 1147

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3792032271343893360&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 1166

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YmNlNjg5NzM5M2EwZmQyOGE5MjU2OGI3NDUxZmM4Yjc=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 1167

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=bce6897393a0fd28a92568b7451fc8b7&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 1178

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZTU4YTE1NmQzODVmMzZlNTUzNGY4OTkxOTUzOTVkNw==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 1180

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=15fc2893e957cdf248b92e10d7ed7eb&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 1195

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3b0fd566-02a1-4b0f-9db4-95e140e8e0ef

Request Chain 1198

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3792032271343893360

Request Chain 1199

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=TW1pEDX9XsNcY8UojiLEdCU6Ovg

Request Chain 1231

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 1233

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=CA57F6AE-0E19-4326-BAA9-8F1794321670&gdpr=0&gdpr_consent=

Request Chain 1236

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c7450c6b-5486-4e5c-b766-34bf5986541f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 1241

https://static.socialminer.com/custom/0d2ab486745b45cf991c8d91aa3e3e5f/custom.js HTTP 301
https://static.socialminer.com/custom/default.js

Request Chain 1260

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhQQnWYnhWYVSSgRQ%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DwoK5xk2lhQQnWYnhWYVSSgRQ%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhQQnWYnhWYVSSgRQ&gdpr=0&gdpr_consent=

Request Chain 1261

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=765628785 HTTP 302
https://sync.1rx.io/usersync/turn/3792032271343893360?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-ec8a09f1-09fe-47dc-8deb-60a9efac3cb2-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-ec8a09f1-09fe-47dc-8deb-60a9efac3cb2-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ec8a09f1-09fe-47dc-8deb-60a9efac3cb2-003

Request Chain 1263

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D591207245924888BE3C3131620A3141&gdpr=0&gdpr_consent=

Request Chain 1264

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5589260742170955798

Request Chain 1282

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MjU2OTljY2EzOTgyMDEyM2Q3MmE3ZTYyYTViYmEy&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 1284

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=70e2c0ff2fbeedce3a7d9afe55f236&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 1294

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=Mjg2MDMyZTVkZjFiZDFhOTZkYjcyMzU2NDRjOTc0Mw==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 1296

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=d9c2847dd5f4bdc4809181c56a9ee957&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 1308

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3b0fd566-02a1-4b0f-9db4-95e140e8e0ef

Request Chain 1311

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3792032271343893360

1293 HTTP transactions
21 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.correiodopovo.com.br/
Redirect Chain

http://correiodopovo.com.br/
https://correiodopovo.com.br//
https://www.correiodopovo.com.br/

367 KB
76 KB

629ms
20ms

Document
text/html

179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f9c8ddd85a4328e3ff24a089c1ceee312c68dad1952a4e442b2c6d55bad09dfa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=900
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Wed, 21 Jun 2023 17:03:39 GMT
expires: Wed, 21 Jun 2023 17:18:39 GMT
server: nginx/1.18.0 (Ubuntu)
v: 5

Redirect headers

access-control-allow-origin: *
cache-control: private
content-length: 149
content-type: text/html; charset=utf-8
date: Wed, 21 Jun 2023 17:03:38 GMT
location: https://www.correiodopovo.com.br
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H2 200 jquery-1.11.0.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.143.1551460756!/ 94 KB
38 KB 30ms
23ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.143.1551460756!/jquery-1.11.0.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Fri, 01 Mar 2019 17:19:16 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding, User-Agent
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 47ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;900&display=swap

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc329246e5214b6ed164ded83b65a7a55f5af3c93662c5f2cd75d9a5583a2474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 17:03:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Jun 2023 17:03:39 GMT

GET
H2 200 cda-partners-bar.esm.js Show response
assets.r7.com/cda-partners-bar/cda-partners-bar/ 424 B
490 B 599ms
526ms Script
application/x-javascript 95.101.148.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.r7.com/cda-partners-bar/cda-partners-bar/cda-partners-bar.esm.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.101.148.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d7d4cd9ed83ea5d53fb154f71155e1bb3b6ee04d14933b8c16d43a0d41bcbcee

Request headers

Referer: https://www.correiodopovo.com.br/
Origin: https://www.correiodopovo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 13 Jun 2023 14:23:45 GMT
server: AkamaiNetStorage
etag: "62804c6b12ba8aae47029c409e37765a:1686666225.313156"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 305

GET
H/1.1 200
OK correiodopovo_22098.js Show response
ads.vidoomy.com/ 5 KB
5 KB 429ms
135ms Script
application/javascript 3.19.54.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.vidoomy.com/correiodopovo_22098.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.19.54.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-19-54-139.us-east-2.compute.amazonaws.com
Software: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash: 51e6031eb24689187bae1f869b59f03ca7c697eb5d714e677282075305888f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:40 GMT
Server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=300
Content-Length: 5127

GET
H2 200 3394c06d-2aae-41be-b792-9bcbfc13a839.js Show response
tags.cmp.tail.digital/ 109 KB
35 KB 1247ms
14ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.cmp.tail.digital/3394c06d-2aae-41be-b792-9bcbfc13a839.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8c087f08d42aebe8faa158f3af9246766f3561948f91f073fda63459713bb7dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:42:44 GMT
content-encoding: gzip
age: 1256
x-guploader-uploadid: ADPycdsppLLHM6oWMGz2ZqWwQlp6RoFOjsFDcbD-bXiREKjMuecPKQym1p6aOvwBxeRpy0_mWD0j3W4DES7WCCDP0ly5-zTqymRy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35148
last-modified: Wed, 16 Feb 2022 13:34:38 GMT
server: UploadServer
etag: "91de0658dc4bf9912cd069fb86b1ccdb"
vary: Accept-Encoding
x-goog-generation: 1645018478826061
x-goog-hash: crc32c=oP4OOw==, md5=kd4GWNxL+ZEs0Gn7hrHM2w==
content-type: application/javascript; charset=UTF-8
cache-control: max-age=3600,public
x-goog-stored-content-length: 35148
accept-ranges: bytes

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
48 KB 124ms
96ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b68b95b3d700404e71ae3085a4acf08a1fdae3ac041a5dc1f73f373b1341f0b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48240
x-xss-protection: 0
server: cafe
etag: 17815114605725905578
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:39 GMT

GET
H2 403 tag.js
a.teads.tv/analytics/ 0
0 117ms
43ms Script
application/xml 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: br
x-amz-request-id: EX6YP43A4DBWNCWW
vary: Accept-Encoding
content-type: application/xml
cache-control: private, max-age=3600
content-length: 243
x-amz-id-2: ZphixvU5lcIVzY1F4iuiySL1yrU0ZMp4Yc8iJnjcrdG1gvPduJzz64FZtwAx0P8dVqc16v4Bzj4=

GET
H2 200 container_X2WNYyk5.js Show response
tagmanager.alright.network/manager/js/ 73 KB
21 KB 92ms
10ms Script
application/javascript 13.32.99.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagmanager.alright.network/manager/js/container_X2WNYyk5.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-47.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4e47726d712fa6a1f91150b1158dbf2e2bdedc1ac5c52523482897dd323c9588

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:54:00 GMT
content-encoding: gzip
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 13:14:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 579
x-amz-server-side-encryption: AES256
etag: W/"326b65c04f4d4e1baa817cc4cfe31f86"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 0RL-oayUmmTCKVg9jddB7tMy_CZN-PSW8wLrr71Hwht5vMeo4ep5gA==

GET
H2 200 css
fonts.googleapis.com/ 3 KB
738 B 48ms
18ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 15:40:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Jun 2023 17:03:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1007 B 47ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:300italic,400italic,700italic,400,700,300

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

619820b66421bddb8b87522fee81c348e519864ecc4da6cdb968851722b3de24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 17:02:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Jun 2023 17:03:39 GMT

GET
H2 200 bootstrap.min.css
www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/ 107 KB
23 KB 33ms
24ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Fri, 01 Mar 2019 17:19:18 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 belamais.css
www.correiodopovo.com.br/polopoly_fs/3.232526.1615315562!/ 27 KB
6 KB 34ms
25ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.232526.1615315562!/belamais.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: eca965f18f3bf501516fd5bdd7343363c6c8d002531d573a7461ad3281a27aa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:46:03 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 style.css
www.correiodopovo.com.br/polopoly_fs/3.194.1594145527!/ 146 B
311 B 34ms
25ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.194.1594145527!/style.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 74f8bb668af45bc33e9009c79f96d20f72b101b6aa2e54367ca1d57fee38376a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 07 Jul 2020 18:12:08 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 style.css
www.correiodopovo.com.br/polopoly_fs/3.302.1615315537!/ 865 B
591 B 35ms
26ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.302.1615315537!/style.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 65b19a5808c1a1d2593655c2b3c39ea52db2d0daa2a7cb3fbad3c2f71bef370b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:45:37 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 comments.css
www.correiodopovo.com.br/polopoly_fs/3.259.1551461019!/ 310 B
397 B 35ms
27ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.259.1551461019!/comments.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: be3ec5f1725890958c7ef75833b5fcaf41aa692812557006dec25f664b77ce33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Fri, 01 Mar 2019 17:23:40 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 video-js.css
www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/ 13 KB
4 KB 36ms
28ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/video-js.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a51d30b532fd6d11b67754b83e3af505df5fdc961fbbbe801afaa86e93841bab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Fri, 01 Mar 2019 17:23:33 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 video.css
www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/ 561 B
539 B 37ms
28ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/video.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9639244213f83b30ccdc150e7b592be27b96d2d5eb06ce4753ad449ee4845a2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Fri, 01 Mar 2019 17:23:33 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.237.1615315513!/ 2 KB
699 B 42ms
33ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.237.1615315513!/MainElement.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c9996338cf56895fe00f9ce9bd9733fbc484e636442a6c6917ee959cad2bcf85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:45:13 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.234.1615315510!/ 39 B
257 B 42ms
34ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.234.1615315510!/MainElement.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3c550cc6106b84782b282835ee72face4e1d2e527a895493d5aa0a47359fe63b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:45:11 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/ 38 B
256 B 42ms
34ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/MainElement.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 492253d2d2da0bebbef019e63d904ddb0b096f5a037c781a7cfda22c2332f692

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:45:06 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 tags.carousel.css
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/ 5 KB
2 KB 43ms
35ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/tags.carousel.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0cfd7a9f5b0e61c7667f3a157f90e0f4d7b8b0f8f4bee90d224899140030cda0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:45:01 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 tags.theme.default.css
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/ 1 KB
781 B 43ms
35ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/tags.theme.default.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: aaad17d860310d83cdb8c7cfc336143de3f08ea3c34ced5d880bd6c666247ebc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:45:01 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 owl.carousel.css
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/ 5 KB
1 KB 43ms
35ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/owl.carousel.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8dd2b33486d15e920d6c71a134be819cb5559c83d45e0016e52f7c9f8dc718e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:45:01 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 owl.theme.default.css
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/ 3 KB
1 KB 44ms
36ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/owl.theme.default.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4e369635987f4ee1f4bad20a4c30a6eeb4fc2afe3f185fa9f6a8ecb2c5131457

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:45:01 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 social-auth.css
www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/ 46 B
264 B 46ms
38ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/social-auth.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2f18363fdebecf3ebd553e917a0048fd4644f33250cb98a12be9cf4597ea3919

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:44:30 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 bootstrap-social.css
www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/ 20 KB
3 KB 46ms
39ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/bootstrap-social.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 544fed9092e26545359b1586b76bcca554329ecfc5f204beaf06bfa4fa6fd2fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:44:29 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 fotorama.css
www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/css/ 15 KB
4 KB 47ms
39ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/css/fotorama.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4f9fd83d65a6ad09005ec3e12537a23beb340cd017fce8749e138bfeb530da68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:44:22 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 fotorama-custom.css
www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/css/ 738 B
520 B 48ms
41ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/css/fotorama-custom.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a3226ebe4e39bc1ddcc45093d268ce2fb898cd9d27ed7e75100a97602229169a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:44:22 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 SearchElement.css
www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/ 1 KB
704 B 49ms
41ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/SearchElement.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2f42b3a57c656fe308f398180a400f6b7f687e8396b9e1adabd83e67e7143968

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:44:19 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 style.css
www.correiodopovo.com.br/polopoly_fs/3.197.1615315455!/ 909 B
578 B 50ms
42ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.197.1615315455!/style.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3923e7c182008b2e667b295342b146adace165e25a8993e73e8688288968ac1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:44:15 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 style.css
www.correiodopovo.com.br/polopoly_fs/3.184.1615315445!/ 110 B
309 B 51ms
43ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.184.1615315445!/style.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 62e8401c97fb76307bac29e33631c8775c9b9e15d7506ca0bda87fff66452420

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:44:06 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.178.1615315437!/ 857 B
487 B 51ms
44ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.178.1615315437!/MainElement.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c65dc23c9b6d7bdf0633746c5c48ab5fab0074c5087cfb6f2a814a426fd62273

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:43:57 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.175.1615315435!/ 456 B
435 B 52ms
45ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.175.1615315435!/MainElement.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: fb66d50466654410ed1aba9e24bb40f3e64594968136cfc472c1afd1eb180dba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:43:55 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 font-awesome.min.css
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/css/ 20 KB
5 KB 54ms
47ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/css/font-awesome.min.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:43:42 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 fontscorreio.css
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/ 398 B
332 B 55ms
48ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 57214cdcf15665a435ed82c94b38f24c078b11949eb3a706ad8ae67a3318be5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:43:43 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 fontsbelamais.css
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontsbelamais/css/ 244 B
338 B 55ms
48ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontsbelamais/css/fontsbelamais.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 38c8cf532fa433d258c72dc8b5df1c1497720980a953c1072ec8538006fe79df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:43:44 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 stylenovo.css
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/ 46 KB
11 KB 57ms
50ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/stylenovo.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8de1758d33f2f42d6812a8c146fd5c785b12e4d071ecab06b9b05848072bb850

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:43:45 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 style.css
www.correiodopovo.com.br/polopoly_fs/3.153.1615315412!/ 140 B
321 B 58ms
51ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.153.1615315412!/style.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e0a652a1bd36b70149fa3c6fdb4bd8641593273e261f2c43ae5e5309fa98bd56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:43:32 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.150.1615315409!/ 470 B
462 B 59ms
52ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.150.1615315409!/MainElement.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 923c7bc114115535d3859aa2a1ab45e35c6a674d7b221d6cb3b3520f6550d053

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:43:29 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 autotrack.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.137.1615315402!/ 25 KB
8 KB 70ms
63ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.137.1615315402!/autotrack.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: deaa8c25f96a0b2b3f348a5f55da84b402621e4a4be31baeb56ba3de133c99d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:43:24 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 jquery.cookie.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.137.1615315402!/ 1 KB
1022 B 71ms
65ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.137.1615315402!/jquery.cookie.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cfcc22d197db65b2991542ddb35450493e299781d1491c95015d0f8537ccdf4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:43:24 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2

200

embed.js Show response
www.instagram.com/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js

55 KB
20 KB

108ms
47ms

Script
application/x-javascript

2a03:2880:f276:e8:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/embed.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Server

2a03:2880:f276:e8:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

87c88050417dac135e73defbde7fb301d7753d9c4c1365529f358e93f9cac0ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: br
x-content-type-options: nosniff
date: Wed, 21 Jun 2023 17:03:39 GMT
content-md5: 92KkYw37yr2KCDH4F4uosg==
document-policy: force-load-at-top
edge-control: cache-maxage=1200s
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19514
reporting-endpoints: default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown"
x-fb-debug: Y7w/vSpvEnRh8U1f9g/5kcrccOpRLJw4E1nvjYVnYaib0NLyzpJ4uvwQA9H/cdddn6X0NNOct9Jekhd+R+RB/A==
x-fb-trip-id: 1679558926
x-fb-content-md5: 67986f19d3e58889f733c9d287d9f005
cross-origin-opener-policy: same-origin-allow-popups
etag: "68b418a11a17c992379691c6cc3ebc03"
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:23:39 GMT

Redirect headers

location: https://www.instagram.com/embed.js
date: Wed, 21 Jun 2023 17:03:39 GMT
x-fb-trip-id: 1679558926
server: proxygen-bolt
content-length: 0
content-type: text/plain

GET
H2 200 trecolunas-b-7.23985
www.correiodopovo.com.br/cmlink/ 742 B
586 B 59ms
53ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/cmlink/trecolunas-b-7.23985
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7f2ac17e08d2a1d593c1302488c40fcab6f1ba32fde1a7cb662787211c32b6b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Thu, 13 Apr 2023 14:33:25 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css;charset=utf-8
v: 5
cache-control: max-age=900
expires: Wed, 21 Jun 2023 17:18:39 GMT

GET
H2 200 styles-h2-7.22686
www.correiodopovo.com.br/cmlink/ 304 B
432 B 60ms
54ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/cmlink/styles-h2-7.22686
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9c15145e1d34d89bb8c2161655f8ac4904dd367e359aa1fbf733aa021d7c862b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Wed, 13 Jul 2022 13:41:00 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css;charset=utf-8
v: 5
cache-control: max-age=900
expires: Wed, 21 Jun 2023 17:18:39 GMT

GET
H2 200 ilimpiadas-7.22631
www.correiodopovo.com.br/cmlink/ 557 B
505 B 61ms
55ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/cmlink/ilimpiadas-7.22631
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 66296b6fd0b852386b1c4e4e83bf4ad832596ea81717e7656e98738922f9419a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Thu, 22 Jul 2021 13:00:04 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css;charset=utf-8
v: 5
cache-control: max-age=900
expires: Wed, 21 Jun 2023 17:18:39 GMT

GET
H2 200 removetemperatura-7.22567
www.correiodopovo.com.br/cmlink/ 193 B
383 B 62ms
56ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/cmlink/removetemperatura-7.22567
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 94b2c683ab690416e47f5adc49063b6f75d87068b94bbf1cef117e3e96561e73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 29 Jun 2021 13:35:06 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css;charset=utf-8
v: 5
cache-control: max-age=900
expires: Wed, 21 Jun 2023 17:18:39 GMT

GET
H2 200 vacinometro-7.22513
www.correiodopovo.com.br/cmlink/ 158 B
361 B 62ms
57ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/cmlink/vacinometro-7.22513
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8df6acde652c14372290a20f0cf32a3d2d68569d75dc2876ba5528bd339616c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 20:02:03 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css;charset=utf-8
v: 5
cache-control: max-age=900
expires: Wed, 21 Jun 2023 17:18:39 GMT

GET
H2 200 patrocinio-topo-f2-7.22393
www.correiodopovo.com.br/cmlink/ 1 KB
724 B 63ms
58ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/cmlink/patrocinio-topo-f2-7.22393
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 422b8ea6ee3c80f48094f9718eaa8b7ca5d9842e048f2e814bfa748191db8d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 14:22:38 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css;charset=utf-8
v: 5
cache-control: max-age=900
expires: Wed, 21 Jun 2023 17:18:39 GMT

GET
H2 200 eleicao3-p-7.22099
www.correiodopovo.com.br/cmlink/ 7 KB
2 KB 64ms
59ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/cmlink/eleicao3-p-7.22099
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d685e85051851e605c182bf42de95aa5e04c0993015c7919ecb460feb7da6725

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Mon, 26 Sep 2022 13:19:24 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css;charset=utf-8
v: 5
cache-control: max-age=900
expires: Wed, 21 Jun 2023 17:18:39 GMT

GET
H2 200 grid-s16l-7.21805
www.correiodopovo.com.br/cmlink/ 55 KB
12 KB 65ms
60ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/cmlink/grid-s16l-7.21805
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a943f7c447599749195bad885b0ce42ae66e804a20724e7a9b697c69a7c3cc28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 20 Jun 2023 11:30:53 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css;charset=utf-8
v: 5
cache-control: max-age=900
expires: Wed, 21 Jun 2023 17:18:39 GMT

GET
H2 200 cssbellamais-7.21806
www.correiodopovo.com.br/cmlink/ 748 B
509 B 66ms
61ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/cmlink/cssbellamais-7.21806
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b6a9d79c1ddb2fa19e36c55b772b5bc03f28ff0ea32dbac5da27497d4490aec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Wed, 30 Sep 2020 20:24:59 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css;charset=utf-8
v: 5
cache-control: max-age=900
expires: Wed, 21 Jun 2023 17:18:39 GMT

GET
H2 200 eleicao-2022-a17-7.23664
www.correiodopovo.com.br/cmlink/ 955 B
665 B 67ms
62ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/cmlink/eleicao-2022-a17-7.23664
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 869083889eb786e85c227f2ce106d96b367de58bd6f8fb3f4151629bee44136b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2022 20:12:19 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/css;charset=utf-8
v: 5
cache-control: max-age=900
expires: Wed, 21 Jun 2023 17:18:39 GMT

GET
H2 200 com.atex.gong.paywall.membership.js Show response
www.correiodopovo.com.br/js/ 7 KB
2 KB 70ms
65ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/js/com.atex.gong.paywall.membership.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9ff5526fbe195ceaf4c14ad2a2adb2ebb1428fc3fade5a2bccc9a00a14bb24d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Thu, 04 Oct 2018 03:33:34 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 ws-GTAYHGT2.js Show response
wfpscripts.webspectator.com/bootstrap/ 1 KB
934 B 351ms
104ms Script
application/x-javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/bootstrap/ws-GTAYHGT2.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: fbd1edd661c3eeeae3650b9b6511e253dfe96ea8b4d016407025d439d40def1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 03 Dec 2019 16:04:01 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"b0dccc480294ce8e2bfa6b534879b285"
x-cache-status: HIT
content-type: application/x-javascript
cache-control: max-age=31536000

GET
H2 200 Correio_do_Povo_branco.png
portal.correiodopovo.com.br/imagens/ 4 KB
4 KB 695ms
473ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/Correio_do_Povo_branco.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 Porto Alegre, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2709dcd48925c938d98757dd3cbc7708d9f49eb46212174d7954a68ff66390e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
last-modified: Mon, 15 Jul 2019 19:56:33 GMT
server: Microsoft-IIS/10.0
etag: "e0743667473bd51:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 3706

GET
H2 200 Correio_do_Povo.png
portal.correiodopovo.com.br/imagens/ 15 KB
15 KB 690ms
468ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/Correio_do_Povo.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 Porto Alegre, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f4a852bdf0dfa921e7144308a4c48b1aed1695389eb76bdd71d4a48799441052

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
last-modified: Mon, 15 Jul 2019 19:56:33 GMT
server: Microsoft-IIS/10.0
etag: "e99a3667473bd51:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 15396

GET
H2 200 linkedin.png
portal.correiodopovo.com.br/imagens/social/ 347 B
427 B 693ms
471ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/social/linkedin.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 Porto Alegre, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 29fc8c47a94d2164aa2cbedd171d0975dc9d2ba60921e36eb580467f0a68af13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
last-modified: Fri, 28 Aug 2020 14:48:23 GMT
server: Microsoft-IIS/10.0
etag: "282b6474a7dd61:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 347

GET
H2 200 instagram.png
portal.correiodopovo.com.br/imagens/social/ 676 B
757 B 457ms
235ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/social/instagram.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 Porto Alegre, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fe55f6306326e8e0ae4495684d8d742eeb3565d40bc0c9d95e0c6f557a65e64c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
last-modified: Fri, 28 Aug 2020 14:48:33 GMT
server: Microsoft-IIS/10.0
etag: "a8a1ae4d4a7dd61:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 676

GET
H2 200 facebook.png
portal.correiodopovo.com.br/imagens/social/ 295 B
376 B 419ms
235ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/social/facebook.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 Porto Alegre, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3e4cf41484e16a8e99ea65620ecac036df5d23dc0b60adfa7ced3f7793f26f72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
last-modified: Fri, 28 Aug 2020 14:48:57 GMT
server: Microsoft-IIS/10.0
etag: "dfbde25b4a7dd61:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 295

GET
H2 200 youtube.png
portal.correiodopovo.com.br/imagens/social/ 382 B
463 B 654ms
471ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/social/youtube.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 Porto Alegre, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8cba0effb5b2fe3741e8a4c0e81f3eec76b8d864e39d05b3c3182dcb427ce308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
last-modified: Fri, 28 Aug 2020 14:49:17 GMT
server: Microsoft-IIS/10.0
etag: "e2d595674a7dd61:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 382

GET
H2 200 twitter.png
portal.correiodopovo.com.br/imagens/social/ 484 B
612 B 418ms
234ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/social/twitter.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 Porto Alegre, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 401c305a433d8f0ec7bcad2bf9acd9637e04aa91fe02d5c6ee4ffefafc8fd206

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
last-modified: Fri, 28 Aug 2020 14:49:09 GMT
server: Microsoft-IIS/10.0
etag: "e73b13634a7dd61:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 484

GET
H2 200 hiltor.png
www.correiodopovo.com.br/image/policy:1.490139:1601522967/image/ 5 KB
5 KB 52ms
48ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490139:1601522967/image/hiltor.png?f=1x1&q=0.6&w=120&$p$f$q$w=3ce26f5
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 4a7f23140fdee7b942e103630d4000964fa40677974ca143f6e59a5afc477607

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 24267
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 5394
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 pitlane.png
www.correiodopovo.com.br/image/policy:1.490575:1601576032/image/ 4 KB
4 KB 52ms
49ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490575:1601576032/image/pitlane.png?f=1x1&q=0.6&w=120&$p$f$q$w=e0931c8
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 943222bb540343366077d429e5e93cb3d407ef58e8cfe767810b4013729188a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 20789
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 4136
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 57 KB
22 KB 38ms
15ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d46864d02182a24eef45e0437d744a667d4ee1209279629029525db3a721b410

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Jun 2023 17:03:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "fdc7b28eb205a83d"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:39 GMT

GET
H2 200 password.png
portal.correiodopovo.com.br/imagens/graphics/ 807 B
887 B 653ms
469ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/graphics/password.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 Porto Alegre, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c8163d8f7a418da8d361c6d638e6b014f1f4221c6091b989eead42affb46bfe8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
last-modified: Tue, 08 Sep 2020 20:57:00 GMT
server: Microsoft-IIS/10.0
etag: "0f686982286d61:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 807

GET
H2 200 image.jpg
www.correiodopovo.com.br/image/policy:1.1051285:1687366695/ 11 KB
12 KB 57ms
53ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1051285:1687366695/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 6b80eaba8e2ef443fb35d5897e78180864636bd4a7591c7ec296dbc3ca839576

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 9605
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 11704
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 image.jpg
www.correiodopovo.com.br/image/policy:1.1051276:1687366105/ 7 KB
7 KB 58ms
54ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1051276:1687366105/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: fe0b943e69b36c68789170c04f5f1436d5b44d110d555ecba91fe0d96342278b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 6888
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 7246
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 image.jpg
www.correiodopovo.com.br/image/policy:1.1051277:1687366189/ 10 KB
10 KB 58ms
54ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1051277:1687366189/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 5db74c759e3864b51ba36327e383e4c5cae93cca9a5d6950ab174d5730f8b0f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 9129
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 9948
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 image.jpg
www.correiodopovo.com.br/image/policy:1.1051266:1687365235/ 10 KB
10 KB 58ms
55ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1051266:1687365235/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 659e353d79e9c056607c464f393e017a6a4d37dd604bad873ea7d05f5b0fed94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 8734
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 9892
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 image.jpg
www.correiodopovo.com.br/image/policy:1.1051265:1687365211/ 5 KB
6 KB 59ms
55ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1051265:1687365211/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 44f6308a91eec4935a83a7edae1570a05be1d4029ac5765c48f7d585425b06dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 5716
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 5518
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 Correiodopovo_horizontal.png
portal.correiodopovo.com.br/imagens/ 3 KB
3 KB 240ms
240ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/Correiodopovo_horizontal.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 Porto Alegre, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7ab05755223b4fa8febb2f840e6fc8ab3c5a2e7198830cedcfb9cbc50f8d6749

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
last-modified: Thu, 29 Dec 2022 12:35:42 GMT
server: Microsoft-IIS/10.0
etag: "bbaeb710821bd91:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 3376

GET
H2 200 bootstrap.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/js/ 31 KB
10 KB 26ms
20ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/js/bootstrap.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Fri, 01 Mar 2019 17:19:18 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 Imager.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.159.1615315419!/ 6 KB
3 KB 27ms
20ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.159.1615315419!/Imager.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cb8645e0bd04e1ff25faa1c0e956ad2f12f35d752d55ba2ae97cee37d37e2836

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:43:39 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 jquery.cookie.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.191.1615315451!/ 1 KB
1022 B 27ms
21ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.191.1615315451!/jquery.cookie.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cfcc22d197db65b2991542ddb35450493e299781d1491c95015d0f8537ccdf4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:44:12 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 users.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.191.1615315451!/ 810 B
609 B 28ms
21ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.191.1615315451!/users.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2b87ad2e3dbfb1efc89a89bc0da9f724824d1612ae8db8bf7e47dd337fdc7151

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:44:12 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 persona.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.194.1594145527!/ 441 B
483 B 28ms
21ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.194.1594145527!/persona.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4f90beb9c5ce266d97c88013d263ba85320e90d5fc6f3ab016d42aafd330d70e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 07 Jul 2020 18:12:08 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 poll.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.302.1615315537!/ 1 KB
802 B 29ms
22ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.302.1615315537!/poll.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d97edfe6552e3143d0007b5e8103f3b39a3dd32898a97c20cb7337978feaf83f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:45:37 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 autosize.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.259.1551461019!/ 2 KB
1 KB 30ms
23ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.259.1551461019!/autosize.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 78ac6beb4da15e1e9f06a07eeb39f8f7ea755cd4c3e5958fddb4aa14fc72e123

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Fri, 01 Mar 2019 17:23:39 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 video.js Show response
www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/ 66 KB
23 KB 32ms
25ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/video.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: db4243fcb42af79e27f42ebeb09f99e3ef5b4e0ea12f99cbd10d29e28e6966fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Fri, 01 Mar 2019 17:23:32 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 tags.carousel.js Show response
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/ 46 KB
14 KB 33ms
27ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/tags.carousel.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5f86eaa44bebd90324fd49d796ef010ec39f6af364018066d4e2ace0bab956fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:45:02 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 tags.navigation.js Show response
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/ 11 KB
4 KB 34ms
27ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/tags.navigation.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6bb3c7d3cd8b6ae6301a23cafa2167ed0fe548f5dc0826af8643c16844333c2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:45:02 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 owl.carousel.js Show response
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/ 32 KB
9 KB 35ms
29ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/owl.carousel.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c8be74ac4dc355f0a46acec8e7ab86091eca59c2eaac5d21a0b403bd6241291e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:45:02 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 social-auth.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/ 490 B
505 B 47ms
41ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/social-auth.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1b084d429d350edc68e28a4b0f291b97bfcc1a8ae416b5c16cf8b0d11e1e59fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:44:30 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 fotorama.js Show response
www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/js/ 38 KB
18 KB 48ms
42ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/js/fotorama.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: dfaff480d3d69518a9293729aeb2d9c8c651d4bf6f1a38d1d64afab8566ed817

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:44:22 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 namespace.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/ 220 B
381 B 48ms
42ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/namespace.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e9a50c3fbd67964dcbfc166909d19e96f25f32c40ad50d656899f2aa381973b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:44:20 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 SearchElement.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/ 549 B
502 B 48ms
42ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/SearchElement.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: be735dbbce112db814813ebefa31710c76e242cce684d3daf6a9598bcac039f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:44:20 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 personalization.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.197.1615315455!/ 887 B
742 B 52ms
46ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.197.1615315455!/personalization.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a752ad4a6219ea21dec555f682ff9e49ed22c8c4c4e2d992312b13c8cebcec31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:44:15 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 infiniteScroll.js Show response
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/js/ 2 KB
1 KB 52ms
47ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/js/infiniteScroll.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 59758d6213ae16ffc0498f7ec1747b84047dd0cc9ff2c1da7aeb66b47f9bda5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:43:42 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 funcoes.js Show response
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/js/ 8 KB
3 KB 53ms
47ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/js/funcoes.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c740d8dd4494a96507134e544fb09e2d7e7812ded83f4978c7e5878188414647

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:43:42 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 plugin.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.153.1615315412!/ 192 B
356 B 53ms
48ms Script
text/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.153.1615315412!/plugin.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 98344eec8842ef328890a29cd19a5d3b308eb9db3906b47e8146e5231d4a2eb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 18:43:32 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 135 KB
52 KB 57ms
23ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4919854a8aa849c6160c25b288f01fd5a52d6b9901afbaadb32fcb5d6636eaa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52671
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 16:44:10 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jun 2023 17:03:39 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
26 KB 109ms
64ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b77aabe4e52b426d63d1cbefe605dc77adc5700d75e7e5362071fd0683df889

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26436
x-xss-protection: 0
server: cafe
etag: 577 / 19529 / m202306140101 / config-hash: 13361936451535775382
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:39 GMT

GET
H2 200 prebid.js Show response
tags.denakop.com/ 272 KB
84 KB 72ms
28ms Script
application/javascript 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.denakop.com/prebid.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee888bc3e7a166fe422eb4ba38421559ac0d86114235822d5ee02d8c5bdd7d63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 17 Apr 2023 14:43:23 GMT
server: cloudflare
age: 2542
cf-polished: origSize=279167
etag: W/"643d5b0b-4427f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, must-revalidate, max-age=3600
timing-allow-origin: *
cf-ray: 7dadd381ee1e39df-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 correiodopovo.com.br.js Show response
tags.denakop.com/10102/ 217 KB
39 KB 80ms
37ms Script
application/javascript 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.denakop.com/10102/correiodopovo.com.br.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b35c144a6235b9b87a61739cb176a661daa712da0f0afe7c1fad1c72690f457e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 21 Jun 2023 15:21:00 GMT
server: cloudflare
age: 1909
etag: W/"6493155c-36494"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, must-revalidate, max-age=3600
timing-allow-origin: *
cf-ray: 7dadd381ee2239df-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 d51d4asv1d Show response
www.clarity.ms/tag/ 1013 B
1 KB 253ms
187ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/d51d4asv1d
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 25a08246c06faeac92564a058d4b96baed8d09cbf540867475a24e21edbb0090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: -1
date: Wed, 21 Jun 2023 17:03:40 GMT
x-azure-ref: 20230621T170339Z-90pgggfb515mpcnyww6w7pzqtn00000001yg00000000mghh
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1013
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 14 KB
5 KB 55ms
23ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 20:59:24 GMT
server: cloudflare
age: 855
etag: W/"642de12c-36d1"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7dadd3824c8bbbd1-FRA
expires: Wed, 21 Jun 2023 17:49:24 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 112 KB
29 KB 36ms
12ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b9d9c248d1c87f59c7f19b198c5ed7310a4bfd0f57759dd87d649b00ec9fdb5b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 21 Jun 2023 17:03:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 28296
x-xss-protection: 0
pragma: public
x-fb-debug: lhIVkM/9uTMzR+gPF+EPAIucZqHL61oerRxvfGbn2Ig9ideMPjwvGj/UD0jcLnpQZ8ysL9NYzURnC6BoAOTagQ==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK init Show response
webservices.webspectator.com/ 3 KB
2 KB 473ms
107ms Script
application/javascript 34.207.18.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/init?appId=GTAYHGT2&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1687367019736
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-GTAYHGT2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.207.18.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-18-4.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 9e9c026574e7090913e27138fa6e988abc55fd676e125917d1c1499d28224bb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:40 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 71ms
19ms Script
application/javascript 13.249.9.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-GTAYHGT2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.9.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-9-34.cdg53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 08:03:30 GMT
content-encoding: gzip
via: 1.1 ef76486b8b2194781e7708296c3d455c.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: CDG53-C1
age: 64261
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: VIDeuY3h5HCZ3GJa8mC9kUNlD7bKUbXUGc6xZnpsu63Fl828JsXxYQ==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 70ms
8ms Script
application/javascript 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-GTAYHGT2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 28 Jun 2023 17:03:39 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/correiodopovo/ 557 KB
53 KB 70ms
39ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dd738da797655cbde0f1241879f9a20bf4cd3214bbf46338492d7465578c9483

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: jRhJ3WK8hc_NV_TfyFIg_4htKx2T3Ya3
content-encoding: gzip
via: 1.1 varnish
date: Wed, 21 Jun 2023 17:03:39 GMT
x-amz-request-id: WBD5E9VCBCRNKXB6
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
x-from-cache: 1
x-envoy-upstream-service-time: 12
x-amz-replication-status: FAILED
content-length: 53465
x-amz-id-2: cSzvgsBMhlYFp0AofhwVVJtwyE5ZzFpDqS9LBCTjczwUSHEpXFcAs+smB7VkB5dk21edrbAN/Z8=
x-served-by: cache-fra-eddf8230110-FRA
last-modified: Wed, 21 Jun 2023 17:03:39 UTC
server: nginx
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687367020.942495,VS0,VE32
etag: "a780e5a9b4513f6cf0399e9b98095aa021632abf"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 28
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 newsroom.js Show response
c2.taboola.com/nr/correiodopovo/ 61 KB
18 KB 249ms
205ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.taboola.com/nr/correiodopovo/newsroom.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d471b85115174ef1f00629f7b09127e04d599cc7421fcfc7884dcc4b2eb20cf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Wed, 21 Jun 2023 17:03:40 GMT
x-amz-request-id: VTHK38W65AXN8X9K
age: 0
x-cache: HIT
content-length: 17740
x-amz-id-2: y+N9/zbzRgHkimYFzncZc+r6SBZcAVBR/bfNcnCUx3CIHF5OQvsR9iejkoXUCFsbtWUlOsro6Hg=
x-served-by: cache-fra-eddf8230078-FRA
last-modified: Wed, 22 Jun 2022 16:41:01 GMT
server: AmazonS3
x-timer: S1687367020.955904,VS0,VE196
etag: "43475baefda33982402981c7219b0cd3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 hiltor.png
www.correiodopovo.com.br/image/policy:1.490139:1601522967/image/ 24 KB
24 KB 55ms
54ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490139:1601522967/image/hiltor.png?f=1x1&q=0.9&w=360&$p$f$q$w=4b00dcf
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 7f77ce3afcb4d662f955397388eb2730b542b7b83cbe6b68f09492167eaa8f82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 189676
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 24750
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 alexandre.png
www.correiodopovo.com.br/image/policy:1.488037:1601342579/ 19 KB
19 KB 56ms
54ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.488037:1601342579/alexandre.png?f=1x1&q=0.9&w=360&$p$f$q$w=885fff7
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 90616dca7ae72d7c64b6cfe5565724c1d2c220a7cca6f91b31ba69ed8e1583a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 172753
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 19072
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 taline.png
www.correiodopovo.com.br/image/policy:1.490134:1601522966/image/ 18 KB
18 KB 57ms
55ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490134:1601522966/image/taline.png?f=1x1&q=0.9&w=360&$p$f$q$w=4c53641
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 49582fd71fd13d10cd0d8071d8ddbf9abc5f5292e5f2bf83ff4028cd99dc16ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 190658
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 18710
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 jurandir.png
www.correiodopovo.com.br/image/policy:1.490138:1601522967/image/ 21 KB
22 KB 57ms
56ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490138:1601522967/image/jurandir.png?f=1x1&q=0.9&w=360&$p$f$q$w=44f0cae
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 1b0678babb056e8db180aac278ce7d4af6ea8a4616421b0c71e92b6e87266986

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 169649
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 21870
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 guilherme.png
www.correiodopovo.com.br/image/policy:1.490140:1601522968/image/ 15 KB
15 KB 59ms
58ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490140:1601522968/image/guilherme.png?f=1x1&q=0.9&w=360&$p$f$q$w=76b46ee
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: f7a939d43320bc1e8606404dfb97b3ac8cd6c32bb3f821d47112c36f343f3109

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 157332
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 15166
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 conill.png
www.correiodopovo.com.br/image/policy:1.490143:1601522968/image/ 15 KB
15 KB 60ms
59ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490143:1601522968/image/conill.png?f=1x1&q=0.9&w=360&$p$f$q$w=5265847
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: d3674fcd1c65192a32ebf67cc37b9aa3dbd5a83b1f67b590c7e2d08d30eae1d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 141166
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 15134
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 marco.png
www.correiodopovo.com.br/image/policy:1.840399:1655313550/ 9 KB
9 KB 64ms
63ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.840399:1655313550/marco.png?f=1x1&q=0.9&w=360&$p$f$q$w=564aff4
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: ec0be287a1c00dfa85378c4066214e1c2992e22352cb4f8e070f68d5724efde1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 57394
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 8924
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 paulomendes@300x.png
www.correiodopovo.com.br/image/policy:1.1017039:1681409447/ 19 KB
19 KB 64ms
63ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1017039:1681409447/paulomendes@300x.png?f=1x1&q=0.9&w=360&$p$f$q$w=ffbcc07
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 2d831179e0be4bd6ada01e86ef55713e6ed07b99537328c0b8936233004f1762

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 190626
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 19452
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 bessi.png
www.correiodopovo.com.br/image/policy:1.490144:1601522969/image/ 18 KB
18 KB 68ms
68ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490144:1601522969/image/bessi.png?f=1x1&q=0.9&w=360&$p$f$q$w=0159d65
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: af1f381103707015c1efb1924b9104a024a2a78c7c9e8a94f374764d19e6529e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 176614
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 18416
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 Prancheta%2048.png
www.correiodopovo.com.br/image/policy:1.490135:1601522966/image/ 17 KB
17 KB 70ms
69ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490135:1601522966/image/Prancheta%2048.png?f=1x1&q=0.9&w=360&$p$f$q$w=bce90c1
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 1153729ef4c4198a17c7dd7920e28939e62559e7806c94b7510627ed0cf3e5ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 164232
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 17388
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 gonzaga.png
www.correiodopovo.com.br/image/policy:1.490141:1601522968/image/ 21 KB
21 KB 71ms
70ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490141:1601522968/image/gonzaga.png?f=1x1&q=0.9&w=360&$p$f$q$w=f2519d3
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: e1525da0eb146a3c688ebfdb6c6e70e0488f8e39fbc4c61a7fbd62c906dd0747

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 194247
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 21096
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 ClanOT-Book.otf
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ 95 KB
95 KB 64ms
63ms Font
application/octet-stream 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ClanOT-Book.otf
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c9ef226218315b5804f91c7ae1b34352194e14f1dac157c814325d179dbcc25d

Request headers

Referer: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
Origin: https://www.correiodopovo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
last-modified: Tue, 09 Mar 2021 18:43:43 GMT
server: nginx/1.18.0 (Ubuntu)
content-type: application/octet-stream;charset=utf-8
v: 5
cache-control: max-age=2592000
content-length: 96896
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 40ms
16ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.correiodopovo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:34:09 GMT
x-content-type-options: nosniff
age: 354570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jun 2024 14:34:09 GMT

GET
H2 200 glyphicons-halflings-regular.woff
www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/fonts/ 23 KB
23 KB 71ms
71ms Font
application/x-font-woff 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/fonts/glyphicons-halflings-regular.woff
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7f98ff9434849daca0cadf865d4639a48d85a7ad473a30961680c7f285a885eb

Request headers

Referer: https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
Origin: https://www.correiodopovo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
last-modified: Fri, 01 Mar 2019 17:19:18 GMT
server: nginx/1.18.0 (Ubuntu)
content-type: application/x-font-woff;charset=utf-8
v: 5
cache-control: max-age=2592000
content-length: 23320
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 ClanOT-News.otf
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ 95 KB
95 KB 74ms
74ms Font
application/octet-stream 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ClanOT-News.otf
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9a877726a7ea75d3ff46da702d8e1efbf615f7af09763ac702b2fe96f3e6f998

Request headers

Referer: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
Origin: https://www.correiodopovo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
last-modified: Tue, 09 Mar 2021 18:43:43 GMT
server: nginx/1.18.0 (Ubuntu)
content-type: application/octet-stream;charset=utf-8
v: 5
cache-control: max-age=2592000
content-length: 97124
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 dialogosnovo.png
www.correiodopovo.com.br/image/policy:1.490809:1601591726/image/ 4 KB
4 KB 48ms
38ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490809:1601591726/image/dialogosnovo.png?f=1x1&q=0.9&w=360&$p$f$q$w=e228cf0
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 466acd3ef2156a1e8d6d03e52cce266d34fc3bcc6935dfaacd538ec88c0b198d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 11381
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 3930
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 cenarock.png
www.correiodopovo.com.br/image/policy:1.490576:1601576032/image/ 4 KB
5 KB 48ms
38ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490576:1601576032/image/cenarock.png?f=1x1&q=0.9&w=360&$p$f$q$w=121b5d6
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 6093fa05125a2ddaa0579896d3220cde2a3ae482ac434579b333be4eb6a76422

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 42068
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 4446
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 seculonovo.png
www.correiodopovo.com.br/image/policy:1.490810:1601591727/image/ 8 KB
8 KB 49ms
39ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490810:1601591727/image/seculonovo.png?f=1x1&q=0.9&w=360&$p$f$q$w=8c77f46
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: d4852e0c1e28302c1d482a7afe0c0cd2caf3207aa83bb34cdfa182dd2e6386ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 49818
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 8110
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 cf.png
www.correiodopovo.com.br/image/policy:1.794224:1648158777/ 9 KB
9 KB 49ms
39ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.794224:1648158777/cf.png?f=1x1&q=0.9&w=360&$p$f$q$w=b6632f3
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: d8958ea091fd848175b17f574bc266a363fff00a0b6ab142725a4f515fb4a4c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 92944
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 9396
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 pitlane.png
www.correiodopovo.com.br/image/policy:1.490575:1601576032/image/ 3 KB
4 KB 49ms
40ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490575:1601576032/image/pitlane.png?f=1x1&q=0.9&w=360&$p$f$q$w=b981aef
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: a189a43e0708b32e11bf920a63842025eeb0f635bdd737c84be1a762d03d763c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 24799
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 3554
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 Transformac-o-do-Centro-Historico.jpeg
www.correiodopovo.com.br/image/policy:1.729728:1637844665/ 31 KB
31 KB 49ms
40ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.729728:1637844665/Transformac-o-do-Centro-Historico.jpeg?f=1x1&q=0.9&w=360&$p$f$q$w=11d3ae6
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: ca63afb0e71483df7df157ce614ab53be07a421d957e362af170af4a9ea2697a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 49474
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 31628
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 cinecp.png
www.correiodopovo.com.br/image/policy:1.490582:1601576034/image/ 4 KB
5 KB 49ms
41ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490582:1601576034/image/cinecp.png?f=1x1&q=0.9&w=360&$p$f$q$w=8ecc1e0
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 1a0e5800bdc4bd7864e3657fa2f1b6637e8174914a53cea8e758b0dee0d05016

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 28419
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 4456
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 planonovo.png
www.correiodopovo.com.br/image/policy:1.715324:1635529944/ 4 KB
5 KB 50ms
41ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.715324:1635529944/planonovo.png?f=1x1&q=0.9&w=360&$p$f$q$w=b69b39d
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 526c57a813d9dd1aeaf8df85aa6926eb71c5da577bad5543643741ae28ef2a49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 31904
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 4452
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 dialogos.png
www.correiodopovo.com.br/image/policy:1.490581:1601576033/image/ 3 KB
4 KB 50ms
42ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490581:1601576033/image/dialogos.png?f=1x1&q=0.9&w=360&$p$f$q$w=3cf7946
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 5b8e349fe54136e445a39b530704cf05270fb20a6c144ea0267bd8176eb3698b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 8640
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 3468
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 campereada.png
www.correiodopovo.com.br/image/policy:1.490577:1601576032/image/ 4 KB
4 KB 50ms
42ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490577:1601576032/image/campereada.png?f=1x1&q=0.9&w=360&$p$f$q$w=e6f6f9b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 8248af8592a78954b8050a4f78d12e1680a57a0f2a8884bae9eec06116d3d8c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 24813
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 4240
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 fotocorreio.png
www.correiodopovo.com.br/image/policy:1.490574:1601576031/image/ 4 KB
4 KB 50ms
42ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490574:1601576031/image/fotocorreio.png?f=1x1&q=0.9&w=360&$p$f$q$w=2ca0c40
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 3416dbdb9c0ca2a9d8bce8f2efd97617262481e95bf18fc2b069b5eef79792f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 41706
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 4160
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 carrosemotos.png
www.correiodopovo.com.br/image/policy:1.490586:1601576035/image/ 4 KB
4 KB 50ms
43ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490586:1601576035/image/carrosemotos.png?f=1x1&q=0.9&w=360&$p$f$q$w=b7bd3d6
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 508fba79123a7eca704546da35ebb132e46337686b8a5a67c4211e0a16e28e8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 26579
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 4220
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 livrosamais.png
www.correiodopovo.com.br/image/policy:1.490584:1601576034/image/ 5 KB
6 KB 50ms
43ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490584:1601576034/image/livrosamais.png?f=1x1&q=0.9&w=360&$p$f$q$w=57ef8e7
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 66623b0935ee7dfbc98fcace56472beb123f03c695a443c8793ae1d0f9c22b3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 40778
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 5496
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 bichoamigo.png
www.correiodopovo.com.br/image/policy:1.490578:1601576033/image/ 4 KB
4 KB 51ms
43ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490578:1601576033/image/bichoamigo.png?f=1x1&q=0.9&w=360&$p$f$q$w=19ed566
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 74c58dceae9cbe820cdf7d14bf41fd03a98f9e19cfc5a96327d0c13db2777390

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 33055
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 4332
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 logo%20of-jor02.png
www.correiodopovo.com.br/image/policy:1.515193:1604606827/ 12 KB
12 KB 51ms
44ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.515193:1604606827/logo%20of-jor02.png?f=1x1&q=0.9&w=360&$p$f$q$w=995a2dd
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: e2d9bd9f5ffc43461e3a39c12001ed9c90664a090e83eb7985434dd93c283e21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 34768
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 12048
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 WhatsApp%20Image%202023-06-18%20at%2018.45.43.jpeg
www.correiodopovo.com.br/image/policy:1.1050739:1687285777/ 15 KB
15 KB 52ms
45ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1050739:1687285777/WhatsApp%20Image%202023-06-18%20at%2018.45.43.jpeg?a=1%3A1&q=0.9&w=250&$p$a$q$w=a3a311f&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 720a5408fbc633873e7822becb9358ac24dbf644a9e10f6be4d930d962e35e68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 2027
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 15448
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 the-flash-2.jpeg
www.correiodopovo.com.br/image/policy:1.1047728:1686773765/ 15 KB
15 KB 53ms
46ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1047728:1686773765/the-flash-2.jpeg?a=1%3A1&q=0.9&w=250&$p$a$q$w=94f22aa&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: dbfe96d32f1d35aad0632a2c6798aa25bbe710a71bd615fc29b94c04a9bf70b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 2027
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 14936
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 000_33J76LZ.jpg
www.correiodopovo.com.br/image/policy:1.1046550:1686596416/ 10 KB
10 KB 54ms
48ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1046550:1686596416/000_33J76LZ.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=c7d2d5d&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 4c08d3cc821d5186822c4c4584a9fdcbbec527695b9d1d39c256b3300d68fbd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 2027
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 9784
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 taylor-swift-the-eras-tour-foto-kevin-winter-getty-images.jpg
www.correiodopovo.com.br/image/policy:1.1043379:1685983348/ 9 KB
10 KB 58ms
51ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1043379:1685983348/taylor-swift-the-eras-tour-foto-kevin-winter-getty-images.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=25cfdda&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 3887f5e40b9d2a67b3af5a179b406684e53554ef953b4a288214e18ccc17415d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 2027
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 9584
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 %23MANIFESTACAOFA05.jpg
www.correiodopovo.com.br/image/policy:1.1042278:1685728773/ 23 KB
23 KB 59ms
52ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1042278:1685728773/%23MANIFESTACAOFA05.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=b0c77e4&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: b17ff8804a6e516a0ac8a75918b6a5d3a8145c39ce0d9fc5b759076c6b81aa15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 2027
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 23072
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 PRESIDENTEEMATER_MAIL01.jpg
www.correiodopovo.com.br/image/policy:1.1021952:1682348833/ 9 KB
9 KB 61ms
54ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1021952:1682348833/PRESIDENTEEMATER_MAIL01.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=55d4282&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: d0a482c4012f74c5d80d9a17fd4ca6d0c1d5f924994920167d754285e5c63f8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 2027
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 8780
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 alexandre_MAIL01.jpg
www.correiodopovo.com.br/image/policy:1.903277:1665161511/ 9 KB
10 KB 63ms
57ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.903277:1665161511/alexandre_MAIL01.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=9952a50&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 7e203cb6d4f4fefab123da73d0a7baf1947a9606badca5ead2896046c6342892

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
server: Azion IMS
x-original-image-size: 2027
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 9610
expires: Fri, 21 Jul 2023 17:03:39 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/ 252 KB
87 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eea50ecdeae6bf31e52884b6fa50a910698276fbe02cfeffc3394723c554bbd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88497
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 15:25:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 19:05:21 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 1 KB
2 KB 50ms
26ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3c498f811bc404171ad11779e3c81f2da26f27b0e1179b1544c1487030b16e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 21 Jun 2023 17:03:39 GMT

GET
H2 200 capajornal.aspx Show response
portal.correiodopovo.com.br/includes/input/ Frame AEA7 224 B
329 B 567ms
470ms Document
text/html 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.correiodopovo.com.br/includes/input/capajornal.aspx
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 Porto Alegre, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 66808bbe532e7ca8171cbbde461f786328063374cd61f0b9f79fb7d815dcf96a

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=493
content-length: 224
content-type: text/html; charset=utf-8
date: Wed, 21 Jun 2023 17:03:39 GMT
expires: Wed, 21 Jun 2023 17:11:53 GMT
last-modified: Wed, 21 Jun 2023 16:41:53 GMT
server: Microsoft-IIS/10.0
vary: *
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H2 200 index.php Show response
stg.truvidplayer.com/ 974 B
756 B 325ms
270ms Script
text/html 18.164.52.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/index.php?sub_user_id=870&widget_id=3680&playlist_id=2617&m=a&cb=614897604267088.4
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.52.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-52-38.cdg50.r.cloudfront.net
Software: nginx /
Resource Hash: ae1bf4ee157784b1a1c097f508d4f3127835ccc0c310bce913e6e6f5fa61e215

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
content-encoding: gzip
via: 1.1 c1b64e986e19699994a84686a601b624.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: CDG50-P4
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
x-amz-cf-id: vkteTR35Xl-0hzCFN0UxYOgHc_efSU0ISGZBs47ie3fQWe2jpYjzLA==

GET
H/1.1 200 1 Show response
paywall.correiodopovo.com.br/wid/script/ 376 B
546 B 416ms
140ms Script
text/plain 54.82.20.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://paywall.correiodopovo.com.br/wid/script/1?tags=&loc=https://www.correiodopovo.com.br/&is_visitor=true&is_freemium=true&is_customer=true
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.82.20.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-20-194.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 42ed8aca96bf1e9bb25a813a1176242c2f722734bf4d5048846278b95ae2ae2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:40 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 376
Content-Type: text/plain;charset=UTF-8

GET
DATA 200
OK truncated
/ 262 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f266202b591aab2563e8ef52fcc7cf8d2358f48600ad7f52bc62462787dca01

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 prebid_alright.js Show response
tagmanager.alright.network/ 388 KB
128 KB 9ms
9ms Script
application/javascript 13.32.99.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagmanager.alright.network/prebid_alright.js
Requested by: Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/manager/js/container_X2WNYyk5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-47.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c53f12aeb4806782ab7903f42911bc63205cf2680f8d449d34f5ab27c2a920e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:54:08 GMT
content-encoding: gzip
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
last-modified: Tue, 23 May 2023 04:07:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 572
x-amz-server-side-encryption: AES256
etag: W/"fe704b07dccdc233604539cb8c6ccb26"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: vyGW_hraAzthSDpmkzn461qvKDGOyscKXUyCRbeM8D_cbNuw3TuDGQ==

GET
H3 200 client:platform.js Show response
apis.google.com/js/ 57 KB
22 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client:platform.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79a0706eec31da34bd5291706e124ebc199fb2e4251a09969aacf7804b5dd57b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Jun 2023 17:03:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "4f57253c01768234"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:39 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5378cdcad7b920a5ab73d5bf1ccf7b764042c37f4c064367b352b3fe1f8c25b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Jun 2023 17:03:39 GMT
content-md5: SYqb+tW5yH5LSErMqweg8Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-debug: xpbtPZUZkCeVQDK1wskzr79P1FZQcv6AyMCDW2ecyGaZWRl5kXxSz5VqE1e814cBpdl9AASODTkT6Xe0ER+BUQ==
x-fb-trip-id: 1679558926
x-fb-content-md5: f2edc8932c57ace2bc89cb2a40dc220b
cross-origin-opener-policy: same-origin-allow-popups
etag: "ccab8aeaa818adbd78fbd3bfeff6b42c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:20:30 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 83ms
11ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:40 GMT
Content-Encoding: gzip
Age: 538
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (frb/67F3)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 51 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b715761e92524c9442ef612af378e2fdf19167f92492568f4961260e9f377a0a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 p.gif
www.correiodopovo.com.br/logger/ 43 B
179 B 20ms
19ms Image
image/gif 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/logger/p.gif?d=/2.200
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

v: 5
date: Wed, 21 Jun 2023 17:03:39 GMT
cache-control: max-age=900
content-type: image/gif
server: nginx/1.18.0 (Ubuntu)
content-length: 43
expires: Wed, 21 Jun 2023 17:18:39 GMT

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 73 KB
21 KB 71ms
14ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 952601ea2d50d1ed25402dd09ed8363a5c5ec2db978611902b938355cca3c30d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 15:14:03 GMT
content-encoding: gzip
via: 1.1 google
age: 6577
x-guploader-uploadid: ADPycduawubV_HlUoDbCckg7VGXOwSPg6BgUkTBO_ZU_TG3JIsn_jNL7oZWkFmMju5T1AcBacHLCHDukji3nJUx3eE7tQQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21236
last-modified: Tue, 11 Apr 2023 17:26:14 GMT
server: nginx/1.8.1
etag: "8d242bfc70276e9b827cbc9217e0fe74"
vary: Accept-Encoding
x-goog-generation: 1681233974827693
x-goog-hash: md5=jSQr/HAnbpuCfLySF+D+dA==
content-type: application/javascript
cache-control: max-age=7200,public
x-goog-stored-content-length: 21236
accept-ranges: bytes
expires: Wed, 21 Jun 2023 17:14:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
41 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=undefined

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/10102/correiodopovo.com.br.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

135841655f013ed61767c437a8438d9f7fef29b2e02e0eff79bc4654cb7f64b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41387
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 16:09:52 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jun 2023 17:03:39 GMT

GET
H2 200 api.gif
tags.denakop.com/ 0
313 B 127ms
125ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=p&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1687367019966&cb=0.2849577429390111

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:40 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7dadd382ef9039df-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 8644 566 B
812 B 45ms
18ms Document
text/html 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.v28TTIwVaSQ.O%2Fd%3D1%2Frs%3DAHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

074fe02ec73f484a3074bbbbd6f1b9070e6c417a6581ae0c78dad7d53c3f3b68

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vY9ZXNQ_DQ2IxIcF3ZGTdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-vY9ZXNQ_DQ2IxIcF3ZGTdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
content-type: text/html; charset=utf-8
date: Wed, 21 Jun 2023 17:03:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160901/ 356 KB
119 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160901/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br&bust=31075473

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1eed756af030ebd723f79b9b3e1635942a0c4453c3df08f0dee7cf2019c35f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122033
x-xss-protection: 0
server: cafe
etag: 11573739528738365300
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:40 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230615/r20190131/ Frame 6514 10 KB
5 KB 31ms
8ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230615/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70659
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 21:26:01 GMT
etag: 15057649708203361565
expires: Tue, 04 Jul 2023 21:26:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/ 734 B
509 B 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

778743466decd47a6ae1d0a4e85bfffd3ba15d4794ef23f391bc19b3d0b03178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:55:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 482
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 15:25:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 16:55:54 GMT

GET
H2 200 subscribe_embed Show response
www.youtube.com/ Frame D402 2 KB
1 KB 49ms
43ms Document
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.v28TTIwVaSQ.O%2Fd%3D1%2Frs%3DAHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d499f8833c3ce273cb3c3b7403493b47c7b5b1e765c3a41487fca788bd0ce64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin; report-to="youtube_main"
date: Wed, 21 Jun 2023 17:03:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 .jpg
www.correiodopovo.com.br/image/policy:1.1051204:1687359408/ 63 KB
63 KB 26ms
20ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1051204:1687359408/.jpg?f=3x2&$p$f=3d7bc82&w=1200&$w=9c05b01
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 869420f6c1c1b9386f2f692672336e1acd633cf38f595750ef02b6976bc401c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
server: Azion IMS
x-original-image-size: 68937
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 64706
expires: Fri, 21 Jul 2023 17:03:40 GMT

GET
H2 200 .jpg
www.correiodopovo.com.br/image/policy:1.1051242:1687362910/ 34 KB
35 KB 28ms
22ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1051242:1687362910/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 99ee3282868206b580da240fd53a08fc61397d8bffa93a011286071791d08bd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
server: Azion IMS
x-original-image-size: 35676
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 35298
expires: Fri, 21 Jul 2023 17:03:40 GMT

GET
H2 200 .jpg
www.correiodopovo.com.br/image/policy:1.1051070:1687346720/ 33 KB
34 KB 29ms
23ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1051070:1687346720/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: d6a1eeeb676341ec776da6ddcb440fb7609605304c10323e4cef2c2ff30f37bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
server: Azion IMS
x-original-image-size: 33356
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 34202
expires: Fri, 21 Jul 2023 17:03:40 GMT

GET
H2 200 417024.JPG
www.correiodopovo.com.br/image/policy:3.181541:1607806820/ 25 KB
25 KB 31ms
25ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:3.181541:1607806820/417024.JPG?f=1x2&$p$f=b7ce549&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: d4f83f55f617fa865a7c70118da3068a1ae9c27b185fa951c5d0d3b572fdc6be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
server: Azion IMS
x-original-image-size: 27247
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 25598
expires: Fri, 21 Jul 2023 17:03:40 GMT

GET
H2 200 .jpg
www.correiodopovo.com.br/image/policy:1.1051083:1687348150/ 30 KB
30 KB 32ms
26ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1051083:1687348150/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 5056ba26d0ea336346d69aa980999165d9463faec9fe3b0643ee3ba7dbbb28c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
server: Azion IMS
x-original-image-size: 32138
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 30636
expires: Fri, 21 Jul 2023 17:03:40 GMT

GET
H2 200 .jpg
www.correiodopovo.com.br/image/policy:1.975719:1687361247/ 21 KB
21 KB 33ms
27ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.975719:1687361247/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 61ab59c913f7d6b1115009318e1a4d13c633148abf5c9f29f12934e21dc573fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
server: Azion IMS
x-original-image-size: 26864
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 21768
expires: Fri, 21 Jul 2023 17:03:40 GMT

GET
H2 200 .jpg
www.correiodopovo.com.br/image/policy:1.1051197:1687358812/ 16 KB
16 KB 49ms
44ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1051197:1687358812/.jpg?f=3x2&$p$f=3d7bc82&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: a9b6b360a4a4082d3c2e0f46fb72e6c7e25b65c5a64de12bf2da4ff54e603467

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
server: Azion IMS
x-original-image-size: 17286
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 16166
expires: Fri, 21 Jul 2023 17:03:40 GMT

GET
H2 200 .jpg
www.correiodopovo.com.br/image/policy:1.1051127:1687352784/ 7 KB
8 KB 50ms
44ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1051127:1687352784/.jpg?f=3x2&$p$f=3d7bc82&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 04811388d3106d5a673727b66bfdd4e7648a17812338d6459455428b52dddc41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
server: Azion IMS
x-original-image-size: 10244
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 7650
expires: Fri, 21 Jul 2023 17:03:40 GMT

GET
H2 200 Caca-Carvalho.jpg
www.correiodopovo.com.br/image/policy:1.1050864:1687295743/ 12 KB
12 KB 50ms
45ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1050864:1687295743/Caca-Carvalho.jpg?f=3x2&$p$f=87975ec&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 1f864616ae1b904251fc93ace9454e4578ec903d94b3c7cdc3d303a8273d84f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
server: Azion IMS
x-original-image-size: 13599
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 12250
expires: Fri, 21 Jul 2023 17:03:40 GMT

GET
H2 200 .png
www.correiodopovo.com.br/image/policy:1.1051068:1687346253/ 9 KB
9 KB 53ms
48ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1051068:1687346253/.png?f=3x2&$p$f=e3f19ff&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: d62add71db97d1781ed9a2886c8919590c6a785d5e666757fb3e76cbcef2f43b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
server: Azion IMS
x-original-image-size: 199785
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 9006
expires: Fri, 21 Jul 2023 17:03:40 GMT

GET
H2 200 .jpg
www.correiodopovo.com.br/image/policy:1.1047042:1686677623/ 27 KB
27 KB 54ms
49ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1047042:1686677623/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: b00491a19beeb528b083a3e42f9aa3e4443f799f4dda08307ed03d95c23216c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
server: Azion IMS
x-original-image-size: 28757
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 27716
expires: Fri, 21 Jul 2023 17:03:40 GMT

GET
H2 200 .JPG
www.correiodopovo.com.br/image/policy:1.1041551:1685624719/ 10 KB
10 KB 57ms
52ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1041551:1685624719/.JPG?f=1x2&$p$f=f7fc437&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: d4f2f7c03ea64cf3b86b0838dd4677e3fb3b6aa573cbb57024e68ec0dba758e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
server: Azion IMS
x-original-image-size: 14364
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 10538
expires: Fri, 21 Jul 2023 17:03:40 GMT

GET
H2 200 .jpg
www.correiodopovo.com.br/image/policy:1.1040536:1685463242/ 27 KB
28 KB 58ms
53ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1040536:1685463242/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 6880cde99cda177d75b14cde4beef0fa9101f3f970bb69aff92b0940972662f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
server: Azion IMS
x-original-image-size: 31113
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 28118
expires: Fri, 21 Jul 2023 17:03:40 GMT

GET
H2 200 .jpg
www.correiodopovo.com.br/image/policy:1.863375:1659027719/ 16 KB
16 KB 60ms
55ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.863375:1659027719/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: bb2c0dbef3ae661b3cbd35fb9cc549ab8344fda2506ddbbf64a964f05b4cc9fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
server: Azion IMS
x-original-image-size: 22523
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 16482
expires: Fri, 21 Jul 2023 17:03:40 GMT

GET
H2 200 .jpg
www.correiodopovo.com.br/image/policy:1.1034432:1684420154/ 30 KB
30 KB 60ms
56ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1034432:1684420154/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 0abf450a9add4756c42b6da8084f963afd5fe4cb4f2c6f34743ca5be7bb2e3f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
server: Azion IMS
x-original-image-size: 32190
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 30370
expires: Fri, 21 Jul 2023 17:03:40 GMT

GET
H2 200 .jpg
www.correiodopovo.com.br/image/policy:1.1042353:1685735783/ 30 KB
30 KB 62ms
57ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1042353:1685735783/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: b9f5e056433e164037529c2fcbee837f7c02cabb05da79ba6074d2652da143bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
server: Azion IMS
x-original-image-size: 31589
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 30850
expires: Fri, 21 Jul 2023 17:03:40 GMT

GET
H2 200 .jpg
www.correiodopovo.com.br/image/policy:1.1040668:1685475404/ 23 KB
23 KB 63ms
59ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1040668:1685475404/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 903a3e2adc8fbc98f06e44384eacfade5967c43376397fb2efc9a7dff9dcdd93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
server: Azion IMS
x-original-image-size: 27598
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 23714
expires: Fri, 21 Jul 2023 17:03:40 GMT

GET
H2 200 .jpg
www.correiodopovo.com.br/image/policy:1.1030117:1683736184/ 27 KB
27 KB 63ms
60ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1030117:1683736184/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 7eb658ea2a6b25f8b93dab28d1230ddcbf34d51382a0365c86c7c293d1b5a111

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
server: Azion IMS
x-original-image-size: 30786
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 27774
expires: Fri, 21 Jul 2023 17:03:40 GMT

GET
H2 200 .jpg
www.correiodopovo.com.br/image/policy:1.1025167:1682891520/ 27 KB
27 KB 67ms
63ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1025167:1682891520/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: df535666d20fc7234eb96b579c5aa70010492b5e220c55b45692ed60d38dfabf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
server: Azion IMS
x-original-image-size: 29042
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 27422
expires: Fri, 21 Jul 2023 17:03:40 GMT

GET
H2 200 Fiat.jpg
www.correiodopovo.com.br/image/policy:1.997053:1678209172/ 44 KB
45 KB 68ms
64ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.997053:1678209172/Fiat.jpg?f=1x2&$p$f=2f1e5d9&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: b14cb8c4ff88ad4dea08a32f8616c41851cd076aad9dd146cfb886cd803c3f8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
server: Azion IMS
x-original-image-size: 41916
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 45436
expires: Fri, 21 Jul 2023 17:03:40 GMT

GET
H2 200 .png
www.correiodopovo.com.br/image/policy:1.1049274:1686970324/ 33 KB
33 KB 68ms
65ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1049274:1686970324/.png?f=1x2&$p$f=9e999c1&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: c9376b2125484f8070da81334a1b302bc2385e58401716c04bf8c1304a8c6e51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
server: Azion IMS
x-original-image-size: 439121
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 33856
expires: Fri, 21 Jul 2023 17:03:40 GMT

GET
H2 200 .png
www.correiodopovo.com.br/image/policy:1.1049281:1686974351/ 33 KB
33 KB 68ms
66ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1049281:1686974351/.png?f=1x2&$p$f=9e999c1&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 3506f53e87793153fed1feeea3b99c5aac1fcc390a005fa9e0fd7b046acb6d46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
server: Azion IMS
x-original-image-size: 558285
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 33536
expires: Fri, 21 Jul 2023 17:03:40 GMT

GET
H2 200 .png
www.correiodopovo.com.br/image/policy:1.1049279:1686973861/ 30 KB
30 KB 69ms
66ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1049279:1686973861/.png?f=1x2&$p$f=9e999c1&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 9bf949a6c0d150c592420aa355b8e4ce66705cdb2e5d4e8084fcc8c0ea6db44c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
server: Azion IMS
x-original-image-size: 500871
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 30430
expires: Fri, 21 Jul 2023 17:03:40 GMT

GET
H2 200 .PNG
www.correiodopovo.com.br/image/policy:1.1049109:1686951370/ 20 KB
20 KB 70ms
68ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.1049109:1686951370/.PNG?f=1x2&$p$f=cb9f76d&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: fcec4e2c905c1cae1550f5cccbdf6531de48ef2fe09c2876d3d09fb543825df1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
server: Azion IMS
x-original-image-size: 272261
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 20080
expires: Fri, 21 Jul 2023 17:03:40 GMT

GET
H2 200 329022_2819.js Show response
receiver.posclick.dinamize.com/forms/js/ 90 KB
25 KB 359ms
112ms Script
text/javascript 3.23.208.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://receiver.posclick.dinamize.com/forms/js/329022_2819.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.23.208.81 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-23-208-81.us-east-2.compute.amazonaws.com
Software: Dinamize-PcReceiver /
Resource Hash: 81f4d7f296252bd5b876a86fc6208af36b36343540f2baac1a6f345b947cc9fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:05:37 GMT
content-encoding: gzip
last-modified: Wed, 21 Jun 2023 17:05:37 GMT
server: Dinamize-PcReceiver
etag: 2023-06-07 14:41:38.094131093 -0300 -03 m=+1922088.326784432
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
content-length: 24905

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
87 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B73LS4GNNN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ebfc176d185cf573669ebc639112b7597f935f87fa9609a7456ac5b6207b7752

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89135
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 21 Jun 2023 17:03:40 GMT

GET
H2 200 23925 Show response
tag.navdmp.com/u/ 584 B
540 B 469ms
469ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/23925
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 860638066f3fe8743863f7392a3de265a2e96519f8a0109cf79c4558feabb589

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 26 May 2023 13:05:29 GMT
server: cloudflare
etag: W/"6470ae99-248"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7dadd383bef7bbd1-FRA
expires: Wed, 21 Jun 2023 18:03:40 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/ 408 KB
126 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b70d8eb19ca32d244e29e759e816c343be893232978532c9d5943f838e60e0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:37:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1559
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129045
x-xss-protection: 0
server: cafe
etag: 16806126990728334555
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 20 Jun 2024 16:37:41 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 902 B
432 B 63ms
42ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.correiodopovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8018bdabb6b50a867ae921b22dedde1b24969f1308fa65f4600bbfac1368d1dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 407
x-xss-protection: 0
expires: Wed, 21 Jun 2023 17:03:40 GMT

GET
H3 200 204496277643064 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 20ms
17ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/204496277643064?v=2.9.108&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a821f5692e1660be62ea9036c3f5c8f5af9ee727dfd73b00c0d308e2b975f28a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 21 Jun 2023 17:03:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87919
x-xss-protection: 0
pragma: public
x-fb-debug: paLRyextXEVwpTj/EkJ3mNI4m7nyRAohEKYdEtpyF0vZGRO2OYx393lfVyB/Z6zJ+/QQqf+okmq7l/CfbyWOiQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 cspreport
accounts.google.com/o/ Frame 8644 0
249 B 26ms
23ms Other
text/html 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-_8hrh-y0m9S7fh-1RQShCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.v28TTIwVaSQ.O%2Fd%3D1%2Frs%3DAHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw%2Fm%3D__features__
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:40 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-_8hrh-y0m9S7fh-1RQShCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3698212825-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 8644 12 KB
6 KB 50ms
9ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/3698212825-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.v28TTIwVaSQ.O%2Fd%3D1%2Frs%3DAHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37acf5f6aa181790c9f46f7a25b5c89ecc46c35603b9b62c3086228faf72b26d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 01:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5184
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 00:13:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 01:13:41 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 8644 18 KB
7 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d80a7a909a4a7342f71a54de2d95e04472d3ec71ad08e7bfea4634d8cd616fc

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Jun 2023 17:03:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7122
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "317f2053b163ca94"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 74ms
13ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Jun 2023 15:04:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 7139
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 21 Jun 2023 17:04:41 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 48ms
40ms Image
text/plain 13.249.9.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=22153319&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1687367020161&ns_c=UTF-8&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F&c8=Correio%20do%20Povo&c9=
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.9.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-9-34.cdg53.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
via: 1.1 ef76486b8b2194781e7708296c3d455c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: CDG53-C1
x-amz-cf-id: iGWA8IBAunvScFmXiO7Mon7d3jKxhCNPBUEMQ3HHyK2nKEh41mz0WQ==
x-cache: Miss from cloudfront

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 47ms
40ms Image
text/plain 13.249.9.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=14194541&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1687367020162&ns_c=UTF-8&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F&c8=Correio%20do%20Povo&c9=
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.9.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-9-34.cdg53.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
via: 1.1 ef76486b8b2194781e7708296c3d455c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: CDG53-C1
x-amz-cf-id: 7b8ifnQWwSriDuILXfWPo0yWq1H8MZVsYrzlSnv7yRB4XldILGv1Ww==
x-cache: Miss from cloudfront

GET
H3 200 www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame D402 38 KB
6 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.v28TTIwVaSQ.O%2Fd%3D1%2Frs%3DAHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.v28TTIwVaSQ.O%2Fd%3D1%2Frs%3DAHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 07:52:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378658
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6066
x-xss-protection: 0
last-modified: Wed, 18 Nov 2020 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 16 Jun 2024 07:52:42 GMT

GET
H3 200 www-subscribe-embed_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame D402 252 KB
72 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.v28TTIwVaSQ.O%2Fd%3D1%2Frs%3DAHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 21:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415432
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73785
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 15 Jun 2024 21:39:48 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 43ms
19ms XHR
application/json 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230621

Requested by

Host: tagmanager.alright.network
URL: https://tagmanager.alright.network/prebid_alright.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

66ffd086d029804d4cf280283f4f9205ecb4f92664edae096a59bc16151a83e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 21 Jun 2023 17:03:40 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3776
x-jsd-version: 1.0.1727
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 884
x-served-by: cache-fra-eddf8230137-FRA
x-jsd-version-type: version
etag: W/"63e-DbtfHJ5rcsoapk/n1SLOHDEsdC4"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 23ms
10ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=778d486ce8428b3c8cfda6a00124778a

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e10903b1e36b3713d8272128121e7453439c89947befd7869b479b3090990ada

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.correiodopovo.com.br/
Origin: https://www.correiodopovo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Jun 2023 17:03:40 GMT
content-md5: Tkv0MVFnHAZi4Fs3o6rrdg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87248
x-fb-debug: 8bPmpDbXicx/zg7bSUp6wN077tutxvClbSHKvNarTBKwaN/nvP7j1hYyhbfJDga4MCxame+bwye0lyQFzkkfjQ==
x-fb-content-md5: 11c0c4e7da42e3f8fb47d6a987c16106
cross-origin-opener-policy: same-origin-allow-popups
etag: "f6c62b01d994a24537ea1f0e6ae23129"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 20 Jun 2024 15:40:06 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/6ed0d907/www-widgetapi.vflset/ 197 KB
61 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6ed0d907/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce64739515c1fb2b75b61cce955a1843453d21819cf66f3a05e1d3771103994f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:41:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1330
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62565
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 01:47:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 20 Jun 2024 16:41:30 GMT

GET
H2 200 p-110f01f1.js Show response
assets.r7.com/cda-partners-bar/cda-partners-bar/ 9 KB
4 KB 283ms
281ms Script
application/x-javascript 95.101.148.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.r7.com/cda-partners-bar/cda-partners-bar/p-110f01f1.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.101.148.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ab549b2a17aa136e9e241ee47e6458b61b43317c253c8e4f8eb4c123be533d45

Request headers

Referer: https://assets.r7.com/cda-partners-bar/cda-partners-bar/cda-partners-bar.esm.js
Origin: https://www.correiodopovo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
content-encoding: gzip
last-modified: Tue, 13 Jun 2023 14:23:45 GMT
server: AkamaiNetStorage
etag: "771dba83acd8382258d9abce99720f02:1686666225.712287"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4249

GET
H2 200 rules-p-HGAVM7nQJ_sep.js Show response
rules.quantcount.com/ 160 B
630 B 71ms
17ms Script
application/javascript 2600:9000:219c:2600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-HGAVM7nQJ_sep.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:2600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73db2a2a4d0933294f7188230306bea80ad011455f5f3a34127d33cbb43eb1c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:40:54 GMT
via: 1.1 95a1a2515bcfe82199fde4e864c4e6f0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
age: 1367
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:48 GMT
server: AmazonS3
etag: "afb90b4e3022c802397d34b9f457500e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: To5jooQu4-AgRaMsQ1Nayn335bYVat6ypL8hCK9JRSbnFacbZ1lp1g==

GET
H3 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=client/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/ 64 KB
22 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=client/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/cb=gapi.loaded_2?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cea21c6f10bb7f3d4eb1f37a72c11dd739323cc93da215d62294ae91f6be667c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 15:20:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22973
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 15:25:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 15:20:18 GMT

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 5A44 320 KB
104 KB 10ms
9ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.correiodopovo.com.br
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4649479
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Wed, 21 Jun 2023 17:03:40 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/674C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.8/ 57 KB
24 KB 24ms
23ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.8/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/d51d4asv1d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
content-encoding: br
last-modified: Wed, 21 Jun 2023 10:42:04 GMT
etag: W/"0x8DB72442727BA34"
vary: Accept-Encoding
x-azure-ref: 20230621T170340Z-90pgggfb515mpcnyww6w7pzqtn00000001yg00000000mgk4
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: aa156455-901e-006b-8032-a4a92f000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2 200 load.js Show response
pm-widget.taboola.com/correiodopovo/ 3 KB
2 KB 170ms
168ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/correiodopovo/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c25b59c4c4973bdae51c5c45f4eacd8405791890b322db5d7b23cc382136607

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 1zLefM8oGSQAw_r99Zxoj_.etGjP.aNT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 21 Jun 2023 17:03:40 GMT
x-amz-request-id: KFWVB5FQWD1RQ9GP
age: 0
x-cache: HIT, HIT
content-length: 1241
x-amz-id-2: Anp8tIlECWu+jGu14gcMXw+GSUyqdkBWxX52eqmYeFj7kFRR+PfbIxVeSYL1K/I7sOIRfGOc+UU=
x-served-by: cache-bur-kbur8200143-BUR, cache-fra-eddf8230110-FRA
last-modified: Wed, 03 May 2023 03:51:21 GMT
server: AmazonS3
x-timer: S1687367020.267554,VS0,VE159
etag: "fe97876ce9ff1ddead775b1afa01f004"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
accept-ranges: bytes
x-cache-hits: 181, 1

GET
H2 200 impl.20230620-6-RELEASE.js Show response
cdn.taboola.com/libtrc/ 771 KB
161 KB 9ms
9ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230620-6-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 3d7a16ff1ffd8d8507acd6f1ac3f27609a4e979b0a8e37474d3e0ba43e20fe3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: ZgMZwlQiW6LSq3TjoVB1yW6AN6RToRu0
content-encoding: br
via: 1.1 varnish
date: Wed, 21 Jun 2023 17:03:40 GMT
x-amz-request-id: CV1VQFS8862X8K9D
age: 27642
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 163991
x-amz-id-2: 14cZpG378S3DCmmvlQsPEHtKNw+0pQFoHm8XWLxP255NXWb4DsZNw0OGCtkdDE2mLpDw+/1xROs=
x-served-by: cache-fra-eddf8230110-FRA
last-modified: Tue, 20 Jun 2023 09:22:57 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687367020.267620,VS0,VE0
etag: "fd6dea8d7a047382b08a9c2a433a2c8f"
vary: Accept-Encoding
content-type: application/javascript
abp: 1
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 73693

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 43ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B73LS4GNNN&gtm=45je36e2&_p=792804722&cid=246229871.1687367020&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Ag&ngs=1&_s=1&sid=1687367020&sct=1&seg=0&dl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&dt=Correio%20do%20Povo&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B73LS4GNNN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 37ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B73LS4GNNN&gtm=45je36e2&_p=792804722&cid=246229871.1687367020&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&ngs=1&_s=2&sid=1687367020&sct=1&seg=0&dl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&dt=Correio%20do%20Povo&en=correio_do_povo_digital&_c=1&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B73LS4GNNN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame D402 156 B
179 B 8ms
7ms Image
image/png 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 21:20:08 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Sep 2020 20:15:00 GMT
server: sffe
age: 330212
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 156
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 16 Jun 2024 21:20:08 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 24ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=204496277643064&ev=PageView&dl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&rl=&if=false&ts=1687367020392&sw=1600&sh=1200&v=2.9.108&r=stable&ec=0&o=30&fbp=fb.2.1687367020391.1732682851&it=1687367020133&coo=false&rqm=GET

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 21 Jun 2023 17:03:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 407 B
610 B 44ms
16ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.correiodopovo.com.br&callback=_gfp_s_&client=ca-pub-3488053582622085

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160901/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br&bust=31075473

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47058153a2f8a8a2d3da8b5dc17505dae3e324cfdfbb8a9f9fa7e5f4a0e3675d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 41ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1324 0
188 B 220ms
219ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488053582622085&output=html&adk=1812271804&adf=3025194257&lmt=1687367020&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2%2C6%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A144%2C4%3A128%2C8%3A128%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_r&format=0x0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687367020038&bpp=5&bdt=663&idt=363&shv=r20230615&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&nras=1&correlator=836355340348&frm=20&pv=2&ga_vid=246229871.1687367020&ga_sid=1687367020&ga_hid=792804722&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C31075054%2C31075473%2C44788442%2C44794790%2C44789818&oid=2&pvsid=227302566722832&tmod=501397093&uas=0&nvt=1&fsapi=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=393

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:40 GMT
expires: Wed, 21 Jun 2023 17:03:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 565ms
565ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=227302566722832&correlator=3241598438892328&output=ldjh&gdfp_req=1&vrg=202306140101&ptt=17&impl=fifs&iu_parts=1840275%2Csuperbanner&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C970x250%7C728x180&ifi=2&adks=412799113&sfv=1-0-40&prev_scp=editoria%3Dhome%26tags%3D&sc=1&cookie_enabled=1&abxe=1&dt=1687367020480&lmt=1687367020&dlt=1687367019376&idt=1063&adxs=315&adys=159&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&frm=20&vis=1&psz=1600x12&msz=1600x0&fws=4&ohw=1600&ga_vid=246229871.1687367020&ga_sid=1687367020&ga_hid=792804722&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e799e3d850442c21ae62a2fe65ddc330b72cd8aa3dab8202c5c60214f0f6508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9349
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
9 KB 1123ms
1121ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=227302566722832&correlator=3241598438892328&output=ldjh&gdfp_req=1&vrg=202306140101&ptt=17&impl=fifs&iu_parts=1840275%2CSuperBanner_Meio&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C970x250%7C728x180&ifi=3&adks=2943123587&sfv=1-0-40&prev_scp=editoria%3Dhome%26tags%3D&sc=1&cookie_enabled=1&abxe=1&dt=1687367020485&lmt=1687367020&dlt=1687367019376&idt=1063&adxs=315&adys=2181&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&frm=20&vis=1&psz=1600x12&msz=1600x0&fws=4&ohw=1600&ga_vid=246229871.1687367020&ga_sid=1687367020&ga_hid=792804722&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efc99f83529377390af3004d4aa5412cff3f99555c0da889e3eb630dc7cd3cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9436
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
19 KB 47ms
46ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=227302566722832&correlator=3241598438892328&output=ldjh&gdfp_req=1&vrg=202306140101&ptt=17&impl=fifs&iu_parts=1840275%2CPatrocinio&enc_prev_ius=%2F0%2F1&prev_iu_szs=200x50%7C200x100&ifi=4&adks=1969578964&sfv=1-0-40&prev_scp=editoria%3Dhome%26tags%3D&sc=1&cookie_enabled=1&abxe=1&dt=1687367020487&lmt=1687367020&dlt=1687367019376&idt=1063&adxs=1170&adys=2913&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&frm=20&vis=1&psz=200x0&msz=200x0&fws=4&ohw=1600&ga_vid=246229871.1687367020&ga_sid=1687367020&ga_hid=792804722&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b5162d6b97f345cfd804465e4d14daca858a512cb22798fbed634db82418203

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19617
x-xss-protection: 0
google-lineitem-id: 6318182837
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138435727090
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 59 KB
14 KB 825ms
823ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=227302566722832&correlator=3241598438892328&output=ldjh&gdfp_req=1&vrg=202306140101&ptt=17&impl=fifs&iu_parts=1840275%2CRetanguloMedio-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=5&adks=2968740229&sfv=1-0-40&prev_scp=editoria%3Dhome%26tags%3D&sc=1&cookie_enabled=1&abxe=1&dt=1687367020489&lmt=1687367020&dlt=1687367019376&idt=1063&adxs=1052&adys=3118&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&frm=20&vis=1&psz=336x-1&msz=300x-1&fws=4&ohw=336&ga_vid=246229871.1687367020&ga_sid=1687367020&ga_hid=792804722&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c5ba6fdd40939b546a38f51e99f0ecbe52e17d7a42145d785bb4269944106b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14131
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 555 B
300 B 45ms
44ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=227302566722832&correlator=3241598438892328&output=ldjh&gdfp_req=1&vrg=202306140101&ptt=17&impl=fifs&iu_parts=1840275%2CPatrocinio-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=200x50%7C200x100&ifi=6&adks=1128816695&sfv=1-0-40&prev_scp=editoria%3Dhome%26tags%3D&sc=1&cookie_enabled=1&abxe=1&dt=1687367020491&lmt=1687367020&dlt=1687367019376&idt=1063&adxs=1170&adys=3817&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&frm=20&vis=1&psz=200x0&msz=200x0&fws=4&ohw=1600&ga_vid=246229871.1687367020&ga_sid=1687367020&ga_hid=792804722&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7ac0a03182f70ef699b787b11078f3f979c6cea50fa6abe991e7d2d211ff2ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 270
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
10 KB 269ms
267ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=227302566722832&correlator=3241598438892328&output=ldjh&gdfp_req=1&vrg=202306140101&ptt=17&impl=fifs&iu_parts=1840275%2CSkybanner&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=7&adks=3945090781&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1687367020494&lmt=1687367020&dlt=1687367019376&idt=1063&adxs=1040&adys=9481&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&frm=20&vis=1&psz=360x-1&msz=300x-1&fws=4&ohw=1600&ga_vid=246229871.1687367020&ga_sid=1687367020&ga_hid=792804722&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4aceed15e5c98c51b7cd1dbb17f43bd78f32f6062129b018e7112ce516787d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10545
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 555 B
306 B 48ms
46ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=227302566722832&correlator=3241598438892328&output=ldjh&gdfp_req=1&vrg=202306140101&ptt=17&impl=fifs&iu_parts=1840275%2CInterstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=949x600%7C400x250&ifi=8&adks=1560352328&sfv=1-0-40&prev_scp=editoria%3Dhome%26tags%3D&sc=1&cookie_enabled=1&abxe=1&dt=1687367020497&lmt=1687367020&dlt=1687367019376&idt=1063&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=246229871.1687367020&ga_sid=1687367020&ga_hid=792804722&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0bf64f7b623f300ce7265268576d2f3f2b2a82ead5fcf44f6fe67d227b5ce2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 276
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BDC1 6 KB
3 KB 458ms
16ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:40 GMT
expires: Thu, 20 Jun 2024 17:03:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 5A44 869 B
658 B 533ms
118ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=11a851cc351bae9beb9b32bcb4da81e5d80b208b

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.correiodopovo.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-response-time: 104
date: Wed, 21 Jun 2023 17:03:40 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Wed, 21 Jun 2023 17:03:41 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: c0b87db02a3e92ea
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: cb37be942f48f60f1a6c565308c958f641e04a5275917941723b856c969d024e
content-length: 337

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame 4601 118 KB
35 KB 419ms
12ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1687367020.cds231.fr8.hn,1687367020.cds289.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame 3A3F 118 KB
35 KB 423ms
21ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1687367020.cds231.fr8.hn,1687367020.cds289.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
517 B 422ms
22ms Image
image/gif 2.16.202.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:40 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1687367020856098-508
Expires: Wed, 21 Jun 2023 17:03:40 GMT

GET
H/1.1

200
OK

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=210804831.56902011584974117.6073086
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=210804831.56902011584974117.6073086
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=1b2e4395-99bc-4397-9f27-8596723f56e1
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=1b2e4395-99bc-4397-9f27-8596723f56e1
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=4fbe391c-3659-4cd5-8f79-ce22ae5e9f59&user_group=1&ssp=vidoomy&bsw_param=1b2e4395-99bc-4397-9f27-8596723f56e1
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=1b2e4395-99bc-4397-9f27-8596723f56e1

43 B
650 B

461ms
35ms

Image
image/gif

212.36.83.208
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=1b2e4395-99bc-4397-9f27-8596723f56e1
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Server: 212.36.83.208 Terrassa, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:42 GMT
Content-Encoding: none
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 43

Redirect headers

location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=1b2e4395-99bc-4397-9f27-8596723f56e1
date: Wed, 21 Jun 2023 17:03:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ 0
239 B 410ms
10ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H/1.1 204
No Content hb Show response
cpm.denakop.com/ 0
271 B 402ms
15ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.denakop.com/hb?zone=166090&v=1.6
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:40 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 17 KB
9 KB 549ms
165ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

77e817bc81e702b3af53fa6396d18fe393df867311dbcb3397292740b7145bea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 21 Jun 2023 17:03:41 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: a07df7fe-e6f2-4d77-ab8a-95386fcecfec
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 506ms
122ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:40 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 503ms
120ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:40 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 583ms
199ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:40 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 491ms
108ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:40 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 488ms
105ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:40 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
833 B 398ms
17ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=99f0bf0d-3618-47f0-8520-64876f68c380&l_pb_bid_id=36c0e194d015212&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.08901458664210171
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a4d83f264f7c649b9353ba356a05f44ea4f5b9f2217a771eaf21c6f5e10a3213

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:40 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
600 B 433ms
52ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=eaf8b905-17cd-4c3c-acad-564313da65a8&l_pb_bid_id=37071d398aa032d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.21961763385275046
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 25c67ca4bf3665e14bcab7025dece229da5cbfaec9dd8fde9f1db8ccdf56b329

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:40 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
600 B 399ms
19ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=f2fe0da8-5407-4705-9e41-3016cec7d7eb&l_pb_bid_id=3853bb09288f8f1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4065200420460644
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 618b4922f965f69c26739e71c987ba027cfc607411dd74c2b0f0ccd53ad7bff1

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:40 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
601 B 400ms
19ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=8db858af-bd29-4b2e-9c38-a5b02689bacb&l_pb_bid_id=397c855c50468d6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6447524973904781
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ec42b120fd452ff1de08eb3bbe9eaa8cc689b35d9a49725b9fe8db1c16c1900e

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:40 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
600 B 400ms
20ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=98c847b2-508e-4bfc-bcf4-d315c89a679f&l_pb_bid_id=40137396789ba9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7503430904068285
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 87da683c9f06bca4c76b4b9152ce4bab044a03abf5a2bdb2121d27146c568d1a

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:40 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/ Frame 8644 63 KB
22 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d96bf2ef1a5908977152408d330b39b94d961285f86db4a17e9e53497804edcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 02:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22866
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 15:25:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 02:07:21 GMT

GET
H/1.1 200
OK 16873074784431_normal.jpg
digital2.correiodopovo.com.br/files/flip/CPOVO/16087/up/ Frame AEA7 181 KB
182 KB 927ms
100ms Image
image/jpeg 3.232.160.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://digital2.correiodopovo.com.br/files/flip/CPOVO/16087/up/16873074784431_normal.jpg
Requested by: Host: portal.correiodopovo.com.br
URL: https://portal.correiodopovo.com.br/includes/input/capajornal.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.232.160.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-160-141.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 8bd2084f293973ae7aaa88c9a7176721f28ec814551a10e1208b196c2cfd5d3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: public
Date: Wed, 21 Jun 2023 17:03:41 GMT
Last-Modified: Wed, 21 Jun 2023 00:42:43 GMT
Server: Apache-Coyote/1.1
ETag: 16873074784431_normal.jpg_185558_1687308163000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public; max-age=31536000
Content-Disposition: inline; filename=16873074784431_normal.jpg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 185558
Expires: Sat, 08 Jul 2023 17:44:10 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/ Frame D402 136 KB
45 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

281ff524d25faadc640852c299a49d97a38a84d14e8caaa3be48018f09d20d43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 01:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46508
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 15:25:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 01:13:32 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
215 B 15ms
14ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=792804722&t=pageview&_s=1&dl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ul=en-us&de=UTF-8&dt=Correio%20do%20Povo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=468632602&gjid=297057274&cid=246229871.1687367020&tid=UA-4083550-1&_gid=2032037943.1687367021&_r=1&_slc=1&gtm=45He36e2n71MFKL3B&did=i5iSjo&z=715770548

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 get-action Show response
nr-events.taboola.com/newsroom/1.0/correiodopovo/ 132 B
327 B 41ms
17ms Script
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nr-events.taboola.com/newsroom/1.0/correiodopovo/get-action?page.url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&view.id=840228481233099611&page.template=home&page.dashboard=home
Requested by: Host: c2.taboola.com
URL: https://c2.taboola.com/nr/correiodopovo/newsroom.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 627e2285e82e57d1ec9fcbbdf5935bf49cad56b2c3dc277c4fa49ac4246df1f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230110-FRA
tbl-x-upstream: 10.44.137.232:8080
date: Wed, 21 Jun 2023 17:03:40 GMT
via: 1.1 varnish
server: nginx
x-timer: S1687367021.631862,VS0,VE9
x-cache: MISS
content-type: application/json;charset=UTF-8
accept-ranges: bytes
content-length: 132
x-application-context: front-page-event-server:production
x-cache-hits: 0

GET
H2 200 3680.js Show response
go.trvdp.com/init/ 6 KB
6 KB 356ms
21ms Script
binary/octet-stream 18.155.129.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/3680.js?pid=2617
Requested by: Host: stg.truvidplayer.com
URL: https://stg.truvidplayer.com/index.php?sub_user_id=870&widget_id=3680&playlist_id=2617&m=a&cb=614897604267088.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-99.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c7cec5c8a3656d674590fc4ba0ac008a2b39b4f9770f312ee7216383afb7e62e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 13:50:24 GMT
via: 1.1 307d3717e074a4d99213548a350ed11e.cloudfront.net (CloudFront)
last-modified: Sun, 01 May 2022 12:04:38 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 9601996
etag: "878d0456513915c1b2633e935a2a3974"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 5844
x-amz-cf-id: hZ1cIIzYAIpYSlszQp_9bT5PVQK2xIAZSZB8XkuumOPZ7fychjxd7A==

GET
H/1.1 200
OK initcb Show response
webservices.webspectator.com/ 5 KB
1 KB 105ms
105ms Script
application/javascript 34.207.18.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/initcb?appId=2782&vId=7C98116C35F24CEA&dads=0&lts=0&nv=1&s=4863&res=1600x1200&c=1&l=en&r=&sr=&ts=1687367020618&rs=0&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F&npv=1&ltsss=0&ltsvs=0
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/init?appId=GTAYHGT2&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1687367019736
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.207.18.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-18-4.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 1edf4847ee858d0ab9cc84c0a3c4cc811bc738878a80c22f2b9032416a550dc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:40 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pixel;r=1406012461;rf=0;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fwww.correiodopovo.com.br%2F;uht=2;fpan=1;fpa=P0-108555751-1687367020201;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d...
pixel.quantserve.com/ 35 B
371 B 32ms
9ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1406012461;rf=0;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fwww.correiodopovo.com.br%2F;uht=2;fpan=1;fpa=P0-108555751-1687367020201;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=correiodopovo.com.br;dst=0;et=1687367020619;tzo=0;ogl=title.Correio%20do%20Povo%2Csite_name.Correio%20do%20Povo%2Curl.https%3A%2F%2Fwww%252Ecorreiodopovo%252Ecom%252Ebr%2F%2Cdescription.%2Ctype.website;ses=8477ec63-c25a-47f5-8191-b87a08c1292c;mdl=

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:40 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=792804722&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ul=en-us&de=UTF-8&dt=Correio%20do%20Povo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=13irhbi&_u=aDDAAEABAAAAACAAI~&jid=&gjid=&cid=246229871.1687367020&tid=UA-4083550-1&_gid=2032037943.1687367021&gtm=45He36e2n71MFKL3B&did=i5iSjo&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fd51d4asv1d%2F1sv01d9%2F13irhbi&z=1922421412

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 00:25:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 59887
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
81 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VH600BGGZW

Requested by

Host: paywall.correiodopovo.com.br
URL: https://paywall.correiodopovo.com.br/wid/script/1?tags=&loc=https://www.correiodopovo.com.br/&is_visitor=true&is_freemium=true&is_customer=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

62423fcbf2902860443224b71ae3875de3531863942d9e9a43beab56f1088b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82811
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 21 Jun 2023 17:03:40 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
81 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VH600BGGZW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a595181faeaf1543c3c96217ce69cc0c7c9b18a3bdd0e149c751efb76c7d2a75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82949
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 21 Jun 2023 17:03:40 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8601 0
0 48ms
46ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBrL69BWwSS0w0ZIXWL9alG0uEA98vVDzdfrq8sptye_fXtYQAGTGxLx9WsWrQqNmDT8BQ5whdnVyTwizPCQT_Oiv4yqawcd19PiOOjWAsA4lHFr1uK-4JkQTJ9m1YWDesB4QDNqzbny1l_Rajgw0hAQZKC-BMB8eM1aIHqw1BTryL9CMG_FEm0WyVuJDka3rVAeTfVKK9Dc4DfNNmwDa2_AJbXQ4KO3z6PYyLcE4wUQdw4RKaEGTpg2UQQzNEkOXHMLusoJb1qL7xNnkvN2jtqNwpI2rOMMJddTjfmz10GmGTc2hsXJY3j7rvPAkYS9sZzeqs5Si5bDP8YA&sai=AMfl-YRv_gXENshHrohhMMBeZvX8vqv7BVt2ligpUWgdyaKJuUOZIcxa9RjbMnC9pjgrQq1aTiloYNexo1E7rrWydEDm9PDeibbKHpC0Qohs0cM&sig=Cg0ArKJSzDiLTamO38KSEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Jun 2023 17:03:40 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/ Frame 8601 22 KB
9 KB 271ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f3f19a91993489b6d73ffcd539452bc07a9f58bb6d7494c3669364350ca8406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:16:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2850
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9004
x-xss-protection: 0
server: cafe
etag: 14649824622339250880
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:16:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame 8601 3 KB
1 KB 273ms
10ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:33:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 12:33:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8601 178 KB
56 KB 287ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:40 GMT

GET
H2 200 10045661164033195996
tpc.googlesyndication.com/simgad/ Frame 8601 6 KB
6 KB 232ms
11ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10045661164033195996

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adf82705c87de97dcdf8ee3727786eda0b12927126ea40f1d4f3543d7f4a027f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 05:26:07 GMT
x-content-type-options: nosniff
age: 41853
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6041
x-xss-protection: 0
last-modified: Wed, 25 May 2022 17:56:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Jun 2024 05:26:07 GMT

GET
H3 200 q-mqyVPJxlA Show response
www.youtube.com/embed/ Frame 05B0 75 KB
31 KB 73ms
66ms Document
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/q-mqyVPJxlA?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

27cb6c85ecd21d9e45716579598ccae9012eb329c1560af6521eecede1286da4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pmk-20220605.5.js Show response
pm-widget.taboola.com/correiodopovo/ 109 KB
30 KB 9ms
9ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/correiodopovo/pmk-20220605.5.js
Requested by: Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/correiodopovo/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7af7fefc3934b71b876137907cf778644492452f5069c1f5234eaf8063966c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: xKMg_l9F09uvJAsG8GgFSMScmTDIcQ4S
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 21 Jun 2023 17:03:40 GMT
x-amz-request-id: 1HZMQPQT4CJZ5KHG
age: 1303406
x-cache: HIT, HIT
content-length: 30545
x-amz-id-2: xbSemZtj7cG9mv1H+L4uQmRVc8WPzN1VSNNYrXwzIhnFJ3bE0+uAcTejKP/PQRw+265iKqd3ZOk=
x-served-by: cache-bur-kbur8200145-BUR, cache-fra-eddf8230110-FRA
last-modified: Wed, 03 May 2023 03:51:20 GMT
server: AmazonS3
x-timer: S1687367021.758295,VS0,VE1
etag: "511562643ea308a992f5ce4aed292092"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 292, 1

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 193ms
13ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230620-6-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 194966
expires: 60

GET
H2 200 json Show response
trc.taboola.com/correiodopovo/trc/3/ 49 KB
14 KB 460ms
450ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/correiodopovo/trc/3/json?tim=17%3A03%3A40.731&lti=deflated&data=%7B%22id%22%3A965%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1687254870073%2C%22vi%22%3A1687367020729%2C%22cv%22%3A%2220230620-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.correiodopovo.com.br%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.correiodopovo.com.br%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A11800%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Mid%20Article%20Thumbnails%22%2C%22cd%22%3A2852.9375%2C%22mw%22%3A1140%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-d%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%201x1%20Home%20Page%22%2C%22orig_uip%22%3A%22Right%20Rail%201x1%20Home%20Page%22%2C%22cd%22%3A8092.25%2C%22mw%22%3A336%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CMid%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%2C%2CRight%20Rail%201x1%20Home%20Page%3Dthumbnails-d%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230620-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 27f9c09cc57b50d18cbdcad3a8ab7b507a8799f264bedb3c3865f7327309a310

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 442
date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7585
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-fra-eddf8230110-FRA
server: nginx
x-timer: S1687367021.744429,VS0,VE442
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
DATA 200
OK truncated
/ Frame 8601 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7fe105df580cce96d45b9bc85002706eea3c7819da56f035cff5a4b47576c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 notify-impression
nr-events.taboola.com/newsroom/1.0/correiodopovo/ 0
88 B 16ms
16ms Image
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nr-events.taboola.com/newsroom/1.0/correiodopovo/notify-impression?page.url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&view.id=840228481233099611&page.template=home&page.dashboard=home
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230110-FRA
tbl-x-upstream: 10.44.136.3:8080
date: Wed, 21 Jun 2023 17:03:40 GMT
via: 1.1 varnish
server: nginx
x-timer: S1687367021.741399,VS0,VE9
x-cache: MISS
accept-ranges: bytes
x-application-context: front-page-event-server:production
x-cache-hits: 0

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 39ms
38ms Fetch
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=898700906848364&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.correiodopovo.com.br%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=778d486ce8428b3c8cfda6a00124778a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Wed, 21 Jun 2023 17:03:40 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
x-fb-debug: fLR/oSQ/vmTBAA7h51l+QgAq9tmPM/o12hqt6x1yau5puW2822Ttkb3XvoSX4TPzlcn4zKg5YSTao1wC3YAI9Q==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ 359 B
476 B 495ms
481ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=23925&u=1&new=1&wst=0&wct=1&wla=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa1d2a3344f33b8b08c24f13651c2fd7c9e5c0896b742aec9b038ac44edeaec0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: public
date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 7dadd3891e15bbd1-FRA
expires: Wed, 21 Jun 2023 18:03:41 GMT

GET
H2 200 p-143b9248.entry.js Show response
assets.r7.com/cda-partners-bar/cda-partners-bar/ 5 KB
2 KB 286ms
285ms Script
application/x-javascript 95.101.148.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.r7.com/cda-partners-bar/cda-partners-bar/p-143b9248.entry.js
Requested by: Host: assets.r7.com
URL: https://assets.r7.com/cda-partners-bar/cda-partners-bar/p-110f01f1.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.101.148.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a5ee7407276e16d1bc10890859b4ec13be6352a5b0d868961cea0b9bfdd4964a

Request headers

Referer: https://www.correiodopovo.com.br/
Origin: https://www.correiodopovo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: gzip
last-modified: Tue, 13 Jun 2023 14:23:46 GMT
server: AkamaiNetStorage
etag: "2ec0298e01bc156f7f45d915b94dcc77:1686666226.076394"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2367

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
304 B 328ms
98ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Date: Wed, 21 Jun 2023 17:03:41 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 container.html Show response
0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CEAF 6 KB
3 KB 40ms
18ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:40 GMT
expires: Thu, 20 Jun 2024 17:03:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 1B5D 0
18 B 8ms
8ms Document
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.correiodopovo.com.br
Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.correiodopovo.com.br
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:40 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
355 B 53ms
17ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-4083550-1&cid=246229871.1687367020&jid=468632602&gjid=297057274&_gid=2032037943.1687367021&_u=YADAAEAAAAAAACAAI~&z=439904033

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 21 Jun 2023 17:03:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 23D4 624 B
245 B 51ms
47ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNW1WKZsZQNvFcnTKGF_juNMtW707K66KJwjhw_UezI6XzUmHwnCDmAkxWjJbDFnchr-SJ-VQmIEtItM2C_Yla4pk2u3Wxe07Yb2X-n0IV_g_w_5dEfGfY0M-u1ccxn7s740eJRtjknVX8Rgxh5jDJI833rcd4-x0zSccr_dS-BgiNflS6I

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:41 GMT
expires: Wed, 21 Jun 2023 17:03:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CEAF 78 KB
27 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:41 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CEAF 42 B
63 B 45ms
41ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AmX4UUV3MeA9zoPTDqZEbMghHMMABXEEvA1efjhOsxfujnPlpFQnT8VimX-Nr4p-8wMEStRj_sqAoE9fsP_mBJvCphaTbe5mQMXjJF5GWznfFqIZs

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CEAF 0
20 B 45ms
41ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2923338633576929804&x=1&ct=77

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame CEAF 3 KB
1 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:33:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 12:33:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame CEAF 19 KB
8 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30dd4d046ee0a560951014c2c3f71fb0b620af27279bd7c5ff8b4ac877214291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:15:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8121
x-xss-protection: 0
server: cafe
etag: 8940155340736220798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:15:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CEAF 178 KB
56 KB 28ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:41 GMT

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
304 B 563ms
396ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Date: Wed, 21 Jun 2023 17:03:41 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 9A89 4 KB
2 KB 10ms
10ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Wed, 21 Jun 2023 17:03:41 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1687367021.cds231.fr8.hn,1687367021.cds288.fr8.c

GET
H2 200 ad Show response
v.lkqd.net/ Frame 4601 2 KB
2 KB 469ms
95ms XHR
application/xml 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1180144&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63943%2C1%2C&c4=true&c5=&c6=63943&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=20926857&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: bdf181b1db70ad502993930ea4132877726262cbb063c357afdd7d5c0cfdb549

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1418

GET
H3 200 www-player.css
www.youtube.com/s/player/6ed0d907/ Frame 05B0 410 KB
48 KB 13ms
13ms Stylesheet
text/css 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6ed0d907/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/q-mqyVPJxlA?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2709731f5398ffb835d8845f6f4c78f052d7b7792c810b14d443c0f2094724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/q-mqyVPJxlA?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:49:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49278
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 01:47:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 20 Jun 2024 14:49:10 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/6ed0d907/www-embed-player.vflset/ Frame 05B0 308 KB
93 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6ed0d907/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/q-mqyVPJxlA?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b566d22c0563b579149060354f5b869a6721f5b9543c07a7509928a8e6687d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/q-mqyVPJxlA?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:53:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 622
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94811
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 01:47:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 20 Jun 2024 16:53:19 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/6ed0d907/player_ias.vflset/de_DE/ Frame 05B0 2 MB
746 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/q-mqyVPJxlA?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b68c6f76784b3b53d018faab33edcc0f9a82c2e76ab042f00c253d3e75e2f74d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/q-mqyVPJxlA?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 09:41:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26544
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 763858
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 01:47:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 20 Jun 2024 09:41:17 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/6ed0d907/fetch-polyfill.vflset/ Frame 05B0 9 KB
3 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6ed0d907/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/q-mqyVPJxlA?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/q-mqyVPJxlA?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:11:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10355
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2625
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 01:47:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 20 Jun 2024 14:11:06 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8601 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1OR4TGU7PMj6Mpgy47xcGVqf0pyFqjxWorp-i3YOMhy-WY5PKz_UveWSPhUswA4KALqWdWHBLeqDJQkCES-0w_8fjW7ajFQ-N4V75emN-pbQFXev7D3wRZhuV5dl6c4I9h6hPXNrQY5hnshffYj0glMoOiyJerVKnMTYTEFMWg4Y4TdYJwIUg7tXKL8-hZEr2cUlUx8jUpViaAL1IGM-Q2nQ__b57403jrnsHfJ1qD4pmWxvRqa4lR3yqh_2D-wsPNMG9_PjdGqy6k-LCT7sN0GoGSRVsXOHgZIKqd0LS_MmrlTCVO2EVUaboRiGGQvIh-4TbcDYKJ45vm453&sai=AMfl-YRwFDH-4htnPlykyd0dXse9lORTKLLMm9XmwbUwtoT4RYyTUjYxPy0Y50mRnRPhLVAS011ZPhaNnIfR2vFTpsoqs409s0Cy9hERW1JdArk&sig=Cg0ArKJSzN3d2rbb4x3pEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Jun 2023 17:03:41 GMT

GET
H2 200 ortc-heartbeat1sec-min.js Show response
wfpscripts.webspectator.com/ 76 KB
19 KB 111ms
107ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ortc-heartbeat1sec-min.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2782&vId=7C98116C35F24CEA&dads=0&lts=0&nv=1&s=4863&res=1600x1200&c=1&l=en&r=&sr=&ts=1687367020618&rs=0&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 80a6c8fd3fd83054bdd51a596217f806cec456cd5b176ec5e44a407201a82d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: gzip
last-modified: Wed, 30 Nov 2016 17:07:44 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "ae07ae40393a03d603b6341bf9f7f923"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=2592000
content-length: 19153
x-amz-meta-s3b-last-modified: 20161130T162538Z

GET
H2 200 retargetly_univ_2.js Show response
wfpscripts.webspectator.com/third_party/ 612 B
578 B 319ms
315ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/third_party/retargetly_univ_2.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2782&vId=7C98116C35F24CEA&dads=0&lts=0&nv=1&s=4863&res=1600x1200&c=1&l=en&r=&sr=&ts=1687367020618&rs=0&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 0d89ab019fdc4db07a89ba39546aa0ef86110eb0478c636a033e8ac5e5fb6acb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 20:05:54 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "302fb998d90e2452d81370c4e03fa940"
x-cache-status: MISS
content-type: application/javascript
content-length: 394

GET
H2 200 swfobject.js Show response
ajax.googleapis.com/ajax/libs/swfobject/2.2/ 10 KB
4 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js

Requested by

Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2782&vId=7C98116C35F24CEA&dads=0&lts=0&nv=1&s=4863&res=1600x1200&c=1&l=en&r=&sr=&ts=1687367020618&rs=0&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F&npv=1&ltsss=0&ltsvs=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 19:23:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 423620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3974
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Jun 2024 19:23:21 GMT

GET
H2 200 blockadblock.js Show response
wfpscripts.webspectator.com/adblocker/ 8 KB
3 KB 215ms
211ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/adblocker/blockadblock.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2782&vId=7C98116C35F24CEA&dads=0&lts=0&nv=1&s=4863&res=1600x1200&c=1&l=en&r=&sr=&ts=1687367020618&rs=0&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7ed1947cb1ec4f11c68e3b281741c4214839a262843c339c1f1e3bc357434183

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: gzip
last-modified: Tue, 11 Oct 2016 13:22:22 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "0dcdd7a190caf42e7d287645d9ba0303"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=2592000
content-length: 2696

GET
H2 200 ws-4.4.62.js Show response
wfpscripts.webspectator.com/ 81 KB
23 KB 216ms
212ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2782&vId=7C98116C35F24CEA&dads=0&lts=0&nv=1&s=4863&res=1600x1200&c=1&l=en&r=&sr=&ts=1687367020618&rs=0&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2e8fac6fa9527aaae83a3fc6200472418e1aa0cf42d9ed4422683e8e0192a861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: gzip
last-modified: Wed, 06 Mar 2019 17:07:49 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "4e7c8880fbc1b585c27bd698eb84469f"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=2592000
content-length: 23796

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 13 B
356 B 108ms
105ms XHR
application/json 18.164.52.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=870&wid=3680&cb=9436.534082188715&pid=2617&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/3680.js?pid=2617
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.52.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-52-38.cdg50.r.cloudfront.net
Software: nginx /
Resource Hash: 4c4cf15138949e4aa75df8077642b14c35debd3700d2416f89a7bb4f98aab8a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: gzip
via: 1.1 c1b64e986e19699994a84686a601b624.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: CDG50-P4
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-allow-credentials: true
x-amz-cf-id: HfeOewlaej91ArVjYVHyKQf4X5oOjQmWfIpA4GHhGFya2FJ96wFtLQ==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 64ms
35ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4083550-1&cid=246229871.1687367020&jid=468632602&_u=YADAAEAAAAAAACAAI~&z=1594451624

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 81ms
32ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4083550-1&cid=246229871.1687367020&jid=468632602&_u=YADAAEAAAAAAACAAI~&z=1594451624

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 23D4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELq5qgja1shQ1giEwqLjvwY&google_cver=1

43 B
766 B

17ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELq5qgja1shQ1giEwqLjvwY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNW1WKZsZQNvFcnTKGF_juNMtW707K66KJwjhw_UezI6XzUmHwnCDmAkxWjJbDFnchr-SJ-VQmIEtItM2C_Yla4pk2u3Wxe07Yb2X-n0IV_g_w_5dEfGfY0M-u1ccxn7s740eJRtjknVX8Rgxh5jDJI833rcd4-x0zSccr_dS-BgiNflS6I
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELq5qgja1shQ1giEwqLjvwY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 23D4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJMtbayDHAyZOxDyXo45vQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELq5qgja1shQ1giEwqLjvwY&google_cver=1

43 B
766 B

26ms
25ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELq5qgja1shQ1giEwqLjvwY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNW1WKZsZQNvFcnTKGF_juNMtW707K66KJwjhw_UezI6XzUmHwnCDmAkxWjJbDFnchr-SJ-VQmIEtItM2C_Yla4pk2u3Wxe07Yb2X-n0IV_g_w_5dEfGfY0M-u1ccxn7s740eJRtjknVX8Rgxh5jDJI833rcd4-x0zSccr_dS-BgiNflS6I
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELq5qgja1shQ1giEwqLjvwY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 23D4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFgBhfoPfRAB2fAtatu4p0w&google_cver=1

43 B
1 KB

15ms
14ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFgBhfoPfRAB2fAtatu4p0w&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNW1WKZsZQNvFcnTKGF_juNMtW707K66KJwjhw_UezI6XzUmHwnCDmAkxWjJbDFnchr-SJ-VQmIEtItM2C_Yla4pk2u3Wxe07Yb2X-n0IV_g_w_5dEfGfY0M-u1ccxn7s740eJRtjknVX8Rgxh5jDJI833rcd4-x0zSccr_dS-BgiNflS6I

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:41 GMT
AN-X-Request-Uuid: 5f582edf-18d4-47c6-8039-fdd1acb61b05
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFgBhfoPfRAB2fAtatu4p0w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 23D4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU4OTI2MDc0MjE3MDk1NTc5OA%3D%3D

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU4OTI2MDc0MjE3MDk1NTc5OA%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 21 Jun 2023 17:03:41 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 3ecedc40-9546-4ca2-8462-b81afc745724
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU4OTI2MDc0MjE3MDk1NTc5OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 76BC 4 KB
2 KB 10ms
10ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Wed, 21 Jun 2023 17:03:41 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1687367021.cds231.fr8.hn,1687367021.cds288.fr8.c

GET
H2 200 ad Show response
v.lkqd.net/ Frame 3A3F 180 B
361 B 352ms
93ms XHR
application/xml 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1180143&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63943%2C1%2C&c4=true&c5=&c6=63943&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=39360971&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 150

GET
H2 200 ed.png
portal.correiodopovo.com.br/imagens/ 663 B
743 B 237ms
236ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/ed.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 Porto Alegre, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dbc5ba73705106055d8e9dba6660e92221f0c0420466770f49d39139259145f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:40 GMT
last-modified: Wed, 13 Jul 2022 12:32:00 GMT
server: Microsoft-IIS/10.0
etag: "0a0538cb496d81:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 663

GET
H2 200 fontawesome-webfont.woff
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/fonts/ 82 KB
82 KB 20ms
20ms Font
application/x-font-woff 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/fonts/fontawesome-webfont.woff?v=4.1.0
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7a1d9a7fdb9f6de569ac49bbaafa22ad4dbd395d58bd166ea1b3689113de7f0b

Request headers

Referer: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/css/font-awesome.min.css
Origin: https://www.correiodopovo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
last-modified: Tue, 09 Mar 2021 18:43:42 GMT
server: nginx/1.18.0 (Ubuntu)
content-type: application/x-font-woff;charset=utf-8
v: 5
cache-control: max-age=2592000
content-length: 83760
expires: Fri, 21 Jul 2023 17:03:41 GMT

GET
H2 200 maislidas.json Show response
portal.correiodopovo.com.br/maislidas/ 1 KB
2 KB 744ms
245ms XHR
application/json 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.correiodopovo.com.br/maislidas/maislidas.json?202353173
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.143.1551460756!/jquery-1.11.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 Porto Alegre, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f4eb6a953c9d46684297105d831672bcc209864e48f21326f9214d2bd0a0487f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
last-modified: Wed, 21 Jun 2023 16:44:09 GMT
server: Microsoft-IIS/10.0
etag: W/"9d15b1995fa4d91:0"
x-powered-by: ASP.NET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1456

GET
H2 200 temperaturatopo Show response
www.correiodopovo.com.br/cmlink/ 240 B
324 B 20ms
20ms XHR
text/html 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/cmlink/temperaturatopo
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.143.1551460756!/jquery-1.11.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ae0045ce4597701b918384c17402ad14e391fa44e44ea8f800d159d6aff62f96

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.correiodopovo.com.br/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

v: 5
date: Wed, 21 Jun 2023 17:03:41 GMT
cache-control: max-age=900
content-encoding: gzip
content-type: text/html;charset=utf-8
server: nginx/1.18.0 (Ubuntu)
expires: Wed, 21 Jun 2023 17:18:41 GMT

GET
H2 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 37ms
15ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:29:51 GMT
content-encoding: gzip
age: 34430
x-guploader-uploadid: ADPycdstHGXsL_o9zHMbr5oJhWGWuuDoBoqHq7DccBEffLcDQfWnWYK6gRg1U5tGDKUCFHCR9yD6bnbwwVBlEQhmQtdZ-ywIdnJV
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6114
last-modified: Mon, 19 Sep 2022 18:20:35 GMT
server: UploadServer
etag: "1f6a2c178b385e908b632664e93aed26"
x-goog-hash: crc32c=vQZHMA==, md5=H2osF4s4XpCLYyZk6TrtJg==
x-goog-generation: 1663611635525811
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6114
accept-ranges: bytes
expires: Thu, 22 Jun 2023 07:29:51 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-931232517

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa8c315a3b679b533985404a3dc8fc45074947ff69d1dade73b3f978a9b539cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69991
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 16:44:10 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jun 2023 17:03:41 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
74 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-814785950

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

07c2b71790257b4f964b42e65ceacb4365d2cc26a22c191194c0dbaf89ff1a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75717
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 16:44:10 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jun 2023 17:03:41 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
74 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-814785950&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aefeadb883dd6e961e6735adac512916b7a43934199587bd492bcdb87d58ae2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75746
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 16:44:10 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jun 2023 17:03:41 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
74 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801247112

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

389957fc7a6964eecce57b9744f86c39f176ddb960622a6b436636c7833bd5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75824
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 16:09:52 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jun 2023 17:03:41 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
74 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801247112&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dab6b7f1ee6fdf63279ca4d2f48e63b2f295af1ac7d73a59b1151b4244c52c7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75867
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 16:09:52 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jun 2023 17:03:41 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 139 KB
53 KB 31ms
25ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-AW-931232517&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

76822b21d8f8ffc353cc47cbdc6837f250a376a8e62c12334c12f1a2ebe3d18e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54705
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 16:09:52 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jun 2023 17:03:41 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 17ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VH600BGGZW&gtm=45je36e2&_p=792804722&cid=246229871.1687367020&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1687367021&sct=1&seg=0&dl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&dt=Correio%20do%20Povo&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VH600BGGZW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 864C 6 KB
3 KB 10ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:40 GMT
expires: Thu, 20 Jun 2024 17:03:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 05B0 15 KB
15 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/q-mqyVPJxlA?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 00:06:15 GMT
x-content-type-options: nosniff
age: 61046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jun 2024 00:06:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 05B0 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/q-mqyVPJxlA?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 342956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jun 2024 17:47:45 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 130 KB
37 KB 461ms
460ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=227302566722832&correlator=2175184625316376&eid=31074824&output=ldjh&gdfp_req=1&vrg=202306140101&ptt=17&impl=fifs&iu_parts=1840275%2CRetanguloMedio-7%2CRetanguloMedio-8%2CRetanguloMedio-2%2CRetanguloMedio-3%2CRetanguloMedio-6&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=336x280%7C300x250%2C336x280%7C300x250%2C336x280%7C300x250%2C336x280%7C300x250%2C336x280%7C300x250&ifi=9&adks=3667820386%2C685387775%2C371154622%2C2589830175%2C376131427&sfv=1-0-40&prev_scp=dk_refresh%3Dtrue%26index%3D1%26hostname%3Dwww%2Ccorreiodopovo%2Ccom%2Cbr%2Cwww.correiodopovo.com.br%26pathname%3D%252F%26placement_name%3Dsquare%26secom%3D1%26tier%3D1%26editoria%3Dhome%26tags%3D%26requested%3Dtrue%7Cdk_refresh%3Dtrue%26index%3D2%26hostname%3Dwww%2Ccorreiodopovo%2Ccom%2Cbr%2Cwww.correiodopovo.com.br%26pathname%3D%252F%26placement_name%3Dsquare%26secom%3D1%26tier%3D1%26editoria%3Dhome%26tags%3D%26requested%3Dtrue%7Cdk_refresh%3Dtrue%26index%3D3%26hostname%3Dwww%2Ccorreiodopovo%2Ccom%2Cbr%2Cwww.correiodopovo.com.br%26pathname%3D%252F%26placement_name%3Dsquare%26secom%3D1%26tier%3D1%26editoria%3Dhome%26tags%3D%26requested%3Dtrue%7Cdk_refresh%3Dtrue%26index%3D4%26hostname%3Dwww%2Ccorreiodopovo%2Ccom%2Cbr%2Cwww.correiodopovo.com.br%26pathname%3D%252F%26placement_name%3Dsquare%26secom%3D1%26tier%3D1%26editoria%3Dhome%26tags%3D%26requested%3Dtrue%7Cdk_refresh%3Dtrue%26index%3D5%26hostname%3Dwww%2Ccorreiodopovo%2Ccom%2Cbr%2Cwww.correiodopovo.com.br%26pathname%3D%252F%26placement_name%3Dsquare%26secom%3D1%26tier%3D1%26editoria%3Dhome%26tags%3D%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D4134fe1550871f4%26hb_bidder%3Dappnexus%26requested%3Dtrue&eri=1&sc=1&cookie=ID%3D3b95bde5d60261f9%3AT%3D1687367020%3ART%3D1687367020%3AS%3DALNI_MZe6TUSs-cKK-fpFfB3wOWOOxRPIw&gpic=UID%3D00000c57ac9caa65%3AT%3D1687367020%3ART%3D1687367020%3AS%3DALNI_ManznqMdxlw5uFRXZaKzM2CKDbmrQ&abxe=1&dt=1687367021452&lmt=1687367021&dlt=1687367019376&idt=1063&adxs=1034%2C1034%2C1034%2C1034%2C1034&adys=4456%2C4766%2C7324%2C7634%2C8679&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6%7C7%7C8%7C9%7C10&ucis=8%7C9%7Ca%7Cb%7Cc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&frm=20&vis=1&psz=336x-1%7C336x-1%7C336x-1%7C336x-1%7C336x-1&msz=336x-1%7C336x-1%7C336x-1%7C336x-1%7C336x-1&fws=4%2C4%2C4%2C4%2C4&ohw=336%2C336%2C336%2C336%2C336&psts=ABHeCvht1CMsxg9Xs4rejo81e91HTt8wx7sUR5sIlb3ubcd4KxUmtatzRWYW-pc9SwAWRz24Fg4FDeb4_uNi%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=246229871.1687367020&ga_sid=1687367020&ga_hid=792804722&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

887337067e7a29d58372012281ba625ba389277c5a7427ac952beeda7455420d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38137
x-xss-protection: 0
google-lineitem-id: 5908474715,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138379755314,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 userx.20230620-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 10ms
10ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230620-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef13b0253a986d36b9de961b9d657b6735fc409299b451d1e9a1454f66ce2fec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: yQwZyXEurRH1ow5V_7vo0gyZObwynie6
content-encoding: gzip
via: 1.1 varnish
date: Wed, 21 Jun 2023 17:03:41 GMT
x-amz-request-id: 3ZG8VZYP3TMVTA46
age: 110363
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5397
x-amz-id-2: Yt9bEw8/pEbiJcQE4v7DtO8+TgdiK6Jj/Cf2yO/0powjqnA6rdIjVKaubf2uZ6/YgvdK72rPmmI=
x-served-by: cache-fra-eddf8230110-FRA
last-modified: Tue, 20 Jun 2023 10:24:18 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687367022.510131,VS0,VE0
etag: "b7cdca876844e9766f1112d8bd36fb5d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 24
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 41003

GET
H2 200 distance-from-article.20230620-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 10ms
10ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230620-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 136a576886a9ae3b5d55278a3e69a1fcc0a2189dfbf77ec41787742f260e5526

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: tiKXD9R.iV6EIW70tY.NUChNLGxA7YrV
content-encoding: gzip
via: 1.1 varnish
date: Wed, 21 Jun 2023 17:03:41 GMT
x-amz-request-id: KWZGY6QQHAPY2WXS
age: 110394
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1134
x-amz-id-2: GW6GuEFveKhOCgTmCOgQ04p1FF/C7YK4HcAXz//pc8GI2pu3XPdCEiim9Z5oSFDHijYBlmjHH6s=
x-served-by: cache-fra-eddf8230110-FRA
last-modified: Tue, 20 Jun 2023 10:23:47 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687367022.510170,VS0,VE0
etag: "fbfd48aada1c3f9df380e1a033c23ef4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 48
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 174911

GET
H2 200 article-detection.20230620-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
1 KB 10ms
10ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230620-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31c86114d8c9683bade57e627634f040284e99a601deb292b961108e5d831415

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 4H3kMWXEvjq2NgzTAQGAVlKPfHF0V_uV
content-encoding: gzip
via: 1.1 varnish
date: Wed, 21 Jun 2023 17:03:41 GMT
x-amz-request-id: 6F24P33XX5KVX3ET
age: 110401
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1235
x-amz-id-2: AIWsF5zgNZPSAuzzPtiit7O76cUDqqzm/96NSiuc9KM4xnShKgtETESsnZ/yw+AmxKkQV7yqOVU=
x-served-by: cache-fra-eddf8230110-FRA
last-modified: Tue, 20 Jun 2023 10:23:40 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687367022.510571,VS0,VE0
etag: "1f20295bd8365ddf48f735c926ff0cc2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 41
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 174883

GET
H2 200 ClanOT-Bold.otf
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ 96 KB
96 KB 21ms
21ms Font
application/octet-stream 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ClanOT-Bold.otf
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7a7a28bf8c915d81305c6d44cbc36843ea3590864050bcca51f89792f74f631a

Request headers

Referer: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
Origin: https://www.correiodopovo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
last-modified: Tue, 09 Mar 2021 18:43:43 GMT
server: nginx/1.18.0 (Ubuntu)
content-type: application/octet-stream;charset=utf-8
v: 5
cache-control: max-age=2592000
content-length: 98180
expires: Fri, 21 Jul 2023 17:03:41 GMT

GET
H2 200 UnitSliderDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.0.4/ 109 KB
30 KB 9ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.0.4/UnitSliderDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230620-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fcc96e861b10e641a1f75d6d2961482ff19608ba15156820ac4d5d4dd1c50067

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 115067
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 30286
x-served-by: cache-fra-eddf8230110-FRA
last-modified: Tue, 20 Jun 2023 09:05:07 GMT
server: AmazonS3
x-timer: S1687367022.524401,VS0,VE0
etag: "704c096a01b26cf553a9347ba2a7344a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: ZS1Or45CWTagcXH5tLM63-OQMuRywR_AB4vXpt8OO4R31Up23J3F3w==
x-cache-hits: 535

POST
H2 204 abtests
am-trc-events.taboola.com/correiodopovo/log/3/ 0
252 B 134ms
15ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/correiodopovo/log/3/abtests?route=AM:AM:V&lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1687367021520%7D&tim=17%3A03%3A41.520&id=6622&llvl=2&ri=5baa504d49cd36e5a20168b6c9b81b17&sd=v2_c955b60c2e18fd990e3579ddc6613730_ea73d8da-8a26-4720-994f-785266cac580-tuctb8cb2ec_1687367020_1687367020_CIi3jgYQzeNHGLnhpfeNMSABKAEwODib4wlAgooQSMzK2QNQ____________AVgAYABosrWxmb6uzo3eAXAA&ui=ea73d8da-8a26-4720-994f-785266cac580-tuctb8cb2ec&pi=/&wi=-5703500169402860967&pt=home&vi=1687367020729&
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230620-6-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2

200

B30043029.367713896;dc_pre=CNCEtP_r1P8CFdXrEQgd6UwGRw;dc_trk_aid=558732320;dc_trk_cid=192908634;ord=2023-06-21+17%3A03%3A41;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D...
ad.doubleclick.net/ddm/trackimp/N9037.2069703TABOOLA/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N9037.2069703TABOOLA/B30043029.367713896;dc_trk_aid=558732320;dc_trk_cid=192908634;ord=2023-06-21+17%3A03%3A41;dc_lat=;dc_rdid=;tag_for_child_directed_treatm...
https://ad.doubleclick.net/ddm/trackimp/N9037.2069703TABOOLA/B30043029.367713896;dc_pre=CNCEtP_r1P8CFdXrEQgd6UwGRw;dc_trk_aid=558732320;dc_trk_cid=192908634;ord=2023-06-21+17%3A03%3A41;dc_lat=;dc_r...

42 B
118 B

38ms
37ms

Image
image/gif

172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N9037.2069703TABOOLA/B30043029.367713896;dc_pre=CNCEtP_r1P8CFdXrEQgd6UwGRw;dc_trk_aid=558732320;dc_trk_cid=192908634;ord=2023-06-21+17%3A03%3A41;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?;dc_ref=correiodopovo.com.br

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N9037.2069703TABOOLA/B30043029.367713896;dc_pre=CNCEtP_r1P8CFdXrEQgd6UwGRw;dc_trk_aid=558732320;dc_trk_cid=192908634;ord=2023-06-21+17%3A03%3A41;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?;dc_ref=correiodopovo.com.br
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 abtests
am-trc-events.taboola.com/correiodopovo/log/3/ 0
231 B 133ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/correiodopovo/log/3/abtests?route=AM:AM:V&lti=deflated&ri=5baa504d49cd36e5a20168b6c9b81b17&sd=v2_c955b60c2e18fd990e3579ddc6613730_ea73d8da-8a26-4720-994f-785266cac580-tuctb8cb2ec_1687367020_1687367020_CIi3jgYQzeNHGLnhpfeNMSABKAEwODib4wlAgooQSMzK2QNQ____________AVgAYABosrWxmb6uzo3eAXAA&ui=ea73d8da-8a26-4720-994f-785266cac580-tuctb8cb2ec&pi=/&wi=-5703500169402860967&pt=home&vi=1687367020729&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1687367021501%7D&tim=17%3A03%3A41.501&id=6626&llvl=2&cv=20230620-6-RELEASE&
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 18 KB
18 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.correiodopovo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:30:05 GMT
x-content-type-options: nosniff
age: 398016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18664
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:19:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jun 2024 02:30:05 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012305252018000/ Frame 5634 222 KB
61 KB 57ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4135cd61dfa379bb61b0718f3a20dc8b25d0b8f4e3f2e52ef4d0e5be736136c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 20 Jun 2023 21:05:41 GMT
age: 71880
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61795
x-xss-protection: 0
server: sffe
etag: "7347aa4c83612bf7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 19 Jun 2024 21:05:41 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018000/v0/ Frame 5634 15 KB
5 KB 68ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e2ac756b7d18a0715d66cff4a48f4ba89882b3bcec6cd4fda5455387eaff84d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 20 Jun 2023 18:01:12 GMT
age: 82949
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5238
x-xss-protection: 0
server: sffe
etag: "6efdfbd3c81d03c9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 19 Jun 2024 18:01:12 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018000/v0/ Frame 5634 94 KB
28 KB 70ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a9344144d755ac52f3d8405003feb8eab3b79aebc78e330537ea10861d6f32e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 15 Jun 2023 20:51:54 GMT
age: 504707
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28864
x-xss-protection: 0
server: sffe
etag: "51fe97ef57b83921"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Jun 2024 20:51:54 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018000/v0/ Frame 5634 5 KB
2 KB 73ms
25ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a28b55f41413d16c71a76b7af3ff9f707323bb3906096b85f7a581415aaeff55

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 20 Jun 2023 22:34:09 GMT
age: 66572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1896
x-xss-protection: 0
server: sffe
etag: "fbb7a7837efaff21"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 19 Jun 2024 22:34:09 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018000/v0/ Frame 5634 40 KB
13 KB 73ms
25ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45352935afb3119009abbfa8ed5bf7b67fc4edf64e8b718a134975410823ace9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 20 Jun 2023 17:52:34 GMT
age: 83467
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12956
x-xss-protection: 0
server: sffe
etag: "bd37dd4c3b7b688b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 19 Jun 2024 17:52:34 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5634 6 KB
802 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 15:40:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Jun 2023 17:03:41 GMT

GET
H3 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5634 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:01:03 GMT
x-content-type-options: nosniff
server: cafe
age: 79358
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2886
x-xss-protection: 0
expires: Wed, 21 Jun 2023 19:01:03 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5634 344 B
368 B 8ms
7ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:03:49 GMT
x-content-type-options: nosniff
server: cafe
age: 79192
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Wed, 21 Jun 2023 19:03:49 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
244 B 122ms
122ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=e&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1687367021605&cb=0.6163064081763354&aa=intext&m=Auto%20placement%20container%20not%20found

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7dadd38d1d559128-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 914 B
1 KB 45ms
17ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

1b2aa5f23507f3a82266786b7eff810083d957cd9cb6293aadd6b4647237ecec

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 21 Jun 2023 17:03:41 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 7a7d3faa-cfd3-4e37-8d34-f97e7a10ae92
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content hb Show response
cpm.denakop.com/ 0
271 B 44ms
15ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.denakop.com/hb?zone=166090&v=1.6
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:41 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
318 B 19ms
19ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=38a98409-5329-4c71-b89d-bf4af3edf2a1&l_pb_bid_id=86b5b6694aa8dc8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3696006855148912
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 19ccc434efeea81dc7a8ec981c036cad9c15cf6844d66acf0ad59daa40b3ec91

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
295 B 50ms
49ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=d9a4122e-a0ee-4baf-aa88-c61b05439220&l_pb_bid_id=872cea747229ce4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8243979536565285
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4046f5e2f75866f0984159941d8021810ed94a3a183b86ac7f171a6b40cdba85

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
295 B 21ms
19ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=0726499e-e3ea-4b2d-b856-1e8e5d36e262&l_pb_bid_id=881170711058411&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6575861153001958
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e806b89824c1ecfbf38c5d0bf9b01b1b49e5dadbd9aac34bb678e2514a7f107f

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
295 B 20ms
18ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=2153e45e-66b8-4400-b9b1-90057be7b784&l_pb_bid_id=89489d38ea0e468&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7256692362014316
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a489e84a2c08ef29f50c7cfcee6be906820a85bbd1383a06a21bed02de76af0a

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
295 B 20ms
17ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=2e19d448-715e-41ca-a36d-5f604aef4570&l_pb_bid_id=906626067f96c6c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8155117935230909
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 44c5077c61856f6c7f40dae7dbf9b6d26d0ac9333990e49b8e7aab18dad5e780

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
298 B 54ms
50ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=578c84f2-8e0a-442e-aa53-278309dff083&l_pb_bid_id=9181001d5f76691&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4193159352733651
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d6ab2b6887ee695de39eb759a4d0396c47bb69f811c17c8c78c141c60201039c

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 263
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
298 B 50ms
46ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=b8b64e9d-b201-4619-a6da-b64a5b54b8bc&l_pb_bid_id=92fe541832e4e14&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4481285555047787
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ad016fa6953f9da77a79e729a695316ab363e9a963699f919ce6af075456a41e

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 263
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
298 B 70ms
67ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=eeb971ba-53c0-4049-a0cf-700a9caab454&l_pb_bid_id=9394e883d779725&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5012372255766755
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 639df2d960bb19b0abc1eeb0e98694b4036aee2248bb1e7cb704bed779f31b5c

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 263
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 202ms
200ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 74ms
72ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 80ms
78ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:40 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 41ms
39ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:40 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 87ms
85ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 133ms
103ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:40 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 150ms
107ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 262ms
189ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CEAF 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7325000046683&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CEAF 0
20 B 43ms
42ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7325000046683&version=m202301230201&ct=77&x=1&cor=2923338633576930000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CEAF 15 KB
11 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CvGOaQJU-WF7wPec2niin55UYlYQkDu6FzPJJXvIauGNpckJa9_BXWlP6Zf3ndR729jFnjcXO0QF5lCys0MiljkENF-voZsqmT2OmHXMoVyUyVk_G_jbB5xd6kp9DY2I1d8SctUl_cJE43LloLXhm_bWP7W9Yd0XTrMjgWryLlji4jM20&cry=1&dbm_d=AKAmf-ClTIcuy68pDEPCZR8PvXKkP-1iN57GLRxQUsAiglClbrsw-FBe84hrDWqpznnABpwAMxVd8ZzBnPQqDX2LLEo7QO7LKe38LSJOlqR7WcIUKqXcfdh_bsLDqQxG4aIolBsSE4ga8qKZwIJ8p295E4xtSXEhTQkFdhQnm79FfKjx1q2RGGHFoo8HhzUjRVkZ2QK-y6iBCu7k2e8uDVl3fa3jlBxUhB_EtPCiarEXVoc1R1a409xL64aJd5CdXFib4KUOOa9KrmOf-ahUR0t1I3BjO4Ylgd_pggNrxHSkFJIOu8kRp7VdKZH4zY3FksL4G9BwLa3shy_RHOptPShZjUUZgiAXlPrT3UgXvGwqhT7DmvsrCZu0xo3OxfrJBqXSuBWwkXILhiVWeAK6pQQZb58Ohy1UIkeuN2RJc0KpL_R13BZpQsVZgBQcFB_Nz-vUt1iLgMxvxluixJffoljsnBBajp8Cjh7hRlv29VRBs1Poi8NYmHAIWRItvCjbDdq3FMHSPhq6VTUgtSnOcEJKHO3eeZdFQdzPyAHE-edeTysveDvaXB3ARl4aYqkfsTD8yp6b8VoqM__Rcg9DGYw1zulL3zQrGoIE0hHJ2HXNQu7XBgFU45LH39ZIELzZ4fm2_jhr_z1zPEduns3UdqWuGB4yphwoV7WlRaV3iucRAEIhjCwLPXlz9ZO8kmRHwRDyxZ7J2gkabvowF89Q-W1PIpuV1_Ii1MjJlAPY8chPsDvmsOGqG13fN2UaCXIxv6Ha8W1P56ZnRvxBsuVEJV_fMZMTD0fC47OxI4NL5oaz2IqhmmZz-gtFDLT_4kpEmWP3zeum5I4NPciNNrbQGpusn8YAT5bKwNT4YupugixdKbGFnlApDl76V1x-Eqrka1Xb4na6YutBQPPW5KMtrRndkZS9DybUsSqBcb2NYTUAQB2XH_kHJ0e4bfl9IEDhxIfjkPdS1iGWymRSXsGeLALSuZD7XrGKT9p8adQIHJ-wiZ_famKXbPGLmOpUPEaVFhmtNlcy-yzKXQitUQpM3hQ8xtZjy44PuMqIZhN5kad-Sa6Zl_iX9Rh2xRNS8oCByVfM6fdJ1VUBJOj9kY2ZmDSrnA_o41uSfP8so1-t0pyoaYb3wsLUAEwjQIR8YXGh5R7g2Guey68GEGdUpMv79V0bP0Rnmhd6ChcB-DJH2M5ALkE0kXixahc-0jmANLewWgPflxGWWwD4tbBBm42ujMUX16xE9yuWFi6UvEAhyXJE3Tc2WVpfQY9TIjBfwtw7CforuzPOlv7PNfZY2u4QGcIMbF5bKk7sy4_4tBCtr61PwQfQ0pDONnmZTKGffBdkfzbKsjBd-R84CmHUlPNaRBNmUTRzeJ_UGcLSeK69gGKHBvQgWY4VFF84vHzhfJ6iDxEv24LJNMY-RKTVNVe2vgeKKynVKoPbWm3vUg0SniQI7qL6-vus0DSfkd7fOZ9yPk131ZinuoNXuGziHmHoDrjyvifImuJY6K0PcG1-Oxyk3T-Lo3p4ac1q78wpC4rNkUUxpP148EefbAPPez8ToNCqpgkmEubgJLeap3O6JuzAUy9XW6ScH2sMq7AESdBjD8jRSDEvdo9P2lPLG4HUgGXRDNDdOZH9fW0Nt3dpHo9dUYCjodW_NvITnaeqklcodPFHirReF7TNhz5MEwVQ0ewvqDRPElS_A3CeoqbBGHyNS_URnHuoaZWxndJaqxA6Dyg0cImZFelAsxvUB8c7eQYj18cXmprS1qu9zIC9YU7wMyh1_e4Sezl-j6edKmIlXWT5ZYiJMZ3v08UIxh7vDtpYbgQaYuMDNTFJGKRRI5EoEB-FSl5Kd5OrCnUH-JEbLuDqwI41CQ65FS_wtB5meLg-AuzMFRUc434PkxFmH9NpGs6yhLa_hNSdqTTjOTu8WQfowGYOKBDmkNFIjq77UWcLlEH4l-WHdugHuyVB_e0u35L-Q7Gn0k_erAhBIqrhxI9LfJn7DvpKAoc4um1972B0g6gD_QpW3PAixm_FewWCM_FH9GuSVvFbJLl3CBOVT94BR6LTmziV38WXwjKSwHXAcjMgP352iT1xk1kL9S6dTP9KzB7DwTrgGV0mbdWJYs0UflOfUADGkIXNMT3TR_21DSJKCtOy1ZHH8N0J1UA-PjAVuAIQC76bmne4xjaIuFLo5grZbdbNhBHpL781aF1LlGBXcBPA7QBib4Z_W1kireELMYDY7TV-N-PTQoh9gDMCm3ZsZ8Iy7Os4JCKQY0_cSqr4HgDUUg_PgVxX6ExQVvCryYyHTlCzZJi2-I67C25YlRaC3tTkOZqxEaQXFB3YyJ2PoGL6Li7NAzb2h0ENv5ynvoMzHoCaX5op5mENNDqXJ_FK9GxjTGDGNsJ-R880XvkvrSrUbv1K-IyTw45up7eO_f9Z3lYDwfULuQmyp6e-Pi2Xp2ZMJ7giymYb0p3iAFCIdgZcaKgFIec17TjbJQZ_WLTbHtlsQiRoFscZJMxOsKd7PvXVq0WX8NXUuSdJSldtlSbFVWWEPDXlBAJFprkkU9kJfyZpWesjheTHdJz4IzOxAO4C0O6yak_UYMA0tOpqlNmSIZeL7_e3AoRmlwD5qLhl9suMhcsOqct818Ri378pindK_hOLlf_pQEc78Um8oy8o7bO7D2r9UDXfYvNIFVlYEf1n0cacOLf9hEWLJchcfrat-vkRJQB3ictwqRM2J0skOjK2_6ddofwXZFOg1jNJKVmYh4pIV2TrnU76n6FLCi8jAL-iImEbyF6EcB6w-yV-Lrh0UPeAvBbToatag3IdaNib-gns7zAcHj07CWyNzBtyySyNF88fIbMpNglcBJBocAwVWZmxibnDWiUMLL2BY_YvN1_UVkUaOBTFmFiDKoAJs7N6KVGDG5Eeul1Bv2wWg0gG4GR8ye6G3DB6gHJYm1hm-2Nq3yIv9l3CSgOxDBJHotk_ujUjnf2VUNmS9edRuEfadDfOCOVzeBH6dY8TR_EFLDbt3rIwpIIaztNbgPqFOMddaDZ-4lbZPQQmsAJv0JmLTUsw_BaxrEuuVG-XbcraxvSyMrN1oX2e-gdvYD6Yxlhsg_DPOoXn-m7lAMpeONxJ1XWzTGwI5gmsgDTzA_6ju8ldaxGwv2wQ6rl_n341soqsosvpOYQElmocqmkvOBReWkV7Kbf9n0dyOVJxkfYDfQzASzVvwSInzoqj4rndqiOSg5b464ALqS1AhBnA0qr9lmPsMrQQtt7w3LGZDJc6YgCGOzmo_o0XO1kjwIRhF7dAy4ayQfijpiYIHgqpTpGC_pWUrWtowwKlTK60FhoSKZtToSDa3I3zZP-l-WdBigFzqBfC7RrSJ8dzViV4w_L0Zp_Yf3EHD2SLxFxna_TF33JWcPwOT675a_H3Va54GVvAaGrlW52MWkvEtRtOARcmQKP6atsscmLMgijvdKD2O3WSDKmtWnopQxrEl1d822KWjh05F1eX8fTTcS_AB2ae6tmNDrTiCDVy_Ak0lshf2BjppXhXieW7OxGeThOX0BjhZgyZXGigAhy_DUS30AyPtE0xU-0j7cp3gZOmkgV1fjFu82hXhul-zSXEVBbENyF_5wJW3RqJ5h0qeWa4lQf9svyMhamLE5a-Gtb0Yv6vjlxayYxhBOWBTnW1ismZ3l_5LNxsmcTdUEC0Y-A1aICe_cnHNN3faWAeryOwf7W8WgNj5eVRnzObawd9SFHW9Snaagfmo5Vex3V9Xw9waGk99EPbaKXevWRHP1dhkzwOnRzX40xW5Ic78PqTygqJFu1-gcad45hWpPpuvnYbujGq20OlicPWdLxAVSSv7YI&cid=CAQSSwBygQiDLI7b8IcdlIPO7svN-c56WJEoL1dkldzlvZziKR7SRTY_f3yS3Li6-4MbO4tclIp3AG-p1oBNL1flogAug6iUBDuMcKMdnhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ds=l&xdt=1&iif=1&cor=2923338633576930000&adk=3690638929&idt=97&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15905f8a3b00fd6262e5f4ab1fa3d88cbf9fd68e95c834734da87f01abb9143f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11308
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 iframe Show response
accounts.google.com/o/oauth2/ Frame C1C5 280 B
259 B 273ms
272ms Document
text/html 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

45d3f554c05907fa70fa5124d741db47f4e7b387a5743cb34f61dbdc672a7515

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-mxoc8Le7-YGgo-Yr_392gA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-mxoc8Le7-YGgo-Yr_392gA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

cs
cs.lkqd.net/ Frame 9A89
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3b0fd566-02a1-4b0f-9db4-95e140e8e0ef

43 B
308 B

94ms
94ms

Image
image/gif

146.20.132.111
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3b0fd566-02a1-4b0f-9db4-95e140e8e0ef
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3b0fd566-02a1-4b0f-9db4-95e140e8e0ef
date: Wed, 21 Jun 2023 17:03:41 GMT
server: _
content-length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame 9A89 43 B
308 B 305ms
93ms Image
image/gif 146.20.132.111
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 9A89 43 B
309 B 304ms
92ms Image
image/gif 146.20.132.111
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 9A89
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3792032271343893360

43 B
308 B

107ms
96ms

Image
image/gif

146.20.132.111
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3792032271343893360
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3792032271343893360
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame 9A89
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=TW1pEDX9XsNcY8UojiLEdCU6Ovg

43 B
308 B

92ms
92ms

Image
image/gif

146.20.132.111
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=TW1pEDX9XsNcY8UojiLEdCU6Ovg
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=TW1pEDX9XsNcY8UojiLEdCU6Ovg
Date: Wed, 21 Jun 2023 17:03:42 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H2 204 social
am-trc-events.taboola.com/correiodopovo/log/3/ 0
230 B 16ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/correiodopovo/log/3/social?route=AM:AM:V&lti=deflated&ri=5baa504d49cd36e5a20168b6c9b81b17&sd=v2_c955b60c2e18fd990e3579ddc6613730_ea73d8da-8a26-4720-994f-785266cac580-tuctb8cb2ec_1687367020_1687367020_CIi3jgYQzeNHGLnhpfeNMSABKAEwODib4wlAgooQSMzK2QNQ____________AVgAYABosrWxmb6uzo3eAXAA&ui=ea73d8da-8a26-4720-994f-785266cac580-tuctb8cb2ec&pi=/&wi=-5703500169402860967&pt=home&vi=1687367020729&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.correiodopovo.com.br%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Correio%20do%20Povo%22%2C%22sec%22%3A%22undefined%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=17%3A03%3A41.663&id=5975&llvl=2&cv=20230620-6-RELEASE&
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 310ms
94ms Preflight
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.correiodopovo.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Jun 2023 17:03:41 GMT
server: nginx

POST t
t.lkqd.net/ Frame 55BB 0
0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 306ms
95ms Preflight
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.correiodopovo.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Jun 2023 17:03:41 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame A39C 0
170 B 292ms
97ms XHR
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Wed, 21 Jun 2023 17:03:42 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame DACB 230 KB
61 KB 9ms
9ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 21:01:07 GMT
etag: "88ca76abee51b1544e17b021f04aaaed"
x-hw: 1687367021.cds231.fr8.hn,1687367021.cds333.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62021

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/7974949798835211749/ Frame 5634 44 KB
44 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7974949798835211749/2076313506083323656

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed67662fd632fb92b8d08a105b8908d065ed19b7e199e7779d94af7fc9e7ffac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 12:21:26 GMT
x-content-type-options: nosniff
age: 362535
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44678
x-xss-protection: 0
last-modified: Tue, 16 May 2023 10:03:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 16 Jun 2024 12:21:26 GMT

GET
DATA 200
OK truncated
/ Frame 5634 218 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fca1cecbb79ec1a111a8704840209211403a227b6d36818224dd490926077583

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5634 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ba812d3fec562dc1d59be15e34486a42cc71d4e543d8ceef57f74d80d27ce8c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 384c31fa4de60f4c8488fe1a6b342333.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 22 KB
23 KB 20ms
10ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/384c31fa4de60f4c8488fe1a6b342333.jpg
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b025a5491e27ce75f3563dc43053561d85f98645ca8fadd39e043b059d92dd31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Wed, 21 Jun 2023 17:03:41 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/384c31fa4de60f4c8488fe1a6b342333.jpg
age: 1737439
edge-cache-tag: 543743945553269788305197293709519880624,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
cache-tag: 543743945553269788305197293709519880624,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 330
req-referer: https://www.auto-motor-und-sport.de/
content-length: 22844
x-request-id: a1e53aa7eee28560b74e796fce5d3cda
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200070-IAD, cache-iad-kjyo7100092-IAD, cache-chi-kigq8000095-CHI, cache-iad-kjyo7100137-IAD, cache-fra-eddf8230110-FRA
last-modified: Wed, 31 May 2023 19:56:47 GMT
server: nginx
x-timer: S1687367022.715525,VS0,VE2
etag: "a9e98406181d285c5b7664f357ad6155"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 79, 1

GET
H2 200 98a4f66daf12b57ba81b72ecd3b2636c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
9 KB 21ms
11ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/98a4f66daf12b57ba81b72ecd3b2636c.jpg
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 58796af19f75520e2cba157b5be73cfdc03fbf4131f692d85066b0b9b63f1f4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Wed, 21 Jun 2023 17:03:41 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/98a4f66daf12b57ba81b72ecd3b2636c.jpg
age: 714803
edge-cache-tag: 356456638816400831873983126532522531544,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
cache-tag: 356456638816400831873983126532522531544,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 234
expiration: expiry-date="Thu, 06 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.fluggesellschaft.de/
content-length: 8140
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kiad7000118-IAD, cache-iad-kjyo7100116-IAD, cache-lga21921-LGA, cache-iad-kjyo7100115-IAD, cache-fra-eddf8230110-FRA
last-modified: Mon, 05 Jun 2023 17:13:32 GMT
server: nginx
x-timer: S1687367022.715557,VS0,VE2
etag: "05b47dd4aff2369fe4deeedf87706405"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 71, 1

GET
H2 200 be1ed4fdbc9558878c89b92861cbae94.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 25 KB
26 KB 21ms
13ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/be1ed4fdbc9558878c89b92861cbae94.jpg
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c4b232d51671f5df01a636853747e6b6cfad249aec89f56581b2b1fada74b7e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Wed, 21 Jun 2023 17:03:41 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/be1ed4fdbc9558878c89b92861cbae94.jpg
age: 175730
edge-cache-tag: 581659775240187647060287263269843298288,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
cache-tag: 581659775240187647060287263269843298288,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 211
expiration: expiry-date="Fri, 07 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.milliyet.com.tr/
content-length: 25740
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000127-IAD, cache-iad-kiad7000156-IAD, cache-lga21983-LGA, cache-iad-kcgs7200094-IAD, cache-fra-eddf8230110-FRA
last-modified: Tue, 06 Jun 2023 15:33:06 GMT
server: nginx
x-timer: S1687367022.716020,VS0,VE3
etag: "26e7ef0c4e0620ed63ecbe8e383f5bf0"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2, 1

GET
H2 200 b7020cdd76f60ef371c2eb8cc96cc42b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 22 KB
23 KB 12ms
10ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b7020cdd76f60ef371c2eb8cc96cc42b.jpg
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bcae765ac486a3e70da95ae85b0e7ad86586df074cc96045b192ce3824a3c853

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Wed, 21 Jun 2023 17:03:41 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b7020cdd76f60ef371c2eb8cc96cc42b.jpg
age: 1279473
edge-cache-tag: 386504858249163013472177943349488176249,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
cache-tag: 386504858249163013472177943349488176249,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 260
expiration: expiry-date="Fri, 30 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.fcinternews.it/
content-length: 22302
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100027-IAD, cache-iad-kjyo7100130-IAD, cache-lax10654-LGB, cache-iad-kcgs7200049-IAD, cache-fra-eddf8230110-FRA
last-modified: Tue, 30 May 2023 15:35:43 GMT
server: nginx
x-timer: S1687367022.715540,VS0,VE2
etag: "6a6c8a49dc0bb7351a596edd98da28ce"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 48, 1

GET
H2 200 ebe34cda8115467cefbce4b5ccf7075e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 23 KB
24 KB 14ms
12ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ebe34cda8115467cefbce4b5ccf7075e.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c6e2c424d31156b33ee6196c0706e3f29cd4ac567703641adcdd364baf64488

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Wed, 21 Jun 2023 17:03:41 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ebe34cda8115467cefbce4b5ccf7075e.png
age: 2689261
edge-cache-tag: 380718914452234203638632966853219348314,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag: 380718914452234203638632966853219348314,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 167
expiration: expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://recipe.rakuten.co.jp/
content-length: 23650
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100098-IAD, cache-iad-kcgs7200024-IAD, cache-lga21945-LGA, cache-iad-kiad7000120-IAD, cache-fra-eddf8230110-FRA
last-modified: Thu, 11 May 2023 18:20:13 GMT
server: nginx
x-timer: S1687367022.716107,VS0,VE2
etag: "0607147d725e8ff399d05cf589102036"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 17, 1

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 71 KB
22 KB 441ms
441ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=227302566722832&correlator=3219357625955413&eid=31074824&output=ldjh&gdfp_req=1&vrg=202306140101&ptt=17&impl=fifs&iu_parts=21715141650%3A1840275%2Cdesktop_scroll&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C970x250%7C728x180%2C970x90%7C728x90%7C970x250%7C728x180%2C970x90%7C728x90%7C970x250%7C728x180&ifi=14&adks=4190904370%2C3599931277%2C2974921360&sfv=1-0-40&prev_scp=dk_refresh%3Dtrue%26index%3D1%26hostname%3Dwww%2Ccorreiodopovo%2Ccom%2Cbr%2Cwww.correiodopovo.com.br%26pathname%3D%252F%26placement_name%3Dscroll%26secom%3D1%26tier%3D1%26requested%3Dtrue%7Cdk_refresh%3Dtrue%26index%3D2%26hostname%3Dwww%2Ccorreiodopovo%2Ccom%2Cbr%2Cwww.correiodopovo.com.br%26pathname%3D%252F%26placement_name%3Dscroll%26secom%3D1%26tier%3D1%26requested%3Dtrue%7Cdk_refresh%3Dtrue%26index%3D3%26hostname%3Dwww%2Ccorreiodopovo%2Ccom%2Cbr%2Cwww.correiodopovo.com.br%26pathname%3D%252F%26placement_name%3Dscroll%26secom%3D1%26tier%3D1%26requested%3Dtrue&eri=1&sc=1&cookie=ID%3Df4f6aec2d2429b4b%3AT%3D1687367020%3ART%3D1687367020%3AS%3DALNI_MbwTJEtruCUFyzwgGUmbXDmPQdYSQ&gpic=UID%3D00000c326f26c56b%3AT%3D1687367020%3ART%3D1687367020%3AS%3DALNI_MY-SHgpqAkMfSw_SGk7EwT4oxAwPA&abxe=1&dt=1687367021747&lmt=1687367021&dlt=1687367019376&idt=1063&adxs=315%2C315%2C315&adys=1628%2C6038%2C8724&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=11%7C12%7C13&ucis=d%7Ce%7Cf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&frm=20&vis=1&psz=1600x-1%7C1600x-1%7C1600x-1&msz=1600x-1%7C1600x-1%7C1600x-1&fws=4%2C4%2C4&ohw=1600%2C1600%2C1600&ga_vid=246229871.1687367020&ga_sid=1687367020&ga_hid=792804722&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e857891c95421c458c9b8cc4aadfe9b4a62362ca6a8d1e1f135c8331f79060e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22471
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D449 6 KB
3 KB 24ms
24ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:40 GMT
expires: Thu, 20 Jun 2024 17:03:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5634 15 KB
16 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.correiodopovo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 345566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jun 2024 17:04:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5634 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.correiodopovo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 15:24:53 GMT
x-content-type-options: nosniff
age: 351528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jun 2024 15:24:53 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7A1B 640 B
265 B 50ms
48ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYw9PDmAEwAQ&v=APEucNWMzdRRqcm1RI-XrvEpq6cwzJqrwhOd-MTgZMpEsOA3tBugSCtNxfaU2KlA57PjVWFTa1W_swLjq5JRiWmIuZL6I22Zs2IJ4fKn5g09JTfUXXbAlA575a2uWFWKUWSKJS7AHRj1cOLLa_FlaQQfDch3lfG9cI9hyLcAZQnmtj9-p5fAMLw

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:41 GMT
expires: Wed, 21 Jun 2023 17:03:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 864C 78 KB
27 KB 115ms
114ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:41 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 864C 42 B
63 B 44ms
43ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DUCI1Cn5WvQgXUW90Yh7jPsNdfb8Q8B2uIhuS4U8tJhFdSKvPKPYXOCVsKPSWWXq-NF0FPKnka-6yYW79oYcQQUajRjiMtCATRqe5F3jgBAgRdDEs

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 864C 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16947687642965395336&x=1&ct=76

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame 864C 3 KB
1 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:33:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 12:33:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame 864C 19 KB
8 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30dd4d046ee0a560951014c2c3f71fb0b620af27279bd7c5ff8b4ac877214291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:15:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8121
x-xss-protection: 0
server: cafe
etag: 8940155340736220798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:15:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 864C 178 KB
56 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:41 GMT

GET
H2 200 12.png
www.correiodopovo.com.br/imagens/icons/93x93/ 2 KB
2 KB 31ms
19ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/imagens/icons/93x93/12.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: ce52949e9b1d83b7909932a5a0893e2f7aa0a447c853e21956cf91bc7fbc902d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
server: Azion IMS
x-original-image-size: 2083
x-ims: Enabled
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
content-length: 1762
expires: Fri, 21 Jul 2023 17:03:41 GMT

GET
H2

200

cs
cs.lkqd.net/ Frame 76BC
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3b0fd566-02a1-4b0f-9db4-95e140e8e0ef

43 B
308 B

94ms
94ms

Image
image/gif

146.20.132.111
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3b0fd566-02a1-4b0f-9db4-95e140e8e0ef
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3b0fd566-02a1-4b0f-9db4-95e140e8e0ef
date: Wed, 21 Jun 2023 17:03:41 GMT
server: _
content-length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame 76BC 43 B
308 B 117ms
93ms Image
image/gif 146.20.132.111
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 76BC 43 B
308 B 117ms
94ms Image
image/gif 146.20.132.111
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 76BC
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3792032271343893360

43 B
308 B

93ms
92ms

Image
image/gif

146.20.132.111
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3792032271343893360
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3792032271343893360
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame 76BC
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=TW1pEDX9XsNcY8UojiLEdCU6Ovg

43 B
308 B

94ms
94ms

Image
image/gif

146.20.132.111
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=TW1pEDX9XsNcY8UojiLEdCU6Ovg
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=TW1pEDX9XsNcY8UojiLEdCU6Ovg
Date: Wed, 21 Jun 2023 17:03:42 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H2 206 fy1nmsyaqmd3cmtmhn2l.mp4
cdn.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_OPTIMIZATION_2/h_400,c_scale/v1686145014/ 1 MB
1 MB 8ms
8ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_OPTIMIZATION_2/h_400,c_scale/v1686145014/fy1nmsyaqmd3cmtmhn2l.mp4
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ba4ebac0dda05b59ab9683ab66a686c1cef3e7d0bcd48f537aa04d268b72481

Request headers

Referer: https://www.correiodopovo.com.br/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: RvnCJE5xLb2IZ0ljEWq5EBqg8iGstqzh
date: Wed, 21 Jun 2023 17:03:41 GMT
via: 1.1 varnish
x-amz-request-id: RZZGCRXZMNJ79BKY
age: 16
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-1350757/1350758
x-amz-replication-status: COMPLETED
Content-Length: 1350758
x-amz-id-2: 6syFCZIgzHkLjk3y6ALZH5ITbGXE0t5lbY29/D77sBr6guhMRv9nUU1dtb1SLkM3MG24xWUN6hw=
x-served-by: cache-fra-eddf8230110-FRA
last-modified: Wed, 07 Jun 2023 13:37:14 GMT
server: AmazonS3
x-timer: S1687367022.861837,VS0,VE1
etag: "43ec822a8263a1cba83e243c2bcea152"
content-type: video/mp4;codecs=avc1
abp: 92
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK / Show response
msgws.webspectator.com/server/ssl/2.1/ 67 B
248 B 476ms
101ms Script
text/javascript 34.234.140.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://msgws.webspectator.com/server/ssl/2.1/?guid=0323bfb6-c6cc-91b8-255f-a8c4701b5123&appkey=w5tlOg
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ortc-heartbeat1sec-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.140.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-140-75.compute-1.amazonaws.com
Software: / Express
Resource Hash: 4a2a801c9c80fdddf923fc6b0c364467a102da2ca6a46afaffca59819f030539

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 21 Jun 2023 17:03:42 GMT
X-Powered-By: Express
Transfer-Encoding: chunked
Content-Type: text/javascript

GET
H2 200 6272b8fa4b495528e7000650 Show response
cms-media-api.r7.com/menu/ 27 KB
3 KB 42ms
23ms Fetch
application/json 95.101.148.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-media-api.r7.com/menu/6272b8fa4b495528e7000650
Requested by: Host: assets.r7.com
URL: https://assets.r7.com/cda-partners-bar/cda-partners-bar/p-143b9248.entry.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.101.148.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-43.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39f06d08040ae7e623e2cf7503909a9cf17029ef47661c6f50dc59e094698d8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: gzip
etag
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: !no-store, must-revalidate, max-age=120
accept-ranges: bytes
content-length: 3363

GET
H2 200 loader Show response
api.retargetly.com/ 11 KB
5 KB 150ms
119ms Script
application/javascript 2606:4700:10::ac43:8f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.retargetly.com/loader?id=3368
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/third_party/retargetly_univ_2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4362a2b21daa8185db1960d48bdfa4fc744b4144199df5bc9fad8fa49be876e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
access-control-allow-origin: *
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control: public, max-age=604800
cf-ray: 7dadd38f2d429a00-FRA
expires: Wed Jun 28 2023 17:03:42 GMT+0000 (Coordinated Universal Time)

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
100 B 516ms
495ms Script
application/x-javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&id=12e378d8ef40a25121df9a1ca310%7C0&acc=23925&tit=Correio%2520do%2520Povo&url=https%253A%2F%2Fwww.correiodopovo.com.br%2F&upd=1&new=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7dadd38f2eafbbd1-FRA
content-length: 6
content-type: application/x-javascript

GET
H2

200

sync Show response
sync2.navdmp.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=81125759215
https://sync2.navdmp.com/sync?prtid=2&id=81125759215&google_gid=CAESEDpT3dJCEtwhjHYbXoeyXQQ&google_cver=1

6 B
57 B

478ms
468ms

Script
application/javascript

2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync2.navdmp.com/sync?prtid=2&id=81125759215&google_gid=CAESEDpT3dJCEtwhjHYbXoeyXQQ&google_cver=1
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7dadd3922af3bbd1-FRA
content-length: 6
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync2.navdmp.com/sync?prtid=2&id=81125759215&google_gid=CAESEDpT3dJCEtwhjHYbXoeyXQQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/sync/ 43 B
418 B 54ms
18ms Image
image/gif 95.101.148.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-198.deploy.static.akamaitechnologies.com
Software: MT3 1031 59fd23a master zrh zrh-pixel-x28 config_version:"1524" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:41 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x28 config_version:"1524"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Wed, 21 Jun 2023 17:03:40 GMT

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58727/
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

0
15 B

262ms
10ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date: Wed, 21 Jun 2023 17:03:42 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0110.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
content-language: en
location: https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
content-type: text/html
cache-control: no-store
content-length: 344

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CEAF 41 KB
15 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CvGOaQJU-WF7wPec2niin55UYlYQkDu6FzPJJXvIauGNpckJa9_BXWlP6Zf3ndR729jFnjcXO0QF5lCys0MiljkENF-voZsqmT2OmHXMoVyUyVk_G_jbB5xd6kp9DY2I1d8SctUl_cJE43LloLXhm_bWP7W9Yd0XTrMjgWryLlji4jM20&cry=1&dbm_d=AKAmf-ClTIcuy68pDEPCZR8PvXKkP-1iN57GLRxQUsAiglClbrsw-FBe84hrDWqpznnABpwAMxVd8ZzBnPQqDX2LLEo7QO7LKe38LSJOlqR7WcIUKqXcfdh_bsLDqQxG4aIolBsSE4ga8qKZwIJ8p295E4xtSXEhTQkFdhQnm79FfKjx1q2RGGHFoo8HhzUjRVkZ2QK-y6iBCu7k2e8uDVl3fa3jlBxUhB_EtPCiarEXVoc1R1a409xL64aJd5CdXFib4KUOOa9KrmOf-ahUR0t1I3BjO4Ylgd_pggNrxHSkFJIOu8kRp7VdKZH4zY3FksL4G9BwLa3shy_RHOptPShZjUUZgiAXlPrT3UgXvGwqhT7DmvsrCZu0xo3OxfrJBqXSuBWwkXILhiVWeAK6pQQZb58Ohy1UIkeuN2RJc0KpL_R13BZpQsVZgBQcFB_Nz-vUt1iLgMxvxluixJffoljsnBBajp8Cjh7hRlv29VRBs1Poi8NYmHAIWRItvCjbDdq3FMHSPhq6VTUgtSnOcEJKHO3eeZdFQdzPyAHE-edeTysveDvaXB3ARl4aYqkfsTD8yp6b8VoqM__Rcg9DGYw1zulL3zQrGoIE0hHJ2HXNQu7XBgFU45LH39ZIELzZ4fm2_jhr_z1zPEduns3UdqWuGB4yphwoV7WlRaV3iucRAEIhjCwLPXlz9ZO8kmRHwRDyxZ7J2gkabvowF89Q-W1PIpuV1_Ii1MjJlAPY8chPsDvmsOGqG13fN2UaCXIxv6Ha8W1P56ZnRvxBsuVEJV_fMZMTD0fC47OxI4NL5oaz2IqhmmZz-gtFDLT_4kpEmWP3zeum5I4NPciNNrbQGpusn8YAT5bKwNT4YupugixdKbGFnlApDl76V1x-Eqrka1Xb4na6YutBQPPW5KMtrRndkZS9DybUsSqBcb2NYTUAQB2XH_kHJ0e4bfl9IEDhxIfjkPdS1iGWymRSXsGeLALSuZD7XrGKT9p8adQIHJ-wiZ_famKXbPGLmOpUPEaVFhmtNlcy-yzKXQitUQpM3hQ8xtZjy44PuMqIZhN5kad-Sa6Zl_iX9Rh2xRNS8oCByVfM6fdJ1VUBJOj9kY2ZmDSrnA_o41uSfP8so1-t0pyoaYb3wsLUAEwjQIR8YXGh5R7g2Guey68GEGdUpMv79V0bP0Rnmhd6ChcB-DJH2M5ALkE0kXixahc-0jmANLewWgPflxGWWwD4tbBBm42ujMUX16xE9yuWFi6UvEAhyXJE3Tc2WVpfQY9TIjBfwtw7CforuzPOlv7PNfZY2u4QGcIMbF5bKk7sy4_4tBCtr61PwQfQ0pDONnmZTKGffBdkfzbKsjBd-R84CmHUlPNaRBNmUTRzeJ_UGcLSeK69gGKHBvQgWY4VFF84vHzhfJ6iDxEv24LJNMY-RKTVNVe2vgeKKynVKoPbWm3vUg0SniQI7qL6-vus0DSfkd7fOZ9yPk131ZinuoNXuGziHmHoDrjyvifImuJY6K0PcG1-Oxyk3T-Lo3p4ac1q78wpC4rNkUUxpP148EefbAPPez8ToNCqpgkmEubgJLeap3O6JuzAUy9XW6ScH2sMq7AESdBjD8jRSDEvdo9P2lPLG4HUgGXRDNDdOZH9fW0Nt3dpHo9dUYCjodW_NvITnaeqklcodPFHirReF7TNhz5MEwVQ0ewvqDRPElS_A3CeoqbBGHyNS_URnHuoaZWxndJaqxA6Dyg0cImZFelAsxvUB8c7eQYj18cXmprS1qu9zIC9YU7wMyh1_e4Sezl-j6edKmIlXWT5ZYiJMZ3v08UIxh7vDtpYbgQaYuMDNTFJGKRRI5EoEB-FSl5Kd5OrCnUH-JEbLuDqwI41CQ65FS_wtB5meLg-AuzMFRUc434PkxFmH9NpGs6yhLa_hNSdqTTjOTu8WQfowGYOKBDmkNFIjq77UWcLlEH4l-WHdugHuyVB_e0u35L-Q7Gn0k_erAhBIqrhxI9LfJn7DvpKAoc4um1972B0g6gD_QpW3PAixm_FewWCM_FH9GuSVvFbJLl3CBOVT94BR6LTmziV38WXwjKSwHXAcjMgP352iT1xk1kL9S6dTP9KzB7DwTrgGV0mbdWJYs0UflOfUADGkIXNMT3TR_21DSJKCtOy1ZHH8N0J1UA-PjAVuAIQC76bmne4xjaIuFLo5grZbdbNhBHpL781aF1LlGBXcBPA7QBib4Z_W1kireELMYDY7TV-N-PTQoh9gDMCm3ZsZ8Iy7Os4JCKQY0_cSqr4HgDUUg_PgVxX6ExQVvCryYyHTlCzZJi2-I67C25YlRaC3tTkOZqxEaQXFB3YyJ2PoGL6Li7NAzb2h0ENv5ynvoMzHoCaX5op5mENNDqXJ_FK9GxjTGDGNsJ-R880XvkvrSrUbv1K-IyTw45up7eO_f9Z3lYDwfULuQmyp6e-Pi2Xp2ZMJ7giymYb0p3iAFCIdgZcaKgFIec17TjbJQZ_WLTbHtlsQiRoFscZJMxOsKd7PvXVq0WX8NXUuSdJSldtlSbFVWWEPDXlBAJFprkkU9kJfyZpWesjheTHdJz4IzOxAO4C0O6yak_UYMA0tOpqlNmSIZeL7_e3AoRmlwD5qLhl9suMhcsOqct818Ri378pindK_hOLlf_pQEc78Um8oy8o7bO7D2r9UDXfYvNIFVlYEf1n0cacOLf9hEWLJchcfrat-vkRJQB3ictwqRM2J0skOjK2_6ddofwXZFOg1jNJKVmYh4pIV2TrnU76n6FLCi8jAL-iImEbyF6EcB6w-yV-Lrh0UPeAvBbToatag3IdaNib-gns7zAcHj07CWyNzBtyySyNF88fIbMpNglcBJBocAwVWZmxibnDWiUMLL2BY_YvN1_UVkUaOBTFmFiDKoAJs7N6KVGDG5Eeul1Bv2wWg0gG4GR8ye6G3DB6gHJYm1hm-2Nq3yIv9l3CSgOxDBJHotk_ujUjnf2VUNmS9edRuEfadDfOCOVzeBH6dY8TR_EFLDbt3rIwpIIaztNbgPqFOMddaDZ-4lbZPQQmsAJv0JmLTUsw_BaxrEuuVG-XbcraxvSyMrN1oX2e-gdvYD6Yxlhsg_DPOoXn-m7lAMpeONxJ1XWzTGwI5gmsgDTzA_6ju8ldaxGwv2wQ6rl_n341soqsosvpOYQElmocqmkvOBReWkV7Kbf9n0dyOVJxkfYDfQzASzVvwSInzoqj4rndqiOSg5b464ALqS1AhBnA0qr9lmPsMrQQtt7w3LGZDJc6YgCGOzmo_o0XO1kjwIRhF7dAy4ayQfijpiYIHgqpTpGC_pWUrWtowwKlTK60FhoSKZtToSDa3I3zZP-l-WdBigFzqBfC7RrSJ8dzViV4w_L0Zp_Yf3EHD2SLxFxna_TF33JWcPwOT675a_H3Va54GVvAaGrlW52MWkvEtRtOARcmQKP6atsscmLMgijvdKD2O3WSDKmtWnopQxrEl1d822KWjh05F1eX8fTTcS_AB2ae6tmNDrTiCDVy_Ak0lshf2BjppXhXieW7OxGeThOX0BjhZgyZXGigAhy_DUS30AyPtE0xU-0j7cp3gZOmkgV1fjFu82hXhul-zSXEVBbENyF_5wJW3RqJ5h0qeWa4lQf9svyMhamLE5a-Gtb0Yv6vjlxayYxhBOWBTnW1ismZ3l_5LNxsmcTdUEC0Y-A1aICe_cnHNN3faWAeryOwf7W8WgNj5eVRnzObawd9SFHW9Snaagfmo5Vex3V9Xw9waGk99EPbaKXevWRHP1dhkzwOnRzX40xW5Ic78PqTygqJFu1-gcad45hWpPpuvnYbujGq20OlicPWdLxAVSSv7YI&cid=CAQSSwBygQiDLI7b8IcdlIPO7svN-c56WJEoL1dkldzlvZziKR7SRTY_f3yS3Li6-4MbO4tclIp3AG-p1oBNL1flogAug6iUBDuMcKMdnhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ds=l&xdt=1&iif=1&cor=2923338633576930000&adk=3690638929&idt=97&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97866
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 13:52:35 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7A1B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENTRZRppciWZHhKhTYKRAd4&google_cver=1

43 B
105 B

104ms
103ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENTRZRppciWZHhKhTYKRAd4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYw9PDmAEwAQ&v=APEucNWMzdRRqcm1RI-XrvEpq6cwzJqrwhOd-MTgZMpEsOA3tBugSCtNxfaU2KlA57PjVWFTa1W_swLjq5JRiWmIuZL6I22Zs2IJ4fKn5g09JTfUXXbAlA575a2uWFWKUWSKJS7AHRj1cOLLa_FlaQQfDch3lfG9cI9hyLcAZQnmtj9-p5fAMLw
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENTRZRppciWZHhKhTYKRAd4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 7A1B 43 B
295 B 169ms
108ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYw9PDmAEwAQ&v=APEucNWMzdRRqcm1RI-XrvEpq6cwzJqrwhOd-MTgZMpEsOA3tBugSCtNxfaU2KlA57PjVWFTa1W_swLjq5JRiWmIuZL6I22Zs2IJ4fKn5g09JTfUXXbAlA575a2uWFWKUWSKJS7AHRj1cOLLa_FlaQQfDch3lfG9cI9hyLcAZQnmtj9-p5fAMLw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 7A1B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEL7xALUSpgr93apOzwbGPco&google_cver=1

23 B
163 B

59ms
58ms

Image
image/gif

104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEL7xALUSpgr93apOzwbGPco&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYw9PDmAEwAQ&v=APEucNWMzdRRqcm1RI-XrvEpq6cwzJqrwhOd-MTgZMpEsOA3tBugSCtNxfaU2KlA57PjVWFTa1W_swLjq5JRiWmIuZL6I22Zs2IJ4fKn5g09JTfUXXbAlA575a2uWFWKUWSKJS7AHRj1cOLLa_FlaQQfDch3lfG9cI9hyLcAZQnmtj9-p5fAMLw
Protocol: H2
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Wed, 21 Jun 2023 17:03:42 GMT
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEL7xALUSpgr93apOzwbGPco&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 7A1B 23 B
163 B 111ms
59ms Image
image/gif 104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYw9PDmAEwAQ&v=APEucNWMzdRRqcm1RI-XrvEpq6cwzJqrwhOd-MTgZMpEsOA3tBugSCtNxfaU2KlA57PjVWFTa1W_swLjq5JRiWmIuZL6I22Zs2IJ4fKn5g09JTfUXXbAlA575a2uWFWKUWSKJS7AHRj1cOLLa_FlaQQfDch3lfG9cI9hyLcAZQnmtj9-p5fAMLw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Wed, 21 Jun 2023 17:03:42 GMT
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H3 200 api.gif
tags.denakop.com/ 0
208 B 120ms
119ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1687367021934&cb=0.2343444535281214&aa=scroll

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7dadd38f2ffd9128-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
208 B 121ms
120ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=a2&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1687367021935&cb=0.5543985003161644&aa=scroll

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7dadd38f2ffe9128-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
208 B 118ms
117ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=a2&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1687367021936&cb=0.8733957305202515&aa=scroll

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7dadd38f28009128-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8469 466 B
235 B 47ms
45ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNWiHXq6dMXf10ofspJyX5YcngtUMLymqX8WyUVcO5rq1mNCpp_9mQL5T4V-tLwxgF6ciqA7LQut3-qqOmu-x8vdUbW2YMmssdyXdYvpE-OwKsLXrUbhy8hN2zUJbOb67ib7vHGdXgQ-hXDv_dB08fkZFgx20KxxgfiNaygjufh2dNgnoxk

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D449 78 KB
27 KB 225ms
224ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D449 42 B
63 B 41ms
40ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BATfM_3DnS5Al4aEVo9-AhNiT2JGAl2rcQiMvnV9kLj_oc8C0hLDur8PiFKcksTXqWFp5XxEn3i7NsgwZsXzLmmU-vYacm4DWn5YTZC_UaVAxTapo

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D449 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2503743497171651978&x=1&ct=76

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame D449 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:33:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 12:33:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame D449 19 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30dd4d046ee0a560951014c2c3f71fb0b620af27279bd7c5ff8b4ac877214291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:15:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8121
x-xss-protection: 0
server: cafe
etag: 8940155340736220798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:15:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D449 178 KB
56 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:41 GMT

GET
H2 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 15ms
14ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 00:32:09 GMT
content-encoding: gzip
age: 59492
x-guploader-uploadid: ADPycdtTQrLN4BoFG7DtlImiHuCaMme44BeuEiWkIrts1OYt2WXrlog8Z0HSv6TUkklBnwbUjsJYweYQh_7N5Y8UqzlipQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8332
last-modified: Mon, 19 Sep 2022 18:20:35 GMT
server: UploadServer
etag: "e3068e8113c8f02d9b9a31f913c7a062"
x-goog-hash: crc32c=mUroJg==, md5=4waOgRPI8C2bmjH5E8egYg==
x-goog-generation: 1663611635449519
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8332
accept-ranges: bytes
expires: Thu, 22 Jun 2023 00:32:09 GMT

GET
H2 200 trk
tt-9964-3.seg.t.tailtarget.com/ 70 B
711 B 161ms
111ms Image
image/png 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-9964-3.seg.t.tailtarget.com/trk?tA=TT-9964-3&tJ=_channel:par-correiodopovo:1|_channel:r7-cas-alimentacaosaudavel:1|_channel:r7-cas-int-em-livros:1|_channel:r7-visao-geral:1&tK=1687367022&tM=direct&tL=direct&tN=direct&tY=3&tZ=496839220
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H3 200 cb=gapi.loaded_3 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=gapi_iframes_style_bubble/exm=auth,client,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/ 27 KB
9 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=gapi_iframes_style_bubble/exm=auth,client,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/cb=gapi.loaded_3?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068fb60fde199afd07fc016453b0de032f78b1d1973b3d42134110f73ce93a95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 04:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9183
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 15:25:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 04:59:12 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/ 3 KB
1 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/?random=1687367021973&cv=11&fst=1687367021973&bg=ffffff&guid=ON&async=1&gtm=45be36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Correio%20do%20Povo&auid=1286260787.1687367022&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-AW-931232517&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cad39e7afafb16a80eeeebc15504c2cb21fd48f34d58319059be1cc748aceac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1319
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET view
securepubads.g.doubleclick.net/pcs/ Frame 65AE 0
0

GET
H3 200 container.html Show response
0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8F72 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:40 GMT
expires: Thu, 20 Jun 2024 17:03:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1ABD 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:40 GMT
expires: Thu, 20 Jun 2024 17:03:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C65C 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:40 GMT
expires: Thu, 20 Jun 2024 17:03:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5AEE 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:40 GMT
expires: Thu, 20 Jun 2024 17:03:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame BAF1 4 KB
2 KB 14ms
14ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Wed, 21 Jun 2023 17:03:42 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1687367022.cds231.fr8.hn,1687367022.cds288.fr8.c

POST
H2 200 ad Show response
v.lkqd.net/ Frame DACB 45 KB
4 KB 312ms
311ms XHR
application/json 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1180144&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63943%2C1%2C&c4=true&c5=&c6=63943&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=20926857&m=&rtv=1&thost=www.correiodopovo.com.br
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 30f498910b63c17e41050ebdf6eab9e194629059253a95dcb4bdd57a24c73d3b

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 4261

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 465ms
270ms Preflight 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1180144&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63943%2C1%2C&c4=true&c5=&c6=63943&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=20926857&m=&rtv=1&thost=www.correiodopovo.com.br
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.correiodopovo.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
date: Wed, 21 Jun 2023 17:03:42 GMT
server: nginx

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK jf2y0amzcvu0 Show response
hal9000.redintelligence.net/zone/ Frame CEAF 11 KB
4 KB 47ms
13ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/jf2y0amzcvu0?subid=&gdpr=&gdpr_consent=&rnd=1687367020541421&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCK8y1bC2TZO2FIZ6A7_UPm_-XoAOm5b2gab2YnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAooDYljaUbI-qAMBqgSYAk_QzL-5ZGdNcf2q2Mu-2CftQcbUfkQx-rUKksqqBXOyT3CXS51JONI2lnVa4Fmch2FHmeqkG0cBUU9nwWZqvd7Vu0hYc0fq_VSsFhB1fJmoJrT5_OdvoSOz1SFlq4rhebKC9oDZaGaCbq4K1SDhTXNI-4MqH2pFZZcVAORLfqkfm7yeyO1VRjgD7Ku04VLsgKQkVMgTlZ9u1GgMZxvJ1YXo0rdELCFK6hAdofA2olmLWzzSD6GjTE4pKJbilNrQN3NZp1MEIHLM0qW0Yw7IGxNy_QpHDwysH2GYDOhrwQ2JhrPXUy9-lPV4vYfwBFuzz9gv4vrFMXa8KNht64o9nBCaTOF94sCyhQcfmlpy8f0YeGvGtXwadurABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBygQiDLI7b8IcdlIPO7svN-c56WJEoL1dkldzlvZziKR7SRTY_f3yS3Li6-4MbO4tclIp3AG-p1oBNL1flogAug6iUBDuMcKMdnhgB%26sig%3DAOD64_2-dtJl7C8-ig7-HcOrXvyqApkCcw%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-A75K4vXUex7iamCqPzMJX1FMUrREW3ytTVGQH1RwEwfiCuTur6Blx2YUc1WutbyuzxoVbKwlbeAwEYFiPgJbextDhyAH2O75VeVHx5hnRJ97M2qGfdNghQ0EvazFYzcACdKqrUmgDO0mtPEHA8KsDSQDVxZYjAzV1UfA9t9AiBGFyDlL0%26cry%3D1%26dbm_d%3DAKAmf-ATbi0ZUkkr1GArhfdN2DCJIF6yiam9k3-JtbLCITbtcUOuC4jO3RlzbRCMEzXT1K5SQhCI2BlJGRY_bW-RlR85vl46MqLwZRjZTbflhzy9hmuHfNVuNnu6IFNqHkdq1MeqTOfp_v2aUs634uI5UKO14fF_hy-Q8oSSzD4Jrc8bbTGaVGKO1uY9jpEs5XoOGZyojgve_muBpvoPJbGIrTmAhuygohfZzJMHEAO-ZHD2jl8-JPd13JOumpvUfAGF0nRpFMsuC3zNqXuxZVwGBd7xQwZAUXqzjJH4A3WDr09PqJZeXtVe-XFvYEETbsUtejFRWXyaZjM0zeL3DN88JKcd0P_S4fEwZzBExPL-Gfh7-pG4hq6o_81H7QKFoksqGbJOZ9-JSoDhmM3CCebNjrYlfPKLhJ3TbBh847d-M3-pWZyNgKAAgSbzb14rb5ibA414_nsN7k3DO5poSYMBkAjKMT0Dnum1jDEGqLAribyAtvLbZtyirNar4mbmntAXPB-IS0avyuxQjMX-9Pl6n0O7Z-1XBwSKgcmj9_6Rrt3g0bFnI3mC5m5ZB9YeZIVISiK4_Ovy%26adurl%3D
Requested by: Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 54521684094f49bf01d8965024cb845d0d69c555c2f750107243a61579953625

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:42 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4174
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

POST
H3 400 cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame C1C5 2 KB
845 B 30ms
30ms Other
text/html 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/IdpIFrameHttp/cspreport

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c4ff75a4db240a0e91feb2f1016cbe04a8e31664bc42b09e9249aaa02a44797c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.Cy1mcuq0pv0.es5.O/d=1/rs=AOaEmlEhj5HVJD_ZY3G6uojx-6HYajJIjA/ Frame C1C5 101 KB
35 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.Cy1mcuq0pv0.es5.O/d=1/rs=AOaEmlEhj5HVJD_ZY3G6uojx-6HYajJIjA/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c992d28464a38c69399b4a91f87dfa5f90f5dac2f22b06a7d23eb81de79438c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 17:47:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35329
x-xss-protection: 0
last-modified: Sat, 10 Jun 2023 04:39:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 17:47:35 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 05B0 113 B
159 B 15ms
14ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bb12857ae134a4e7167c7c9b4210aa0a6f17b88fdf672bbae8b9ca5dcaa3a0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 05B0 29 B
495 B 31ms
8ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:51:18 GMT
x-content-type-options: nosniff
age: 744
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Jun 2023 17:06:18 GMT

GET
H2 204 abtests
am-trc-events.taboola.com/correiodopovo/log/3/ 0
230 B 16ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/correiodopovo/log/3/abtests?route=AM:AM:V&lti=deflated&ri=5baa504d49cd36e5a20168b6c9b81b17&sd=v2_c955b60c2e18fd990e3579ddc6613730_ea73d8da-8a26-4720-994f-785266cac580-tuctb8cb2ec_1687367020_1687367020_CIi3jgYQzeNHGLnhpfeNMSABKAEwODib4wlAgooQSMzK2QNQ____________AVgAYABosrWxmb6uzo3eAXAA&ui=ea73d8da-8a26-4720-994f-785266cac580-tuctb8cb2ec&pi=/&wi=-5703500169402860967&pt=home&vi=1687367020729&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22feed-distance-from-article-end%22%2C%22type%22%3A%22480.6875%22%2C%22eventTime%22%3A1687367022154%7D&tim=17%3A03%3A42.155&id=6729&llvl=2&cv=20230620-6-RELEASE&
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/ 3 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/?random=1687367022183&cv=11&fst=1687367022183&bg=ffffff&guid=ON&async=1&gtm=45be36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Correio%20do%20Povo&auid=1286260787.1687367022&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801247112

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e75149e29642ec2de5cb6a5936bfcd7c2c6d390d997365345f71ea71d7085d00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1320
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 8469
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGfQo8nNdMtTN43fZCIvWXs&google_cver=1

43 B
548 B

46ms
16ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGfQo8nNdMtTN43fZCIvWXs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNWiHXq6dMXf10ofspJyX5YcngtUMLymqX8WyUVcO5rq1mNCpp_9mQL5T4V-tLwxgF6ciqA7LQut3-qqOmu-x8vdUbW2YMmssdyXdYvpE-OwKsLXrUbhy8hN2zUJbOb67ib7vHGdXgQ-hXDv_dB08fkZFgx20KxxgfiNaygjufh2dNgnoxk
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:42 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 90
Connection: keep-alive
Content-Length: 43

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGfQo8nNdMtTN43fZCIvWXs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8469
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTMzZjUzODEtMTA1NS0xMWVlLTlkMjUtMTkyY2IxNmUwMjA2

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTMzZjUzODEtMTA1NS0xMWVlLTlkMjUtMTkyY2IxNmUwMjA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNWiHXq6dMXf10ofspJyX5YcngtUMLymqX8WyUVcO5rq1mNCpp_9mQL5T4V-tLwxgF6ciqA7LQut3-qqOmu-x8vdUbW2YMmssdyXdYvpE-OwKsLXrUbhy8hN2zUJbOb67ib7vHGdXgQ-hXDv_dB08fkZFgx20KxxgfiNaygjufh2dNgnoxk

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 21 Jun 2023 17:03:42 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTMzZjUzODEtMTA1NS0xMWVlLTlkMjUtMTkyY2IxNmUwMjA2
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 13
Connection: keep-alive
Content-Length: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58269/ Frame 8469 0
125 B 211ms
9ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 18 KB
9 KB 163ms
163ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

25e20ef523f209df8a3ebe6047b2ee96804e30ee14b269846463020e18569b37

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 21 Jun 2023 17:03:42 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 7e4a9b23-7e39-441e-9d6b-c4fa2653f203
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 75ms
74ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 93ms
92ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 119ms
117ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 95ms
94ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
571 B 98ms
97ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 118ms
117ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 147ms
74ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 180ms
88ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 166ms
71ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:41 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
318 B 18ms
18ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=e7db490d-2813-452f-8574-f49285922dd7&l_pb_bid_id=124c260eca4b54f9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9941487194494438
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 35d06a227e735a15331748fe618bd1fb4726cd522b91ef7fd3e3673d2c5b56d6

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
295 B 20ms
19ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=da357d53-678e-4265-9dd9-289e111725ad&l_pb_bid_id=12520f311c678c78&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8101359083261253
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 117919c761552beb697019c2e07f2c37ce1d0161a34ad486b830a41e307e5f33

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
295 B 22ms
21ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=df28ffd8-01dd-409a-b6d1-e598089d4f4b&l_pb_bid_id=1268cbf62dc59ddf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9209626736732988
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 46cb66d8deb9c17c3c17514858963b4b74da7508a7c1b6db56bbf0ad31566429

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
295 B 20ms
19ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=6326df27-b082-4f1e-9122-dd5b29aa5683&l_pb_bid_id=12773cf83bf074d4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.41271606694309315
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 63c076d57d5bef376bef5de9645d5122ef21cf1fbf06e3c6e006612bd43e69f8

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
295 B 24ms
23ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=da81bdce-e4db-4e61-b5ff-f292e7109948&l_pb_bid_id=12874895717f393a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9091568490788888
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e49cd8db55085beb92c21f48e62bcd2147cbfec7b562cab651e34e56e556cb36

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
298 B 62ms
61ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=d4bc64a4-1065-45b1-b7af-e87404b6c974&l_pb_bid_id=12992c2172b09807&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5863942015074373
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b2d383a226f68976ffc416884c5fd06905ec6bfe85f0175031b11f79731ca40f

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 263
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
298 B 55ms
55ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=717d99ef-4a59-41a8-b564-0453cea47d6f&l_pb_bid_id=13046a1b741d508f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.670525888455388
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8a91ee0324f5b4cce11d8e9914311d2f2705ee464309265234fece392e6df5e7

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 263
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
298 B 60ms
59ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=d003c7c5-7cef-4c13-9e70-954d8a2ad3a4&l_pb_bid_id=131f7d72a4769c01&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.862615809510364
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 22b074cdcfd5da73f9a8a3167965afae52b45d502fd0b89780560b079152de4d

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 263
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
294 B 71ms
70ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=2&alt_size_ids=55&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=aa79b0aa-2673-4337-b257-b18af3c94b1d&l_pb_bid_id=132e892e4b3c8426&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.19863477613119618
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 532d1c95aba2f9c2c5f1f611b2451bab0e0cf9a3ae5fadc0ed81a94990f119e0

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 260
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 204
No Content hb Show response
cpm.denakop.com/ 0
271 B 64ms
14ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.denakop.com/hb?zone=166090&v=1.6
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:42 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 353ms
353ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=227302566722832&correlator=4298229378964174&eid=31074824&output=ldjh&gdfp_req=1&vrg=202306140101&ptt=17&impl=fifs&iu_parts=1840275%2CFloorAD&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&ifi=17&adks=1245251639&sfv=1-0-40&prev_scp=dk_refresh%3Dtrue%26index%3D1%26hostname%3Dwww%2Ccorreiodopovo%2Ccom%2Cbr%2Cwww.correiodopovo.com.br%26pathname%3D%252F%26placement_name%3Dhorizontal%26secom%3D1%26tier%3D1%26editoria%3Dhome%26tags%3D%26requested%3Dtrue&eri=1&sc=1&cookie=ID%3D24374c29096ff7d2%3AT%3D1687367020%3ART%3D1687367020%3AS%3DALNI_MZatcUSJN77lwWveC52MzCRo6eHAA&gpic=UID%3D00000c326f282931%3AT%3D1687367020%3ART%3D1687367020%3AS%3DALNI_MZDvftnhDeWWJVkCY6Fap_3iNVKIw&abxe=1&dt=1687367022240&lmt=1687367022&dlt=1687367019376&idt=1063&adxs=315&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=14&ucis=g&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=ABHeCvht1CMsxg9Xs4rejo81e91HTt8wx7sUR5sIlb3ubcd4KxUmtatzRWYW-pc9SwAWRz24Fg4FDeb4_uNi%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=246229871.1687367020&ga_sid=1687367020&ga_hid=792804722&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ab1f394407ac6deb063dd103504124c15be65a02db67375a514f614be2111ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11288
x-xss-protection: 0
google-lineitem-id: 5908474715
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138379755314
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/ 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/?random=1687367022275&cv=11&fst=1687367022275&bg=ffffff&guid=ON&async=1&gtm=45be36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Correio%20do%20Povo&auid=1286260787.1687367022&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-814785950

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccb44d93ca50cb084fca43467ae1de08e52ab6ea22694c49c266cec825a1fdb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1320
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 864C 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4817185762602&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 864C 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4817185762602&version=m202301230201&ct=76&x=1&cor=16947687642965395000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 864C 87 KB
36 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAoS3m2wNV9LkSdZoMSdgOqb5hM0VK9t8Rc94FWT9tsNGt9e61-mbzpxdYTWurS7iZ_iGsjz_HB_cFkcuaLQPFAifK6w&cry=1&dbm_d=AKAmf-AwIZvpv0ryhI4DV3I8oervX_yTqSsjeXVw2EXjAcy3MqXjDu9M22Msx7aQ3O6k_zTlokIEfbFnJlK-ce_Wa-v9QvYprHOGQndQ-Hn6iS2QMmM7NaKGQwecAxSdfBS9xZPuxe-UlpJf5ui419vgFVj6H39NgpDZKLow17RAeefhXwyC8boEInp4wbjfcrMva6Yt4IGFLTjC33_VK2hFkF56KUndw5MxyRK9gutXw8cLKBcuZ1D7N5jFuMWR7U_Sx2p7xK05V-9SnRPlkiQzJ9SLjHWc995oCEQNF3PF_9b7YOtMEPetwOvRTnGRzOmjxR5PhOjP9JuEnABbe2S2qeBelgKqK2E1v0GL_u8iNdnORAf9YYHbqO7BbGyc7AEYjmTzH70SwScqNIxzrsuQclm-A8rbKMNIDLsnDMX3q_yyQfzh5gbD64cXJojL9FshRzf1Swpa9flo99BV2ZSGGNZfH0Qe2jNTJvvDVJHYdNcQh9ubnT_aMCWvfpHoKkmcGILb0mnx4eFNOPb8qdmARgF3NadetD9HKvXYn3IChGLenSE-tQknXBvzoCPEVtX2R1t9u7OnSFcYXmI1UxXqSJUMBxRLzIPfluz77MHyKdJSj1opMhtuhlwURld6kgfVrc8xnGgieCp6e-8mt3NDzyRHAnu4shnRpioS-DM-f5N61SY5PxZgzMEprw13yrETGQiF50e24mcw658XD1z8PqDQcb2hB4hTEvO6u-QsP6gLSEK2ZjVaZJ9YWniXRcA65bZvkY9NLftzLx3_ptEr2nLNGlVTuSAZri-kcKPC7yJGOgeGYkR_ozFvTA-2U8qlHqPEIZjH8G3NUWKF-lhkk7hQVB5Yq2SKkqIrn4C8LMBd6mNpjtXyll4RJBL9oix6neG-wO1uL4zmFfhXu_wj12uC_vG8yLW5IQ4KNd2d3Ss5RkcJnQuWnD4GsnA3O6uYGc7_RupDYUe4HY2M8r0GcINI6HmiMleeYQgoYGHMYDHLPqz4CqKQQ5qH4b_yBQbyyQirfOzrp1WCLB6jbQ3bcG84vLz1XcSpXmDEusBrMRpqPWROJ0L532BxSK6wQRM8BQYRe7UgBa16dUzFZTDYwg38UQMkfSzfc8WfzbsvMFGo-8oeJyYKluuWSShYHBoJKTu4rBLaW4V1-WWWfVcZbJic9GnwdD4GYVwRwRQ8XBYEIeGMSnh5t0iOVLn3e2NDz615VyszKIckDcjddnHipw1ReW3auaB-dYw6rfBKtSeSL2aOKkqaupNa0DJIpi5xLKjibC5Gs9I3GdPcE5cQRtA-h50IQCe6CCihj1WCzdR76NtNtBLxrV2svAKGq8uf1vPyGZR0hJ8dQLKjLpWW7rHkotVkOy_XuHNIuUGVuJWU0J85BF62MCYbMpoiOad2_oZYmpOh_lCdIINYcCm1uOaIH_RCXZjn8sRic9l6mi8wNunxA2M_jtGFQOBvou8BNZkftM2IO_n3iHFIljqByy5r3eRv8RWRqg3ISZfRjf9voR6eM2uBPYer5xVPF7IO-3WD_jEd7pODmGbuqOYhqoWLvibPnxJxb73045OEA326hB9BjvDH493twvIfgjBsuMxBCv1cxzI7MO-_F694MWzJiO68Fcz_IzT8NqeUuWdWbPfAQ1VuFHT2nbingUbsrsnqOP6SSlA-Ow3XpK2PDw_W2R3pvX9MXScJqYM1jR1KB7AE3aWlkVMLoIWRRX6VbFqZKuempN-nU3rWWM29igDBbE5em99u9tXv7b1zBw-QvMM7V8SOCUH9GkjQ9vC1R5-rYUTm9FB2uTgGbbX5DOuqsvfqHl8eA0zSeL8ze1NDkP8oPC7HCUnx1hrpPGJAxbCU2QojZECdeAZc8-ycL_7xt8SbaxAbz5tCIn5OgBgfqft9d3GSd02Q94BayGtBft_w3daINE_MJelZHhv2HMNMYPxJKhg4XghgRQ2XiY2uI13XfT-8nWOLv84Vg3Z3-1yP6BQ2xN1sb3wLH7H49Ft0CeOM6v-JQO66cC_bBfJ1qch-hLAm9YcXzsmcIoju0zD5mAqQIyB3mBPdCf2f97jKDOLzQQg6le4E2cBoktpziOA86kugvKBCHeiQdRagrHTM2C8523O122v_YnGJKw2sBJqizubJQgQoZGilHtaloZpNMXwKL2Shf3G9okAsvq4-4oXPr7uxXKXxCuoWH8REU9NqEMln3-_Nm6IhG09mSzik9j8_jUmztZdIFXXmKUEMgXcBcgTaG52gMCfmoA_PTZBpGhv5quaGKrMSI3nQL-WftDE2-TwGni4UheAE3ffUtmtvpzqSSpnnviT-6d9eJT1THxHEiPVQDJjsRiQRShwKBz3WYCLyd-vXFwjpadD61-Vb8hgVay0nbjulV9euQXdZ7cOfO4EvI7hAaNR7f2jOGz-TCVOzMuyX1xo3oHhPpJMFVahp5iF3Xe4JrRL3hpmDV5o-2Cj26GwRWE9MLUSC5FcwpXzSeDmcUOv2vp6fMT9B6ehsrvy5V7k7clsSHvZS9-UdeQjbNVoVyz2UlRWiNRIxlsYnkDaEyKalB3shevjPi05gi5Li0cuy-dtmfOTpG5K7FQirhUoH6FmaqI6LySnCp3yKqeNiYbsnG791iaIyyy2njNjPk9sWEa13Qf41Z-M-MNYJ6kekYKjQQDH44pwBnyoErrnoalpa86lWx8mkWMw8utYH__pyE7cG-C3g22kyJY1_bzWrUAt2e45j9om5BMvzocNufWdHQalKmYdfY9FNsKenvUYHuamBdEbeICVI9yZV6BX7NOQYNwqwEZgcrRk9TPUf9BbDOaCZiedjcJeLqMMwJEi7iPgUv39hw9N46IOmGdzjlrDsAVZDhySej2gYWh73OcplYxlyKM19TkV2udPoiGUP2STafsRufxkbbTfy6-R5iDTgWfkEZLd_wTvUxKfQ8f96oQqmaiWTjbwsOiWD5ZMrQSi56XfX5348xcbN8vhw5lMdI-qMnQntFvV6VsS0f4NACIfWrLzqxkQ80_F0ddy910cXo8FQWHCbrHl1j_EPMM0iR2bmbt10Gfg5bHjVdiMYao5uP0qG9grtW1ejIkoj19s8GWO82Ghm1or2AYjlCY60sbgJwAYuIzNnNRLdqnNb4ZjPfcnC50ug9lxc-hTZSdjqOOkPBZHX222_pV-2XtLaC5njWPPlNsGFtkgRtWs5Wt2rbcKkV5QPTmy1xu4Qa00m5OsJXzsr9ePDgwEz8qeMrPg0S_gNoEKX4y16EJoaA_tSxwGx59HMGDQubeFG5D0RAsup8EpO0znrzB5OygLRCEqRMs7mdCQ2f_d9HVwikOnDlSX-9Fm1F9Wfn7M3r5ViEwh5oa0mpdRdeQEXDlGeGnzPwsDjwUa8JCpjklTioLkn_hBQcm9hPfnyiXNxbwNAkZVbLiPthzUd3EepgDDaRYN13bogT3CDiJHEUN4HNmW3UV0jc6BCsJ4OcBzDZ82xaDB0KHTb-1qa2jzRMOu2s4Krmithniu54iG4LGRY_NOAQ7Okxx-YCRCgeftdjGnieoHs_gBGItAOXtwbLyBnSajoVx_4xOakQTh9olLeCmI_-mFH&cid=CAQSSwBygQiDUUsI_XlylbNWRyB-nvWzRDD_HiGvIH2wXVANcQSw-x9a8twin3CckjFRzt9pTntbRAvr6GMfU3rFlML81GIaDXH-n9546xgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ds=l&xdt=1&iif=1&cor=16947687642965395000&adk=1033480531&idt=116&cac=0&dtd=21

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45365159db0dc224fee9b2ffc3998259d3bc756805da8b2a14962b6da9702a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36990
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
19ms Preflight
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 21 Jun 2023 17:03:42 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 05B0 68 KB
31 KB 24ms
22ms XHR
application/json+protobuf 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f2b3d7c74c827a66f1f2458bcebc7425ae86fede8f16819ce037e4f83f3f3ac3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31755
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/6ed0d907/player_ias.vflset/de_DE/ Frame 05B0 116 KB
33 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adfa96addd2f15c727367329b69ee97707f45f85a53ff7eef4df5deef88bbeb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/q-mqyVPJxlA?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 02:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 569139
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33649
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 01:47:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 14 Jun 2024 02:58:03 GMT

GET
H2 200 BqbBBigLGMI_8n0ENPHl-A4LePB1t5RlUxvFXJxc2c4.js Show response
www.google.com/js/th/ Frame 05B0 38 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/BqbBBigLGMI_8n0ENPHl-A4LePB1t5RlUxvFXJxc2c4.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06a6c106280b18c23ff27d0434f1e5f80e0b78f075b79465531bc55c9c5cd9ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:15:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 344868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14866
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 17:15:54 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/q-mqyVPJxlA/ Frame 05B0 39 KB
39 KB 37ms
9ms Image
image/webp 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/q-mqyVPJxlA/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/q-mqyVPJxlA?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

074c03b0f1ab13908eed1baa9536573da30af6312ed93fe750de24997941bcff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:37:50 GMT
x-content-type-options: nosniff
age: 1552
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39932
x-xss-protection: 0
server: sffe
etag: "1686949728"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 21 Jun 2023 18:37:50 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/6ed0d907/player_ias.vflset/de_DE/ Frame 05B0 28 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36aab54aba6ebd5a1d06f251cb08e6a22c08580c7b4e6df22036f21dbe9fd73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/q-mqyVPJxlA?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77807
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8175
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 01:47:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 19 Jun 2024 19:26:55 GMT

GET
H3 200 container.html Show response
0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2EA9 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:40 GMT
expires: Thu, 20 Jun 2024 17:03:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6B9E 6 KB
3 KB 9ms
8ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:40 GMT
expires: Thu, 20 Jun 2024 17:03:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C4B6 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:40 GMT
expires: Thu, 20 Jun 2024 17:03:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 05B0 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AGIKgqOCfy_yQJbmI628WNOxxKbwnlen3u2pZSkwaqQaRg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 05B0 2 KB
3 KB 36ms
6ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AGIKgqOCfy_yQJbmI628WNOxxKbwnlen3u2pZSkwaqQaRg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/q-mqyVPJxlA?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b5b1f8c0ce1ab29cca4050e19cdb04030d00671931d88126bc8f9c4ebb492aa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:59:36 GMT
x-content-type-options: nosniff
age: 246
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2270
x-xss-protection: 0
server: fife
etag: "v9f7"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 22 Jun 2023 16:59:36 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C35C 398 B
222 B 54ms
53ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNXA_D9gQAyc6pI8JEufH-B2aGZehIAUhptSi5q_uFpORkXCZERL_ja4tvqtbL_iKBwrq8qKff7704Q6qXnNozMnkQQl6KtB3FfWFr5p1yRynMj8ibIBvds2fG8QF9rRICwopIYE2qlvfhaniD2W8EqUcvbl2l_meNuEfxFBltB8QW1freU

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 202
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8F72 78 KB
27 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F72 42 B
63 B 51ms
50ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dmp6OQSCpbx6FHMI9CK6pNXskrBNo4sFwNav4s9T2U2XFu6hk98EtmcIej8kJWHqbJlbp453TL5xZsa2nWO55CM9nvy9uhWokgO3oSmg31wZ4DnLk

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F72 0
20 B 51ms
50ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11001661722504871308&x=1&ct=77

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame 8F72 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:33:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 12:33:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame 8F72 19 KB
8 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30dd4d046ee0a560951014c2c3f71fb0b620af27279bd7c5ff8b4ac877214291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:15:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2892
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8121
x-xss-protection: 0
server: cafe
etag: 8940155340736220798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:15:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8F72 178 KB
56 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:42 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D713 0
16 B 52ms
51ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNW5X7pexvBIUFOw7xg8NMbUeyhnaKhXEk77k0_bFJgL02-JQt6I6yHeACtZZr-IvAOO0TdlHrA1FIWlK6f_OeANWvpE0YQSx-CxhmgygT-r-Fo83c3OgGFLXPKf4CUr7FhxrnHsu1LkEoCWuoroV3wyym2cKxMSUm1HcMSJYS_uwmDimK0

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1ABD 78 KB
27 KB 158ms
158ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1ABD 42 B
63 B 50ms
49ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DS5mxdaIMYPsewNnj3Nj4VKWGcHa2XkJkZZl-ixnFN8XQYwc11XYnvr9SRJO6D1ryl2wr9_2KXYM0-NoWSYavlSlmIgIVCeMNhycgmX7Q5eNJqfrQ

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1ABD 0
20 B 50ms
49ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1980630504628841136&x=1&ct=77

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame 1ABD 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:33:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 12:33:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame 1ABD 19 KB
8 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30dd4d046ee0a560951014c2c3f71fb0b620af27279bd7c5ff8b4ac877214291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:15:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2892
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8121
x-xss-protection: 0
server: cafe
etag: 8940155340736220798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:15:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1ABD 178 KB
56 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:42 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 005A 0
16 B 50ms
49ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNW2LA-vYDIcBwdjZbYvu04aNdf5wQfP-VZF8RAQYbFHf-c-DmCbXS3lFBEw9hIhZKVw9eQ5DcJqPdbLi3SH6DKX16TQLYWnGadRlCHfiiix98-N0d2iOlp0YRj1suzvzsMA0Xsle0-O_BRQG8sO0ioC3R-3SQx4-9r2WXuaYCATRO4Xe6Q

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C65C 78 KB
27 KB 151ms
149ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C65C 42 B
63 B 48ms
46ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BH2g51W-pmbZkBS1UI5eTyUKpqDU67nwEukxNtY-kIlLTwFtvW2mJE6t-X0DfZuj6jlLrkK3PxiKwc5RVS2RaRDcnBk5nGS3D-VztqomenDBp2ITU

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C65C 0
20 B 48ms
47ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6119218896691052697&x=1&ct=77

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame C65C 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:33:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 12:33:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame C65C 19 KB
8 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30dd4d046ee0a560951014c2c3f71fb0b620af27279bd7c5ff8b4ac877214291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:15:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2892
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8121
x-xss-protection: 0
server: cafe
etag: 8940155340736220798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:15:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C65C 0
0 16ms
15ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ4FYUk_RGCbzKawJAtz-RCCD3I7pKmaB1IWdhdhVl1zHUPZm80zPm2t6XQXiS143xx-j6nrEU2G1dIeSgjg8AILdgFaw
Requested by: Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C65C 178 KB
56 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:42 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CF05 0
16 B 53ms
48ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNXY3foyET_O2uvG3clqs76Th8O34pN7AIOFEpQEgE1oRpg_C17YkusuzRJnKeXydZYpR9B8AFGf-fOmn3UeBOgu_vUPNX-BiAmilVT1nYAfotqNMmce6O7Fy_eouUDAx9p8B5WMS5DyC1rLC4v3d6NXNwo3GMR42yujtuTVnA3f5a662hk

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5AEE 78 KB
27 KB 150ms
144ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5AEE 42 B
63 B 48ms
43ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CqZebih137QWLoOzAZNKjo-plF9UdQ1wWVm2-MAmddCRsyBk2CDGEQip0LeEQavpvinvPD-jA5UrveRNVhmfcuAEcUgotd4wfFNhAAVsEfS6VjQPY

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5AEE 0
20 B 48ms
43ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9179555485740904773&x=1&ct=77

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame 5AEE 3 KB
1 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:33:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 12:33:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame 5AEE 19 KB
8 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30dd4d046ee0a560951014c2c3f71fb0b620af27279bd7c5ff8b4ac877214291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:15:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2892
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8121
x-xss-protection: 0
server: cafe
etag: 8940155340736220798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:15:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5AEE 0
0 19ms
14ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQJdEhE04RFv57Fv7rDeL48EYnGz56CdxqmL60HSu_Q_W7fGUxGVRENrsYKsDIEoFyfSKo7kxrTBK0llkEFIYJu8DGN_g
Requested by: Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5AEE 178 KB
56 KB 30ms
26ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:42 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame 5400 0
170 B 96ms
96ms XHR
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Wed, 21 Jun 2023 17:03:42 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 95ms
95ms Preflight
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.correiodopovo.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Jun 2023 17:03:42 GMT
server: nginx

GET
H2 200 cda-partners-bar.css
assets.r7.com/cda-partners-bar/cda-partners-bar/ 8 KB
3 KB 411ms
379ms Stylesheet
text/css 95.101.148.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.r7.com/cda-partners-bar/cda-partners-bar/cda-partners-bar.css
Requested by: Host: assets.r7.com
URL: https://assets.r7.com/cda-partners-bar/cda-partners-bar/p-110f01f1.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.101.148.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 771aeb453e02f8f734dbaff7ed27a1df8637dc029571a3099bc1dd2da1edae69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: gzip
last-modified: Tue, 13 Jun 2023 14:23:45 GMT
server: AkamaiNetStorage
etag: "04aa08725a243b407113c051b2966ea8:1686666225.187677"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2522

GET
H3 200 t3m.js Show response
tags.t.tailtarget.com/ 73 KB
21 KB 25ms
24ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 952601ea2d50d1ed25402dd09ed8363a5c5ec2db978611902b938355cca3c30d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 15:13:50 GMT
content-encoding: gzip
via: 1.1 google
age: 6592
x-guploader-uploadid: ADPycdtXZOVPdaGIAKZSDhQezBFoACEVq8GTJU4fwzNnXsNk_jAagW9zNqueVEz-qxY0KSkMdA34Z_DGYU9OG8DHD85U4A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21236
last-modified: Tue, 11 Apr 2023 17:26:14 GMT
server: nginx/1.8.1
etag: "8d242bfc70276e9b827cbc9217e0fe74"
vary: Accept-Encoding
x-goog-generation: 1681233974827693
x-goog-hash: md5=jSQr/HAnbpuCfLySF+D+dA==
content-type: application/javascript
cache-control: max-age=7200,public
x-goog-stored-content-length: 21236
accept-ranges: bytes
expires: Wed, 21 Jun 2023 17:13:50 GMT

GET
H2 200 profiles.js Show response
barra.r7.com/tailtarget/ 13 KB
5 KB 41ms
10ms Script
application/x-javascript 95.101.148.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://barra.r7.com/tailtarget/profiles.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.101.148.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c3325fba4bc0b8a61018adb2d0bb0fa89a1ab92e7fb8459bc16d39209b82ad7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: gzip
last-modified: Tue, 28 Mar 2023 18:07:56 GMT
server: AkamaiNetStorage
etag: "8004950a941b96d9c812191aaaa6ce00:1680026876.254966"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=519512
accept-ranges: bytes
content-length: 5253

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8922 22 KB
8 KB 13ms
12ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 97835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 13:53:07 GMT
expires: Wed, 19 Jun 2024 13:53:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal900014.redintelligence.net/ Frame CEAF
Redirect Chain

https://hal900014.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=57201e1c70&subid=&uid=c0400d1677787a1f&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900014.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=57201e1c70&subid=&uid=c0400d1677787a1f&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

98ms
75ms

Script
application/x-javascript

176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=57201e1c70&subid=&uid=c0400d1677787a1f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCK8y1bC2TZO2FIZ6A7_UPm_-XoAOm5b2gab2YnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAooDYljaUbI-qAMBqgSYAk_QzL-5ZGdNcf2q2Mu-2CftQcbUfkQx-rUKksqqBXOyT3CXS51JONI2lnVa4Fmch2FHmeqkG0cBUU9nwWZqvd7Vu0hYc0fq_VSsFhB1fJmoJrT5_OdvoSOz1SFlq4rhebKC9oDZaGaCbq4K1SDhTXNI-4MqH2pFZZcVAORLfqkfm7yeyO1VRjgD7Ku04VLsgKQkVMgTlZ9u1GgMZxvJ1YXo0rdELCFK6hAdofA2olmLWzzSD6GjTE4pKJbilNrQN3NZp1MEIHLM0qW0Yw7IGxNy_QpHDwysH2GYDOhrwQ2JhrPXUy9-lPV4vYfwBFuzz9gv4vrFMXa8KNht64o9nBCaTOF94sCyhQcfmlpy8f0YeGvGtXwadurABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBygQiDLI7b8IcdlIPO7svN-c56WJEoL1dkldzlvZziKR7SRTY_f3yS3Li6-4MbO4tclIp3AG-p1oBNL1flogAug6iUBDuMcKMdnhgB%26sig%3DAOD64_2-dtJl7C8-ig7-HcOrXvyqApkCcw%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-A75K4vXUex7iamCqPzMJX1FMUrREW3ytTVGQH1RwEwfiCuTur6Blx2YUc1WutbyuzxoVbKwlbeAwEYFiPgJbextDhyAH2O75VeVHx5hnRJ97M2qGfdNghQ0EvazFYzcACdKqrUmgDO0mtPEHA8KsDSQDVxZYjAzV1UfA9t9AiBGFyDlL0%26cry%3D1%26dbm_d%3DAKAmf-ATbi0ZUkkr1GArhfdN2DCJIF6yiam9k3-JtbLCITbtcUOuC4jO3RlzbRCMEzXT1K5SQhCI2BlJGRY_bW-RlR85vl46MqLwZRjZTbflhzy9hmuHfNVuNnu6IFNqHkdq1MeqTOfp_v2aUs634uI5UKO14fF_hy-Q8oSSzD4Jrc8bbTGaVGKO1uY9jpEs5XoOGZyojgve_muBpvoPJbGIrTmAhuygohfZzJMHEAO-ZHD2jl8-JPd13JOumpvUfAGF0nRpFMsuC3zNqXuxZVwGBd7xQwZAUXqzjJH4A3WDr09PqJZeXtVe-XFvYEETbsUtejFRWXyaZjM0zeL3DN88JKcd0P_S4fEwZzBExPL-Gfh7-pG4hq6o_81H7QKFoksqGbJOZ9-JSoDhmM3CCebNjrYlfPKLhJ3TbBh847d-M3-pWZyNgKAAgSbzb14rb5ibA414_nsN7k3DO5poSYMBkAjKMT0Dnum1jDEGqLAribyAtvLbZtyirNar4mbmntAXPB-IS0avyuxQjMX-9Pl6n0O7Z-1XBwSKgcmj9_6Rrt3g0bFnI3mC5m5ZB9YeZIVISiK4_Ovy%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=3425197261540&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: 4e1506365f4aa837ff002b6c81b69b43eafa163624d62c52fb5cc95f1c30c6e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:42 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 14047100088712104444978012362014
Connection: close
Content-Length: 1336
Expires: Wed, 21 Jun 2023 18:03:42 +0200

Redirect headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:42 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=57201e1c70&subid=&uid=c0400d1677787a1f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCK8y1bC2TZO2FIZ6A7_UPm_-XoAOm5b2gab2YnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAooDYljaUbI-qAMBqgSYAk_QzL-5ZGdNcf2q2Mu-2CftQcbUfkQx-rUKksqqBXOyT3CXS51JONI2lnVa4Fmch2FHmeqkG0cBUU9nwWZqvd7Vu0hYc0fq_VSsFhB1fJmoJrT5_OdvoSOz1SFlq4rhebKC9oDZaGaCbq4K1SDhTXNI-4MqH2pFZZcVAORLfqkfm7yeyO1VRjgD7Ku04VLsgKQkVMgTlZ9u1GgMZxvJ1YXo0rdELCFK6hAdofA2olmLWzzSD6GjTE4pKJbilNrQN3NZp1MEIHLM0qW0Yw7IGxNy_QpHDwysH2GYDOhrwQ2JhrPXUy9-lPV4vYfwBFuzz9gv4vrFMXa8KNht64o9nBCaTOF94sCyhQcfmlpy8f0YeGvGtXwadurABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBygQiDLI7b8IcdlIPO7svN-c56WJEoL1dkldzlvZziKR7SRTY_f3yS3Li6-4MbO4tclIp3AG-p1oBNL1flogAug6iUBDuMcKMdnhgB%26sig%3DAOD64_2-dtJl7C8-ig7-HcOrXvyqApkCcw%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-A75K4vXUex7iamCqPzMJX1FMUrREW3ytTVGQH1RwEwfiCuTur6Blx2YUc1WutbyuzxoVbKwlbeAwEYFiPgJbextDhyAH2O75VeVHx5hnRJ97M2qGfdNghQ0EvazFYzcACdKqrUmgDO0mtPEHA8KsDSQDVxZYjAzV1UfA9t9AiBGFyDlL0%26cry%3D1%26dbm_d%3DAKAmf-ATbi0ZUkkr1GArhfdN2DCJIF6yiam9k3-JtbLCITbtcUOuC4jO3RlzbRCMEzXT1K5SQhCI2BlJGRY_bW-RlR85vl46MqLwZRjZTbflhzy9hmuHfNVuNnu6IFNqHkdq1MeqTOfp_v2aUs634uI5UKO14fF_hy-Q8oSSzD4Jrc8bbTGaVGKO1uY9jpEs5XoOGZyojgve_muBpvoPJbGIrTmAhuygohfZzJMHEAO-ZHD2jl8-JPd13JOumpvUfAGF0nRpFMsuC3zNqXuxZVwGBd7xQwZAUXqzjJH4A3WDr09PqJZeXtVe-XFvYEETbsUtejFRWXyaZjM0zeL3DN88JKcd0P_S4fEwZzBExPL-Gfh7-pG4hq6o_81H7QKFoksqGbJOZ9-JSoDhmM3CCebNjrYlfPKLhJ3TbBh847d-M3-pWZyNgKAAgSbzb14rb5ibA414_nsN7k3DO5poSYMBkAjKMT0Dnum1jDEGqLAribyAtvLbZtyirNar4mbmntAXPB-IS0avyuxQjMX-9Pl6n0O7Z-1XBwSKgcmj9_6Rrt3g0bFnI3mC5m5ZB9YeZIVISiK4_Ovy%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=3425197261540&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Wed, 21 Jun 2023 18:03:42 +0200

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 5717 439 B
387 B 19ms
18ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8vj0CLAa0TgBLA97b2RNonQCWBry3sy8AAABgYGDnAMk4Jg7HaDlbKwcjh1s0XM3Wwt3G4la5Zi7bYrdwjIzDISAZx8ThGC1na-Vg5HCLhqvZWrjbWNwq18xlW-wWjpFxOAUOU3aaXJaDWiBrmlx-NwhB0-nwue71ut_vrvFbLi-n3-Q3_G1_u8bvtkssfzkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIoDw7nu1pfd6HB9XnZ_AAAAAAABAAAAQAKAIH69BMBIZ9eJ__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIgm5tTKw5Rw6Rgt0ijAAAAACU6OjgH5mkE1Qsqvz___dbAbgCABCA6J0OZ59Fd1DiLQwAAADAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCRGZmaYJYAADU_AICAKz5BQQAYDNuAADeCMAJOgStGAxWByEWu9lgsVnMDgAAAMCd____fz0g41ytJrbBxrJyDGcm53Kw8qx2y5HJY5stNrvNYHtM_8uqs0WdRfs4TNlpclkOaoGsaXL57WfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVogCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5fJuRceRwCxeW2Vq0mwzWyuVo5tYNV5PZbOPwuIaDtej1MV2MG4tl5fEiwQCRvUieFulENXE4XIPRyLTcmDyzlWthGSxmw4lt45wYFxPHbiKWaE4W6UR22Xecq9XENthYVo7hzORcDlae1W45Mnlss8VmtxnsWw7fZmQcOdzChWW2Fu0mg7VyOZq5dcPVZDbbODyu4WAten1MF-PGYll5_I3ZcLeZ7QaTwb4xG-42s91gMth3mEzP1OdsVF92Io9MNxpuLjub06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7n8iu-LbbV9e9ZOYgNBkUsEVykE43fcnk5_Sa_4W_7W8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf8Rw-zmquFcNZxLRsNVAgAAAAAAAACwBNNMNwEAAABwMpjJaLBbrdOBbDajwWi1XAAR8c26fqjFt1h_tFN2wWZjQOtx6WYVa-yxhvFbLi-n3-Q3_G1_KwOQ4KtnttlnBLFWq2UNAABAABsAAEAAN914ExBmxf3___-PAwAAICOHHgAAwM4-oKuZmZmZmZl_ACrEWq1WtxtrtVo!&cmcv=&pix=undefined&cb=1687367022530&uv=3288&tms=1687367022530&abt=206725b_vA!nonrv_vA!srcol_vA!srcol_vA&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=c1ba1496-90da-4856-87cb-e5fe617a1d88&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.4/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7973970cd66842aded3eea6392f3aad4178f1c2981d7bb482f3a92b4ebed8f4e

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Wed, 21 Jun 2023 17:03:42 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230110-FRA
x-timer: S1687367023.538549,VS0,VE10

GET
H2 200 sync Show response
am-match.taboola.com/ Frame ED14 422 B
507 B 67ms
19ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8vj0CLAa0TgBLA97b2RNonQCWBry3sy8AAABgYGDnAMk4Jg7HaDlbKwcjh1s0XM3Wwt3G4la5Zi7bYrdwjIzDISAZx8ThGC1na-Vg5HCLhqvZWrjbWNwq18xlW-wWjpFxOAUOU3aaXJaDWiBrmlx-NwhB0-nwue71ut_vrvFbLi-n3-Q3_G1_u8bvtkssfzkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIoDw7nu1pfd6HB9XnZ_AAAAAAABAAAAQAKAIH69BMBIZ9eJ__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIgm5tTKw5Rw6Rgt0ijAAAAACU6OjgH5mkE1Qsqvz___dbAbgCABCA6J0OZ59Fd1DiLQwAAADAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCRGZmaYJYAADU_AICAKz5BQQAYDNuAADeCMAJOgStGAxWByEWu9lgsVnMDgAAAMCd____fz0g41ytJrbBxrJyDGcm53Kw8qx2y5HJY5stNrvNYHtM_8uqs0WdRfs4TNlpclkOaoGsaXL57WfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVogCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5fJuRceRwCxeW2Vq0mwzWyuVo5tYNV5PZbOPwuIaDtej1MV2MG4tl5fEiwQCRvUieFulENXE4XIPRyLTcmDyzlWthGSxmw4lt45wYFxPHbiKWaE4W6UR22Xecq9XENthYVo7hzORcDlae1W45Mnlss8VmtxnsWw7fZmQcOdzChWW2Fu0mg7VyOZq5dcPVZDbbODyu4WAten1MF-PGYll5_I3ZcLeZ7QaTwb4xG-42s91gMth3mEzP1OdsVF92Io9MNxpuLjub06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7n8iu-LbbV9e9ZOYgNBkUsEVykE43fcnk5_Sa_4W_7W8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf8Rw-zmquFcNZxLRsNVAgAAAAAAAACwBNNMNwEAAABwMpjJaLBbrdOBbDajwWi1XAAR8c26fqjFt1h_tFN2wWZjQOtx6WYVa-yxhvFbLi-n3-Q3_G1_KwOQ4KtnttlnBLFWq2UNAABAABsAAEAAN914ExBmxf3___-PAwAAICOHHgAAwM4-oKuZmZmZmZl_ACrEWq1WtxtrtVo!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.4/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: c758017cdcbef7a1b8c3f280d560d6844b079effc62e2b7eaaea43dc18dd8093

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Wed, 21 Jun 2023 17:03:42 GMT
machineid: 3406
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
815 B 218ms
217ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1687367022541&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1528&pt=1393640203&tz=0&viewable=true&ddast=V8vj0CLAa0TgBLA97b2RNonQCWBry3sy8AAABgYGDnAMk4Jg7HaDlbKwcjh1s0XM3Wwt3G4la5Zi7bYrdwjIzDISAZx8ThGC1na-Vg5HCLhqvZWrjbWNwq18xlW-wWjpFxOAUOU3aaXJaDWiBrmlx-NwhB0-nwue71ut_vrvFbLi-n3-Q3_G1_u8bvtkssfzkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIoDw7nu1pfd6HB9XnZ_AAAAAAABAAAAQAKAIH69BMBIZ9eJ__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIgm5tTKw5Rw6Rgt0ijAAAAACU6OjgH5mkE1Qsqvz___dbAbgCABCA6J0OZ59Fd1DiLQwAAADAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCRGZmaYJYAADU_AICAKz5BQQAYDNuAADeCMAJOgStGAxWByEWu9lgsVnMDgAAAMCd____fz0g41ytJrbBxrJyDGcm53Kw8qx2y5HJY5stNrvNYHtM_8uqs0WdRfs4TNlpclkOaoGsaXL57WfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVogCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5fJuRceRwCxeW2Vq0mwzWyuVo5tYNV5PZbOPwuIaDtej1MV2MG4tl5fEiwQCRvUieFulENXE4XIPRyLTcmDyzlWthGSxmw4lt45wYFxPHbiKWaE4W6UR22Xecq9XENthYVo7hzORcDlae1W45Mnlss8VmtxnsWw7fZmQcOdzChWW2Fu0mg7VyOZq5dcPVZDbbODyu4WAten1MF-PGYll5_I3ZcLeZ7QaTwb4xG-42s91gMth3mEzP1OdsVF92Io9MNxpuLjub06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7n8iu-LbbV9e9ZOYgNBkUsEVykE43fcnk5_Sa_4W_7W8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf8Rw-zmquFcNZxLRsNVAgAAAAAAAACwBNNMNwEAAABwMpjJaLBbrdOBbDajwWi1XAAR8c26fqjFt1h_tFN2wWZjQOtx6WYVa-yxhvFbLi-n3-Q3_G1_KwOQ4KtnttlnBLFWq2UNAABAABsAAEAAN914ExBmxf3___-PAwAAICOHHgAAwM4-oKuZmZmZmZl_ACrEWq1WtxtrtVo!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2334045&dpubid=324075&abtst=206725b_vA!nonrv_vA!srcol_vA!srcol_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.correiodopovo.com.br&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.4/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 51800285a1aa8a493c39a7d9bb3cedbda5a57df3d47cdd379a4fe120b011a8d6

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1479
x-cache: MISS
x-served-by: cache-fra-eddf8230110-FRA
pragma: no-cache
server: nginx
x-timer: S1687367023.546848,VS0,VE210
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 63ms
18ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8vj0CLAa0TgBLA97b2RNonQCWBry3sy8AAABgYGDnAMk4Jg7HaDlbKwcjh1s0XM3Wwt3G4la5Zi7bYrdwjIzDISAZx8ThGC1na-Vg5HCLhqvZWrjbWNwq18xlW-wWjpFxOAUOU3aaXJaDWiBrmlx-NwhB0-nwue71ut_vrvFbLi-n3-Q3_G1_u8bvtkssfzkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIoDw7nu1pfd6HB9XnZ_AAAAAAABAAAAQAKAIH69BMBIZ9eJ__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIgm5tTKw5Rw6Rgt0ijAAAAACU6OjgH5mkE1Qsqvz___dbAbgCABCA6J0OZ59Fd1DiLQwAAADAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCRGZmaYJYAADU_AICAKz5BQQAYDNuAADeCMAJOgStGAxWByEWu9lgsVnMDgAAAMCd____fz0g41ytJrbBxrJyDGcm53Kw8qx2y5HJY5stNrvNYHtM_8uqs0WdRfs4TNlpclkOaoGsaXL57WfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVogCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5fJuRceRwCxeW2Vq0mwzWyuVo5tYNV5PZbOPwuIaDtej1MV2MG4tl5fEiwQCRvUieFulENXE4XIPRyLTcmDyzlWthGSxmw4lt45wYFxPHbiKWaE4W6UR22Xecq9XENthYVo7hzORcDlae1W45Mnlss8VmtxnsWw7fZmQcOdzChWW2Fu0mg7VyOZq5dcPVZDbbODyu4WAten1MF-PGYll5_I3ZcLeZ7QaTwb4xG-42s91gMth3mEzP1OdsVF92Io9MNxpuLjub06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7n8iu-LbbV9e9ZOYgNBkUsEVykE43fcnk5_Sa_4W_7W8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf8Rw-zmquFcNZxLRsNVAgAAAAAAAACwBNNMNwEAAABwMpjJaLBbrdOBbDajwWi1XAAR8c26fqjFt1h_tFN2wWZjQOtx6WYVa-yxhvFbLi-n3-Q3_G1_KwOQ4KtnttlnBLFWq2UNAABAABsAAEAAN914ExBmxf3___-PAwAAICOHHgAAwM4-oKuZmZmZmZl_ACrEWq1WtxtrtVo!&cmcv=&pix=31589837&cb=1687367022529&uv=3288&tms=1687367022529&abt=206725b_vA!nonrv_vA!srcol_vA!srcol_vA&ft=0&unm=SLIDER_INSTREAM&debug=pn:!sqg:!torgn:1687367017385!ts:1687367022529&mntl=1
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
content-length: 0
server: nginx

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D449 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2970151933060&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D449 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2970151933060&version=m202301230201&ct=76&x=1&cor=2503743497171652000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D449 93 KB
37 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DthbYzTeve26u7OdmpQOYqkI-b5Gi6u80joXcZtDZVkypWO1WTrb-ylILR-N71p2mZJsRPk9R8cfwKryVvgbjP6et-jQ3xEb1B3GLGSDR6YZOslXwkz1Bo4PH0rPGOlq9Q1jJzRUcb5fjbaloDw8cqJQ1YtXQaABFkwHbBHUbVHDXu_KU&dbm_d=AKAmf-AhtzX-sggZbI5XUzd7SBREuTfm6Ni0ex9JQ9oPyySgLqfIVPyYtnmeahWL-_Zg4luzotmos74VYt8A0G7AFunuU0SfjDb7LvwmdZAO51Nw2-Z7urWPPbhXfZsxB7WWQ9Biij33XFm0Tt3ZhQubjwfHgPWndcFNHSbvQagGHnhqK-B2ValztMXH1ZMGmBR1msFNIlyuhiAc_PG60pvQzLzEoxL_auNvChGtDql7QzUbOpj2AzywVVAwBSYE0LeDkqfbyzZSen4I9E8X84u2fWnFZGwyy1Hz3KUcA8zgLGkuA0U07wDDGK2iFRunccvdS-QbPiX_p9YrAr-6EWgveMFnTzkcro0Hispq4t_6x_dvXWkAZ9QS0-ZIGhgUcAg6W9NE099h5KphVrmCF5UVmjzD_jjX5jwk6K9t0n7Xf3DZTTh1k2-64ZPIDfCqTU-NaTOLXDL4TPsNXNhpXw8e8GL4N08y847DCvzp5P9Ui-k5fD3zGgsAunDy5M2NK1px3jjS-KXZJpLv-14EUDpE_-b9SkNaJr5JYXb4yAbKm5UJHTLKhzqIkLC0AUyStIPsF-DoIIEJr8FDYmGVuP03Ax5wb7j8XhfZtVU-VZuz_3tZdWt5vnt3p9n1w9kikC3-ihUfAR6Z3RCPRRdTAnK68-cBRTOIxY7JKChCZOeZhinckUMtm2A4e7NQQM7ZxKVMYL-Zay63HKL2Pa8gN-uIVcKQ2fpskWKVcAc6-G1Qfap91gEHRYtE0lmdyz-JyATFxeWWYXNq1upgTKQyc0hEw8mzlkd4tFRDdN1lYtzf6inorXnXv4ZIMXdMClwxVomd4j24e0MQ-y6B7ocKGrxJWTGqzX10TPJVUqjJDXVPA_Dm_dXzNN_OaMoBTT2AWJJoPDqLIN_hqGXpWDXrdTAh7tiJngOUi3VTXpl2kciNd3FgyKesp2Le_Aq4i6kO34QKFRgeRaz19WLLcP10n1hCSJsY5SNmPAbbBlB9cX7_PiXoGqImJUPGPFSZHPZ6DkzJJZqI64eAEDRPsAENgG_oS1lalr9Dd0uPEIWu7dwpGcJ6cLCxONfpXtQ62LAFVHrPT8xhJpYTT0-li5Qn5pazrqYNjGQWZuvW3T9875FbLk2JG56bXLnSGW1w4-iZ63mwL4AACJyxr907ZSdW1muwKilDLPAQLOMsmpAmYt2bATXTIuUUBfwOvkLslSH3ZIar-PYZB36EL8Jobg01VLV-uJe1ThClEow2sZjwP9tzYZ8yUgs8ptsR3wkAKlAQ3TM19HMnpVIaOdINiaUKuBr9BHu4Y63Q8NDBknQ_nG1pgbUgutYhSAp3ClpuKTFpDmuYaRXZl8kGBH9YthvOsLBpFAzamvIZQPhaP-1TObedWiW6WwedmUtp5eO3zyo66dgSMFiXmbooaciePjfoc7i6qvkbG7K8OFUmnRshndIvL-bRfvVg4hh0g8khhYUIda5uoRSkj0Po_lowg6cL1B6LsY_GLh3zxo_N7GTgtgds0-c_11rsDZhoiVAF3iM6UYmwwKUyfGpUnhRqgvGXQ9US4wxc7f6Vgvx5gIoCVNLn7-qb8IK-zJhCdDL6jFrQigXztfZfxqBoYjA5-RHdwbp8IoTdubeQKz0-x026q2UdNi-23yOZnr0Gk3gITRszcmmfHodmN8ESaolWRVhdZ_Ueem4LN57RPA9eQ3Yv3D224TbNOZWD0FCOvhxiWDEsLbCsGkqcxSm85eDhT9ochW-0Y0RDi7Ihj5y8LYZXevZ-cPryAM1qInAdAEkKHOkNk8VckUvpTphNEWoTifOeOKysr7Iq57U_L0RWFaprxRU7-hc6JQn4K5Q16bxiuHV24IvwxA0Xos5ryojeA7KHgPHiMh8DvSsMeOEIyBwcL9HyWRvRlCvY4EwmHtICEuoTruTOz9bP086WAMw4nxrSDlYUPXacPToPMly3-c_7IWiys-U2CQeEY_5BPX-0EO2aSSnuG98Q4bkUNyzQOWwqurfLYehIH_iTENO7fuPAnHcWuHrAyFZm8uLOAHafeoc5lrBXI5THlI5YGkesi-KsxKe_0gPKT0s7DoT3hm66TtZCuvcuCbaWY1IPaSYHbGW6iIELvAlSW457CUPkFMaV2HuN_rI5TSTFg5FgVyISi1k7ADWlRHCNZ-Ppq5avlJYwI_w2JfM353D7zngM0xfoGYsa2TfugeWvB-arX7xrHF32eWMeOpyXR8Iq64UuOrM59G0EGQMNO7JvHXmcqT8WRGtCDrkTqYdb4VmP6f01f_A-LX-NYgBJcgdZuczLvqCG9FZk2Hu6RJgNGMuQw3Tmcyc-oXcCgxZ6lZs31enOAN45sKBDvjVxD5Bl7-YcIT8iyGrEyD6ro2HRJFBnvVoHbl2SZ7zxG_RV_u33ZMjiHR6J43bpbz-IlyLuDrNArfi8k4fvpd9Myd0MZYGYXuapopiHVuj-gibrqXw94LTyVzRCH9qcLp8XSoFQBZMDXGh-CZn4cNkdA2vrXGFBE6ZgI7QsqVoqfuVlrp7l7VmEybhEpx97qjpWaRBeQynEpBimwtdTP2BPHCwR7aDS94s5LH6WFYVFMYyfak0mRNKmxnyk-PqP9nYHRgQTz1VviJKYwv-TGdXDpQO9AaShg7wUMGkE3FNn9oqUjdJR0Yg0wb5Wzw_Jsymk9OQK_JZpvzlqswpmQpsDr7Qz_9BtmNfYILIZkI90beJr5fuIboW-AfsnmMcvcLCBvGgYPDsGQ1vspu1P0T7ZKAWNr3EY22zNLLnfNxB2MimkFBvYivyfPEUo1SbyqbsUJH919I5uF3sitelIn2-9hIdw0IBn1NZO0TvNVoaJR-6dsnRTgF7EIU95xK2xdbu-SRr7LrB8-qlSCKNI2ckxLaG56ErZMF49tLWD_WR12Sfx_u0_KkHBMM2onz0NMWEB_QC6wiVLwpXizkPsIN_r4OeKwaJcDz7x3hF_GaT46sIueTP6Ce3j6vdRt7dtLUigUdgW-YTL5PuglT60Cd5jk6Kkg-KruHk_w-L0j8RBjJ1odKuZMFRNGZoKuugHeEpw_ROczs1VMzdAnSlsXZkMwsy6Bb4Duk6iiRpiDW_KEv2abchziZkKb8myvtk0c5c5E7XZEKZnWtB4wu2e2YwG1cHvvVhlTWpfbBEzpThlD-_2unjq4IN_DGsCQ8Di-MMSLWIbe9uGlRPDABXnIGhabj9dha_eQ3BsIq0IVbDFBiNuKIZc9ZnCE_eGW4ficD-ggyIBUlI53MgjPoC1vX1mnhHHOCSeMWZ3QFNvrUZYWIzMwO223plLZqnj-mn7Df27leAdnhGZd28QyLw_tIVl2DtnhyIgUCj7yzLSDrUPOE0lo3KnrxQ66LIR9IIpK0S__l1Pv5xwEic8TSK7HCqbuAhBzUoOZ_Gq_-q_aK1ADCB76gnTav-Zyhzz-L2Sz9n1hPYRRy5GkWdQ3B0PZ5o0KBzOp60If2TcsJGE5OIsKKrjaUd8mDcu_C1LB-OZ6mQ9FjsYySDGXp8De8Zrk06ZKhimuKaIRZqZ4VhhTGgb086ZkhkuAqlGBwiV0_4tiDwkZx-77xV9H-nxuZe8ViuJUq7Kz6r71FcqL3F53gJZIW70gL4u4Y_SoxTAr2D6-l6JmWA&cid=CAQSSwBygQiDYnka_BzAvBMiWc_JKkzz1lmnqe7WR2UsJEyMP93dqtV9tkM8mhTHcl8n0HJ9eCRNoMrsUrmTjPog1Wn903MwhS6MDXYuohgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ds=l&xdt=1&iif=1&cor=2503743497171652000&adk=792902355&idt=233&cac=0&dtd=30

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93a9f9a2e66e93dd4617984832cc6a8455a154525398dcf6f87944bcbe153428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37951
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cs
cs.lkqd.net/ Frame BAF1
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3b0fd566-02a1-4b0f-9db4-95e140e8e0ef

43 B
308 B

92ms
92ms

Image
image/gif

146.20.132.111
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3b0fd566-02a1-4b0f-9db4-95e140e8e0ef
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3b0fd566-02a1-4b0f-9db4-95e140e8e0ef
date: Wed, 21 Jun 2023 17:03:42 GMT
server: _
content-length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame BAF1 43 B
308 B 93ms
92ms Image
image/gif 146.20.132.111
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame BAF1 43 B
308 B 94ms
93ms Image
image/gif 146.20.132.111
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame BAF1
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3792032271343893360

43 B
308 B

92ms
92ms

Image
image/gif

146.20.132.111
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3792032271343893360
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3792032271343893360
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame BAF1
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=TW1pEDX9XsNcY8UojiLEdCU6Ovg

43 B
308 B

93ms
93ms

Image
image/gif

146.20.132.111
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=TW1pEDX9XsNcY8UojiLEdCU6Ovg
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:43 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=TW1pEDX9XsNcY8UojiLEdCU6Ovg
Date: Wed, 21 Jun 2023 17:03:42 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 864C 111 KB
39 KB 38ms
7ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Origin: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:17:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24396
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 10:17:06 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/elements/html/ Frame 864C 11 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAoS3m2wNV9LkSdZoMSdgOqb5hM0VK9t8Rc94FWT9tsNGt9e61-mbzpxdYTWurS7iZ_iGsjz_HB_cFkcuaLQPFAifK6w&cry=1&dbm_d=AKAmf-AwIZvpv0ryhI4DV3I8oervX_yTqSsjeXVw2EXjAcy3MqXjDu9M22Msx7aQ3O6k_zTlokIEfbFnJlK-ce_Wa-v9QvYprHOGQndQ-Hn6iS2QMmM7NaKGQwecAxSdfBS9xZPuxe-UlpJf5ui419vgFVj6H39NgpDZKLow17RAeefhXwyC8boEInp4wbjfcrMva6Yt4IGFLTjC33_VK2hFkF56KUndw5MxyRK9gutXw8cLKBcuZ1D7N5jFuMWR7U_Sx2p7xK05V-9SnRPlkiQzJ9SLjHWc995oCEQNF3PF_9b7YOtMEPetwOvRTnGRzOmjxR5PhOjP9JuEnABbe2S2qeBelgKqK2E1v0GL_u8iNdnORAf9YYHbqO7BbGyc7AEYjmTzH70SwScqNIxzrsuQclm-A8rbKMNIDLsnDMX3q_yyQfzh5gbD64cXJojL9FshRzf1Swpa9flo99BV2ZSGGNZfH0Qe2jNTJvvDVJHYdNcQh9ubnT_aMCWvfpHoKkmcGILb0mnx4eFNOPb8qdmARgF3NadetD9HKvXYn3IChGLenSE-tQknXBvzoCPEVtX2R1t9u7OnSFcYXmI1UxXqSJUMBxRLzIPfluz77MHyKdJSj1opMhtuhlwURld6kgfVrc8xnGgieCp6e-8mt3NDzyRHAnu4shnRpioS-DM-f5N61SY5PxZgzMEprw13yrETGQiF50e24mcw658XD1z8PqDQcb2hB4hTEvO6u-QsP6gLSEK2ZjVaZJ9YWniXRcA65bZvkY9NLftzLx3_ptEr2nLNGlVTuSAZri-kcKPC7yJGOgeGYkR_ozFvTA-2U8qlHqPEIZjH8G3NUWKF-lhkk7hQVB5Yq2SKkqIrn4C8LMBd6mNpjtXyll4RJBL9oix6neG-wO1uL4zmFfhXu_wj12uC_vG8yLW5IQ4KNd2d3Ss5RkcJnQuWnD4GsnA3O6uYGc7_RupDYUe4HY2M8r0GcINI6HmiMleeYQgoYGHMYDHLPqz4CqKQQ5qH4b_yBQbyyQirfOzrp1WCLB6jbQ3bcG84vLz1XcSpXmDEusBrMRpqPWROJ0L532BxSK6wQRM8BQYRe7UgBa16dUzFZTDYwg38UQMkfSzfc8WfzbsvMFGo-8oeJyYKluuWSShYHBoJKTu4rBLaW4V1-WWWfVcZbJic9GnwdD4GYVwRwRQ8XBYEIeGMSnh5t0iOVLn3e2NDz615VyszKIckDcjddnHipw1ReW3auaB-dYw6rfBKtSeSL2aOKkqaupNa0DJIpi5xLKjibC5Gs9I3GdPcE5cQRtA-h50IQCe6CCihj1WCzdR76NtNtBLxrV2svAKGq8uf1vPyGZR0hJ8dQLKjLpWW7rHkotVkOy_XuHNIuUGVuJWU0J85BF62MCYbMpoiOad2_oZYmpOh_lCdIINYcCm1uOaIH_RCXZjn8sRic9l6mi8wNunxA2M_jtGFQOBvou8BNZkftM2IO_n3iHFIljqByy5r3eRv8RWRqg3ISZfRjf9voR6eM2uBPYer5xVPF7IO-3WD_jEd7pODmGbuqOYhqoWLvibPnxJxb73045OEA326hB9BjvDH493twvIfgjBsuMxBCv1cxzI7MO-_F694MWzJiO68Fcz_IzT8NqeUuWdWbPfAQ1VuFHT2nbingUbsrsnqOP6SSlA-Ow3XpK2PDw_W2R3pvX9MXScJqYM1jR1KB7AE3aWlkVMLoIWRRX6VbFqZKuempN-nU3rWWM29igDBbE5em99u9tXv7b1zBw-QvMM7V8SOCUH9GkjQ9vC1R5-rYUTm9FB2uTgGbbX5DOuqsvfqHl8eA0zSeL8ze1NDkP8oPC7HCUnx1hrpPGJAxbCU2QojZECdeAZc8-ycL_7xt8SbaxAbz5tCIn5OgBgfqft9d3GSd02Q94BayGtBft_w3daINE_MJelZHhv2HMNMYPxJKhg4XghgRQ2XiY2uI13XfT-8nWOLv84Vg3Z3-1yP6BQ2xN1sb3wLH7H49Ft0CeOM6v-JQO66cC_bBfJ1qch-hLAm9YcXzsmcIoju0zD5mAqQIyB3mBPdCf2f97jKDOLzQQg6le4E2cBoktpziOA86kugvKBCHeiQdRagrHTM2C8523O122v_YnGJKw2sBJqizubJQgQoZGilHtaloZpNMXwKL2Shf3G9okAsvq4-4oXPr7uxXKXxCuoWH8REU9NqEMln3-_Nm6IhG09mSzik9j8_jUmztZdIFXXmKUEMgXcBcgTaG52gMCfmoA_PTZBpGhv5quaGKrMSI3nQL-WftDE2-TwGni4UheAE3ffUtmtvpzqSSpnnviT-6d9eJT1THxHEiPVQDJjsRiQRShwKBz3WYCLyd-vXFwjpadD61-Vb8hgVay0nbjulV9euQXdZ7cOfO4EvI7hAaNR7f2jOGz-TCVOzMuyX1xo3oHhPpJMFVahp5iF3Xe4JrRL3hpmDV5o-2Cj26GwRWE9MLUSC5FcwpXzSeDmcUOv2vp6fMT9B6ehsrvy5V7k7clsSHvZS9-UdeQjbNVoVyz2UlRWiNRIxlsYnkDaEyKalB3shevjPi05gi5Li0cuy-dtmfOTpG5K7FQirhUoH6FmaqI6LySnCp3yKqeNiYbsnG791iaIyyy2njNjPk9sWEa13Qf41Z-M-MNYJ6kekYKjQQDH44pwBnyoErrnoalpa86lWx8mkWMw8utYH__pyE7cG-C3g22kyJY1_bzWrUAt2e45j9om5BMvzocNufWdHQalKmYdfY9FNsKenvUYHuamBdEbeICVI9yZV6BX7NOQYNwqwEZgcrRk9TPUf9BbDOaCZiedjcJeLqMMwJEi7iPgUv39hw9N46IOmGdzjlrDsAVZDhySej2gYWh73OcplYxlyKM19TkV2udPoiGUP2STafsRufxkbbTfy6-R5iDTgWfkEZLd_wTvUxKfQ8f96oQqmaiWTjbwsOiWD5ZMrQSi56XfX5348xcbN8vhw5lMdI-qMnQntFvV6VsS0f4NACIfWrLzqxkQ80_F0ddy910cXo8FQWHCbrHl1j_EPMM0iR2bmbt10Gfg5bHjVdiMYao5uP0qG9grtW1ejIkoj19s8GWO82Ghm1or2AYjlCY60sbgJwAYuIzNnNRLdqnNb4ZjPfcnC50ug9lxc-hTZSdjqOOkPBZHX222_pV-2XtLaC5njWPPlNsGFtkgRtWs5Wt2rbcKkV5QPTmy1xu4Qa00m5OsJXzsr9ePDgwEz8qeMrPg0S_gNoEKX4y16EJoaA_tSxwGx59HMGDQubeFG5D0RAsup8EpO0znrzB5OygLRCEqRMs7mdCQ2f_d9HVwikOnDlSX-9Fm1F9Wfn7M3r5ViEwh5oa0mpdRdeQEXDlGeGnzPwsDjwUa8JCpjklTioLkn_hBQcm9hPfnyiXNxbwNAkZVbLiPthzUd3EepgDDaRYN13bogT3CDiJHEUN4HNmW3UV0jc6BCsJ4OcBzDZ82xaDB0KHTb-1qa2jzRMOu2s4Krmithniu54iG4LGRY_NOAQ7Okxx-YCRCgeftdjGnieoHs_gBGItAOXtwbLyBnSajoVx_4xOakQTh9olLeCmI_-mFH&cid=CAQSSwBygQiDUUsI_XlylbNWRyB-nvWzRDD_HiGvIH2wXVANcQSw-x9a8twin3CckjFRzt9pTntbRAvr6GMfU3rFlML81GIaDXH-n9546xgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ds=l&xdt=1&iif=1&cor=16947687642965395000&adk=1033480531&idt=116&cac=0&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:20:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2603
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 5499578052516643378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:20:19 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/ Frame 864C 29 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6977ce9520f2f65449534c21693dc8ffe2b30b3237f2eef6838d6dfc38187e31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:23:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2415
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11383
x-xss-protection: 0
server: cafe
etag: 11247298741758554759
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:23:27 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 864C 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97867
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 13:52:35 GMT

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame C35C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEJqkd46W8RT8mcnam63eqVU&google_cver=1

43 B
163 B

71ms
70ms

Image
image/gif

185.86.138.153
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEJqkd46W8RT8mcnam63eqVU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNXA_D9gQAyc6pI8JEufH-B2aGZehIAUhptSi5q_uFpORkXCZERL_ja4tvqtbL_iKBwrq8qKff7704Q6qXnNozMnkQQl6KtB3FfWFr5p1yRynMj8ibIBvds2fG8QF9rRICwopIYE2qlvfhaniD2W8EqUcvbl2l_meNuEfxFBltB8QW1freU
Protocol: HTTP/1.1
Server: 185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEJqkd46W8RT8mcnam63eqVU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame C35C 43 B
163 B 187ms
20ms Image
image/gif 185.86.138.153
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNXA_D9gQAyc6pI8JEufH-B2aGZehIAUhptSi5q_uFpORkXCZERL_ja4tvqtbL_iKBwrq8qKff7704Q6qXnNozMnkQQl6KtB3FfWFr5p1yRynMj8ibIBvds2fG8QF9rRICwopIYE2qlvfhaniD2W8EqUcvbl2l_meNuEfxFBltB8QW1freU
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 5717 70 B
264 B 108ms
33ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8vj0CLAa0TgBLA97b2RNonQCWBry3sy8AAABgYGDnAMk4Jg7HaDlbKwcjh1s0XM3Wwt3G4la5Zi7bYrdwjIzDISAZx8ThGC1na-Vg5HCLhqvZWrjbWNwq18xlW-wWjpFxOAUOU3aaXJaDWiBrmlx-NwhB0-nwue71ut_vrvFbLi-n3-Q3_G1_u8bvtkssfzkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIoDw7nu1pfd6HB9XnZ_AAAAAAABAAAAQAKAIH69BMBIZ9eJ__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIgm5tTKw5Rw6Rgt0ijAAAAACU6OjgH5mkE1Qsqvz___dbAbgCABCA6J0OZ59Fd1DiLQwAAADAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCRGZmaYJYAADU_AICAKz5BQQAYDNuAADeCMAJOgStGAxWByEWu9lgsVnMDgAAAMCd____fz0g41ytJrbBxrJyDGcm53Kw8qx2y5HJY5stNrvNYHtM_8uqs0WdRfs4TNlpclkOaoGsaXL57WfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVogCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5fJuRceRwCxeW2Vq0mwzWyuVo5tYNV5PZbOPwuIaDtej1MV2MG4tl5fEiwQCRvUieFulENXE4XIPRyLTcmDyzlWthGSxmw4lt45wYFxPHbiKWaE4W6UR22Xecq9XENthYVo7hzORcDlae1W45Mnlss8VmtxnsWw7fZmQcOdzChWW2Fu0mg7VyOZq5dcPVZDbbODyu4WAten1MF-PGYll5_I3ZcLeZ7QaTwb4xG-42s91gMth3mEzP1OdsVF92Io9MNxpuLjub06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7n8iu-LbbV9e9ZOYgNBkUsEVykE43fcnk5_Sa_4W_7W8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf8Rw-zmquFcNZxLRsNVAgAAAAAAAACwBNNMNwEAAABwMpjJaLBbrdOBbDajwWi1XAAR8c26fqjFt1h_tFN2wWZjQOtx6WYVa-yxhvFbLi-n3-Q3_G1_KwOQ4KtnttlnBLFWq2UNAABAABsAAEAAN914ExBmxf3___-PAwAAICOHHgAAwM4-oKuZmZmZmZl_ACrEWq1WtxtrtVo!&cmcv=&pix=undefined&cb=1687367022530&uv=3288&tms=1687367022530&abt=206725b_vA!nonrv_vA!srcol_vA!srcol_vA&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=c1ba1496-90da-4856-87cb-e5fe617a1d88&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 ea73d8da-8a26-4720-994f-785266cac580-tuctb8cb2ec
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 5717 0
530 B 129ms
32ms Image
text/plain 2a05:d018:d29:3605:6ce8:f044:1eeb:8f7f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/ea73d8da-8a26-4720-994f-785266cac580-tuctb8cb2ec?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8vj0CLAa0TgBLA97b2RNonQCWBry3sy8AAABgYGDnAMk4Jg7HaDlbKwcjh1s0XM3Wwt3G4la5Zi7bYrdwjIzDISAZx8ThGC1na-Vg5HCLhqvZWrjbWNwq18xlW-wWjpFxOAUOU3aaXJaDWiBrmlx-NwhB0-nwue71ut_vrvFbLi-n3-Q3_G1_u8bvtkssfzkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIoDw7nu1pfd6HB9XnZ_AAAAAAABAAAAQAKAIH69BMBIZ9eJ__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIgm5tTKw5Rw6Rgt0ijAAAAACU6OjgH5mkE1Qsqvz___dbAbgCABCA6J0OZ59Fd1DiLQwAAADAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCRGZmaYJYAADU_AICAKz5BQQAYDNuAADeCMAJOgStGAxWByEWu9lgsVnMDgAAAMCd____fz0g41ytJrbBxrJyDGcm53Kw8qx2y5HJY5stNrvNYHtM_8uqs0WdRfs4TNlpclkOaoGsaXL57WfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVogCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5fJuRceRwCxeW2Vq0mwzWyuVo5tYNV5PZbOPwuIaDtej1MV2MG4tl5fEiwQCRvUieFulENXE4XIPRyLTcmDyzlWthGSxmw4lt45wYFxPHbiKWaE4W6UR22Xecq9XENthYVo7hzORcDlae1W45Mnlss8VmtxnsWw7fZmQcOdzChWW2Fu0mg7VyOZq5dcPVZDbbODyu4WAten1MF-PGYll5_I3ZcLeZ7QaTwb4xG-42s91gMth3mEzP1OdsVF92Io9MNxpuLjub06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7n8iu-LbbV9e9ZOYgNBkUsEVykE43fcnk5_Sa_4W_7W8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf8Rw-zmquFcNZxLRsNVAgAAAAAAAACwBNNMNwEAAABwMpjJaLBbrdOBbDajwWi1XAAR8c26fqjFt1h_tFN2wWZjQOtx6WYVa-yxhvFbLi-n3-Q3_G1_KwOQ4KtnttlnBLFWq2UNAABAABsAAEAAN914ExBmxf3___-PAwAAICOHHgAAwM4-oKuZmZmZmZl_ACrEWq1WtxtrtVo!&cmcv=&pix=undefined&cb=1687367022530&uv=3288&tms=1687367022530&abt=206725b_vA!nonrv_vA!srcol_vA!srcol_vA&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=c1ba1496-90da-4856-87cb-e5fe617a1d88&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:6ce8:f044:1eeb:8f7f Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-length: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame 5717 0
15 B 9ms
9ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET view
securepubads.g.doubleclick.net/pcs/ Frame 9B85 0
0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame ED14 70 B
265 B 82ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8vj0CLAa0TgBLA97b2RNonQCWBry3sy8AAABgYGDnAMk4Jg7HaDlbKwcjh1s0XM3Wwt3G4la5Zi7bYrdwjIzDISAZx8ThGC1na-Vg5HCLhqvZWrjbWNwq18xlW-wWjpFxOAUOU3aaXJaDWiBrmlx-NwhB0-nwue71ut_vrvFbLi-n3-Q3_G1_u8bvtkssfzkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIoDw7nu1pfd6HB9XnZ_AAAAAAABAAAAQAKAIH69BMBIZ9eJ__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIgm5tTKw5Rw6Rgt0ijAAAAACU6OjgH5mkE1Qsqvz___dbAbgCABCA6J0OZ59Fd1DiLQwAAADAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCRGZmaYJYAADU_AICAKz5BQQAYDNuAADeCMAJOgStGAxWByEWu9lgsVnMDgAAAMCd____fz0g41ytJrbBxrJyDGcm53Kw8qx2y5HJY5stNrvNYHtM_8uqs0WdRfs4TNlpclkOaoGsaXL57WfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVogCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5fJuRceRwCxeW2Vq0mwzWyuVo5tYNV5PZbOPwuIaDtej1MV2MG4tl5fEiwQCRvUieFulENXE4XIPRyLTcmDyzlWthGSxmw4lt45wYFxPHbiKWaE4W6UR22Xecq9XENthYVo7hzORcDlae1W45Mnlss8VmtxnsWw7fZmQcOdzChWW2Fu0mg7VyOZq5dcPVZDbbODyu4WAten1MF-PGYll5_I3ZcLeZ7QaTwb4xG-42s91gMth3mEzP1OdsVF92Io9MNxpuLjub06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7n8iu-LbbV9e9ZOYgNBkUsEVykE43fcnk5_Sa_4W_7W8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf8Rw-zmquFcNZxLRsNVAgAAAAAAAACwBNNMNwEAAABwMpjJaLBbrdOBbDajwWi1XAAR8c26fqjFt1h_tFN2wWZjQOtx6WYVa-yxhvFbLi-n3-Q3_G1_KwOQ4KtnttlnBLFWq2UNAABAABsAAEAAN914ExBmxf3___-PAwAAICOHHgAAwM4-oKuZmZmZmZl_ACrEWq1WtxtrtVo!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 ea73d8da-8a26-4720-994f-785266cac580-tuctb8cb2ec
pr-bh.ybp.yahoo.com/sync/taboola/ Frame ED14 0
531 B 104ms
31ms Image
text/plain 2a05:d018:d29:3605:6ce8:f044:1eeb:8f7f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/ea73d8da-8a26-4720-994f-785266cac580-tuctb8cb2ec?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8vj0CLAa0TgBLA97b2RNonQCWBry3sy8AAABgYGDnAMk4Jg7HaDlbKwcjh1s0XM3Wwt3G4la5Zi7bYrdwjIzDISAZx8ThGC1na-Vg5HCLhqvZWrjbWNwq18xlW-wWjpFxOAUOU3aaXJaDWiBrmlx-NwhB0-nwue71ut_vrvFbLi-n3-Q3_G1_u8bvtkssfzkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIoDw7nu1pfd6HB9XnZ_AAAAAAABAAAAQAKAIH69BMBIZ9eJ__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIgm5tTKw5Rw6Rgt0ijAAAAACU6OjgH5mkE1Qsqvz___dbAbgCABCA6J0OZ59Fd1DiLQwAAADAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCRGZmaYJYAADU_AICAKz5BQQAYDNuAADeCMAJOgStGAxWByEWu9lgsVnMDgAAAMCd____fz0g41ytJrbBxrJyDGcm53Kw8qx2y5HJY5stNrvNYHtM_8uqs0WdRfs4TNlpclkOaoGsaXL57WfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVogCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5fJuRceRwCxeW2Vq0mwzWyuVo5tYNV5PZbOPwuIaDtej1MV2MG4tl5fEiwQCRvUieFulENXE4XIPRyLTcmDyzlWthGSxmw4lt45wYFxPHbiKWaE4W6UR22Xecq9XENthYVo7hzORcDlae1W45Mnlss8VmtxnsWw7fZmQcOdzChWW2Fu0mg7VyOZq5dcPVZDbbODyu4WAten1MF-PGYll5_I3ZcLeZ7QaTwb4xG-42s91gMth3mEzP1OdsVF92Io9MNxpuLjub06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7n8iu-LbbV9e9ZOYgNBkUsEVykE43fcnk5_Sa_4W_7W8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf8Rw-zmquFcNZxLRsNVAgAAAAAAAACwBNNMNwEAAABwMpjJaLBbrdOBbDajwWi1XAAR8c26fqjFt1h_tFN2wWZjQOtx6WYVa-yxhvFbLi-n3-Q3_G1_KwOQ4KtnttlnBLFWq2UNAABAABsAAEAAN914ExBmxf3___-PAwAAICOHHgAAwM4-oKuZmZmZmZl_ACrEWq1WtxtrtVo!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:6ce8:f044:1eeb:8f7f Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame ED14 43 B
145 B 10ms
7ms Image
image/gif 3.64.137.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8vj0CLAa0TgBLA97b2RNonQCWBry3sy8AAABgYGDnAMk4Jg7HaDlbKwcjh1s0XM3Wwt3G4la5Zi7bYrdwjIzDISAZx8ThGC1na-Vg5HCLhqvZWrjbWNwq18xlW-wWjpFxOAUOU3aaXJaDWiBrmlx-NwhB0-nwue71ut_vrvFbLi-n3-Q3_G1_u8bvtkssfzkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIoDw7nu1pfd6HB9XnZ_AAAAAAABAAAAQAKAIH69BMBIZ9eJ__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIgm5tTKw5Rw6Rgt0ijAAAAACU6OjgH5mkE1Qsqvz___dbAbgCABCA6J0OZ59Fd1DiLQwAAADAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCRGZmaYJYAADU_AICAKz5BQQAYDNuAADeCMAJOgStGAxWByEWu9lgsVnMDgAAAMCd____fz0g41ytJrbBxrJyDGcm53Kw8qx2y5HJY5stNrvNYHtM_8uqs0WdRfs4TNlpclkOaoGsaXL57WfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVogCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5fJuRceRwCxeW2Vq0mwzWyuVo5tYNV5PZbOPwuIaDtej1MV2MG4tl5fEiwQCRvUieFulENXE4XIPRyLTcmDyzlWthGSxmw4lt45wYFxPHbiKWaE4W6UR22Xecq9XENthYVo7hzORcDlae1W45Mnlss8VmtxnsWw7fZmQcOdzChWW2Fu0mg7VyOZq5dcPVZDbbODyu4WAten1MF-PGYll5_I3ZcLeZ7QaTwb4xG-42s91gMth3mEzP1OdsVF92Io9MNxpuLjub06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7n8iu-LbbV9e9ZOYgNBkUsEVykE43fcnk5_Sa_4W_7W8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf8Rw-zmquFcNZxLRsNVAgAAAAAAAACwBNNMNwEAAABwMpjJaLBbrdOBbDajwWi1XAAR8c26fqjFt1h_tFN2wWZjQOtx6WYVa-yxhvFbLi-n3-Q3_G1_KwOQ4KtnttlnBLFWq2UNAABAABsAAEAAN914ExBmxf3___-PAwAAICOHHgAAwM4-oKuZmZmZmZl_ACrEWq1WtxtrtVo!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.137.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-137-20.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

POST
H/1.1 204
No Content hb Show response
cpm.denakop.com/ 0
271 B 46ms
15ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.denakop.com/hb?zone=166090&v=1.6
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:42 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 71ms
71ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 49ms
49ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 96ms
95ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 108ms
106ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 76ms
75ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
571 B 101ms
101ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 147ms
99ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 208ms
137ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 164ms
88ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 476ms
381ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 1 KB
2 KB 214ms
214ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

79b2755fe82058c594d4715d0a503976bd00fd31ab5e082e1b0ecca282f256fa

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 21 Jun 2023 17:03:43 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5421296e-4873-4eab-ae5b-50c94106cbec
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
295 B 19ms
18ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=2270c632-7c46-400f-8324-0d56f5dee0ab&l_pb_bid_id=2370f16aec22e3e5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.04437644559093634
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9b1b09e6761b2be855046ba8e16371f74bd0d963b795b8a590f463a6af811802

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
295 B 78ms
76ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=b783a91c-d117-4c42-a9e1-790177246fc8&l_pb_bid_id=238568652eafa8b8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.0436243365519402
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 14a97d31c9782a3d435aade574180ddd34b27db4236c3357d6cedd753735b9b2

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
295 B 20ms
18ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=f06758d8-88cd-421d-9f49-dd5da54e4a55&l_pb_bid_id=239d88cfd02385be&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.28522029959007567
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 11f6ef1e014c639d0d65d7c29018ec8b8ff116298a59bf3b7c1806ac7e72955b

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
295 B 21ms
19ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=bd6f1b50-4f91-4df1-9e42-63c962884ca9&l_pb_bid_id=240588ba9ad0282e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.0033468319847143047
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: faf1732350f309773abd157ee54880b49d8d7fc43f2201076c3a13729a8bb0f6

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
295 B 22ms
20ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=926b8b81-1ecd-4e43-a74b-a2f532594122&l_pb_bid_id=241550ae3aa1bee2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.03592887564061065
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a87d3499b2f0386ed5a7ed239deeaa39ac293f540c342c8a56ac5f826e02b801

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
321 B 291ms
289ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=afefae89-2d5c-43f9-a002-c59c33c7fc86&l_pb_bid_id=24232e6d27ecf3d5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7846837942651734
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a6ae0528203cdcb007626769dc5e6895aebcf2968fb796adc874dc68bb3b480e

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 263
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
298 B 50ms
49ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=5686467e-613b-4590-a8c7-bc5942116c9f&l_pb_bid_id=24344e57a4612f0d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2026562626461741
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 321dff29d00ae0d8f64edc6c8c6278f898de2985a66d7f7ebbc3e5899a8aa4bf

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 263
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
298 B 97ms
95ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=44063cd4-7f14-4e21-8192-886aac17100b&l_pb_bid_id=24421f2d0afe287&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.518899261876236
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e791577c143893614d07a011f8b12ea70b5f7fa09a5a28372f9a6fd185d04e11

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 263
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
294 B 80ms
79ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=2&alt_size_ids=55&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=9d5999ed-d6c1-4e42-92b5-0cc51943f416&l_pb_bid_id=245e50fa3003076d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.10840757794916533
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 0065950453465563135f516963450dc674f95597c41ad178f646f29c9891be3a

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 260
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
295 B 29ms
28ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=bbb5c828-a758-4724-8929-187014e604db&l_pb_bid_id=2467510e763dbed1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.10933953752816539
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3840c3650b0dc3f298d53ec0cad75b3e8c58fc41272a38b03ca7effb6c61484c

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B01E 240 B
141 B 50ms
48ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNWub_Fl1tWKqxUFgAFyy5_iHS5fRZJpC9ngvO7RcGyUfR_7oYQmrxSxzkoHHPOsOFGU-fDAbR-cVTKQz7E-ZJ4T7eIduaF13w4Hn8IEIQkTLpkAv5pUcsSNmmf7arxdKCz0a5fPVA_knS_TOhEZt4Kt2aXGBc2VFsS5Fwv1uSF5uT_ATNuIxs05VXS45u5pdODD5zz9x6Sb6HA2Ls-N9KYstBBBxA

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c83a0aa34db53034150f203e727698bfe2535ef3f4cffd3f03ef9ea988960e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2EA9 78 KB
27 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2EA9 42 B
63 B 44ms
42ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ATQ0SKUpFQ8UoFr1LqH8_FUNd8ULV8y9QlyDvoC_71_Fim2WLejiSiLL1XYRvLapy5b3M9yfZr81ZlI9oAQkU1V6ernwoFmrZbHQWh9IWHmPIax4E

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2EA9 0
20 B 45ms
43ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7374407698534579512&x=1&ct=76

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame 2EA9 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:33:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 12:33:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame 2EA9 19 KB
8 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30dd4d046ee0a560951014c2c3f71fb0b620af27279bd7c5ff8b4ac877214291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:15:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2892
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8121
x-xss-protection: 0
server: cafe
etag: 8940155340736220798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:15:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2EA9 0
0 17ms
16ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSuyzGRm5T9tP8Abn0aj4_dHJTjHpuX0YkH0gCufEY429H9rFPm-SqMzbtr-KiYJhgHJgWU5OjoJ-rCEGxkSl0GTDhJfg
Requested by: Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2EA9 178 KB
56 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:42 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 73CE 240 B
141 B 51ms
50ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNW1djo7qBWqGf21_7hyL8cD_gAR7rH5h_E1tXiCUDiU6SskqyaIs6UhdwPmmVz0ovsQVl9HkyGnLijurf73LroFG62sG2uatAbMx1_69enARnmRXRn6qEyG7TS8bxhwJkp9Qxd_Wvw9SEHj5aQ3iwQ6Fwf78fFPBR5YFtPZ0knbmW1aAZwIO-rWDNVYHWTiZp3ANkv4vRC2LrM51t8-NWNxGvZseg

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c83a0aa34db53034150f203e727698bfe2535ef3f4cffd3f03ef9ea988960e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6B9E 78 KB
27 KB 135ms
133ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B9E 42 B
63 B 44ms
42ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D2qMhYqGM1hKkTwyspUKogB2KjZgyrjpB9a9W3ZCxE6sFkYov_g8ANdIjoLcC9kpU9okr9SpIo5SnI_Yuh1_rKQKfnlfkk4v3jZUWC3gq6hvtgeOE

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B9E 0
20 B 44ms
42ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6877162342574948089&x=1&ct=76

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame 6B9E 3 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:33:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 12:33:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame 6B9E 19 KB
8 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30dd4d046ee0a560951014c2c3f71fb0b620af27279bd7c5ff8b4ac877214291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:15:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2892
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8121
x-xss-protection: 0
server: cafe
etag: 8940155340736220798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:15:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B9E 178 KB
56 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:42 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F6C3 240 B
141 B 50ms
46ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNWYmgpO-bnZEK-7ApZZO0nCH0_q56W2yuWuvQSx689e9GaJtLW11Gu8r7KcKuh31EqDhHOW2lAcuyy5-BmFvUFmtuZfu1WJhL8GQMVPs4Uso_rBYPu0rsoFSJ080e4CeVy4An4fW9XjrDo_8xI_0ivo1nncAlBe7T2J0Q-HAQ3HsEoMpBBZwyY0aBRoUYsjSxJUOsGnmQNB3uFi1C5viwgxqlA4iQ

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c83a0aa34db53034150f203e727698bfe2535ef3f4cffd3f03ef9ea988960e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C4B6 78 KB
27 KB 132ms
129ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C4B6 42 B
63 B 45ms
43ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B9PR8SED25ybgalbnLSE9OMEG_FPklOtzVx_0GzCwneJ-tm5qs9-Xeyz5ACemoVnJzNH0JdKr5ikdkGqcrXKs7ZzMSsZZ5iNgANrbK4aRVqkePpoI

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C4B6 0
20 B 47ms
42ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=636309029302438305&x=1&ct=76

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame C4B6 3 KB
1 KB 14ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:33:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 12:33:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame C4B6 19 KB
8 KB 14ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30dd4d046ee0a560951014c2c3f71fb0b620af27279bd7c5ff8b4ac877214291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:15:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2892
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8121
x-xss-protection: 0
server: cafe
etag: 8940155340736220798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:15:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C4B6 0
0 19ms
14ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSLm7G9JvHIAEEACfc43TtSwI8X_GAi-CjbB9ihuLK2P0Z9WR8jOYZDrvpfytAxaUkCJU-g_GJigioF_2MK9CRFl77pKg
Requested by: Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C4B6 178 KB
56 KB 41ms
35ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:42 GMT

GET
H2

200

api Show response
api.retargetly.com/ Frame B6F1
Redirect Chain

https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Correio%20do%20Povo&md=&mk=&il=0&limit_drop=&userid=a3d22294-814c-48bd-a...
https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Correio%20do%20Povo&md=&mk=&il=0&limit_drop=&userid=a3d22294-814c-48bd-a...

2 KB
2 KB

130ms
130ms

Document
text/html

2606:4700:10::ac43:8f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Correio%20do%20Povo&md=&mk=&il=0&limit_drop=&userid=a3d22294-814c-48bd-a8b0-b47a487952db&idx=&fullVersionList=&platform=&_rlid=a3d22294-814c-48bd-a8b0-b47a487952db
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/loader?id=3368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74a0657d0916721948e2f27efa4bb974b5e2fac4e177c952a4a595d7e4a638e4

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7dadd3955cf39a00-FRA
content-encoding: gzip
content-type: text/html
date: Wed, 21 Jun 2023 17:03:43 GMT
expires: 0
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
pragma: no-cache
server: cloudflare

Redirect headers

access-control-allow-origin: *
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7dadd394ac089a00-FRA
content-type: application/javascript
date: Wed, 21 Jun 2023 17:03:42 GMT
expires: 0
location: /api?id=3368&src=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Correio%20do%20Povo&md=&mk=&il=0&limit_drop=&userid=a3d22294-814c-48bd-a8b0-b47a487952db&idx=&fullVersionList=&platform=&_rlid=a3d22294-814c-48bd-a8b0-b47a487952db
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
pragma: no-cache
server: cloudflare

POST
H2 204 bulk Show response
trc.taboola.com/correiodopovo/log/3/ 0
227 B 21ms
16ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/correiodopovo/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230620-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
date: Wed, 21 Jun 2023 17:03:42 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 8152
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-fra-eddf8230110-FRA
pragma: no-cache
server: nginx
x-timer: S1687367023.823877,VS0,VE9
content-type: image/gif
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
15ms Preflight
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 21 Jun 2023 17:03:42 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 05B0 90 B
134 B 20ms
19ms XHR
application/json+protobuf 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8f26c0f67145e2169d441f121ded92761a6cbcd1abcc58aa9ca5212994a09193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 864C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ef6a06537f719a3a9ba2806000ed45deff3f057e3b61a6d597863bebfb22826

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK ai.aspx
tagm.tchibo.de/ Frame 5634 43 B
1 KB 133ms
22ms Image
image/gif 213.202.235.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tagm.tchibo.de/ai.aspx?extProvId=5&extPu=tchibo-pm-display&extLi=14397917271&cb=3248436744&cbvp=2

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.10 Grenzach-Wyhlen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Wed, 21 Jun 2023 17:03:42 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://tagm.tchibo.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Mi, 21 Jun 2023 05:03:43 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 821
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/AW-931232517/ 42 B
64 B 24ms
23ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/AW-931232517/?random=1687367021973&cv=11&fst=1687366800000&bg=ffffff&guid=ON&async=1&gtm=45be36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&frm=0&tiba=Correio%20do%20Povo&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2090414582&rmt_tld=0&ipr=y

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/AW-931232517/ 42 B
154 B 19ms
18ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/AW-931232517/?random=1687367021973&cv=11&fst=1687366800000&bg=ffffff&guid=ON&async=1&gtm=45be36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&frm=0&tiba=Correio%20do%20Povo&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2090414582&rmt_tld=1&ipr=y

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 subscribe_embed Show response
www.youtube.com/ Frame DD83 604 B
297 B 38ms
38ms Document
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.v28TTIwVaSQ.O%2Fd%3D1%2Frs%3DAHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

80fb9f2bd6e20f8daf288a593cc63977637524eb0305a2e3d787d547bb6265e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Wed, 21 Jun 2023 17:03:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
332 B 9ms
8ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 15:17:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 438379
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 15 Jun 2024 15:17:23 GMT

GET
H2 200 spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
129 B 9ms
8ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:16:10 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 10052
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 20 Jun 2024 14:16:10 GMT

GET
H2 200 u Show response
b.t.tailtarget.com/ 54 B
169 B 133ms
109ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 800a2f1f8f64c8d4a7377690e68af0bc4522695148299151695d6a83c628be86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:43 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/x-javascript
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 318 B
417 B 9ms
7ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 13:03:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 446404
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 318
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 15 Jun 2024 13:03:38 GMT

GET
H2 200 bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 116 B
206 B 10ms
9ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 00:34:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 404931
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 16 Jun 2024 00:34:51 GMT

GET
H2 200 bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 117 B
207 B 11ms
10ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 18:01:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 342114
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 16 Jun 2024 18:01:48 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F72 0
20 B 45ms
43ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=701814311581&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F72 0
20 B 44ms
43ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=701814311581&version=m202301230201&ct=77&x=1&cor=11001661722504872000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8F72 15 KB
11 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CN_Yd5jGICvyv5zrafSgC0PFF3RnEqgRX4jeTddr-6uJpoEobsexZQ-bi-0BjdUeWLS9wA7zuyfwd3kfVJzHwedMb3bOz7HZJbDXEW3JeCCVCAmkc7gx5LjGj-2XfgYCtjB6AAJ81hTwjPp7TjRCUsdHeYLvJYvHIDEY5MEDqoYN0yY0w&cry=1&dbm_d=AKAmf-B06oq3KFpK26956DxDs58MadmDjxHO9tdlLUv1C11o6eF8gg_kvjGxuZtbqb5CuLjnsckqkirq7N4iwuIkg9YzeFlNb4MHzHjRVn3kZegQVewfsUlkZJzUlBf_H39rkEa3YVz7Zm7KOUtBXqbs6G4mJo4YKYbGdj3TpQQidyOvjs_GB1jhBL_--s0yqLO5lOGVVfaSQbxLymzPepJy9tN5SuuO48s9qS_PsjL4i2AWZzxRAeRCmUzbntDVSicYXpE1vMyFhswXMjAxk3IPfSHKVz-cyoAely5uQgJ6fOrecVFdMiy_3uTHppAHAUbMc6XOHm2aN0PmHkaZFUAyDQ7GgG4UmPyJX2VZ0bDK72cjPg1PWrf8W-LsLKdraDJXfdB7Iq0jB6_crK3_1AZ8bAU7fMsbGAT82qKgV5Zip8kjKoiu6jCqBmPvaFNsUFWPQi94lY8_58MpyvaG45egIZvsReb52c7B3IJsbriPP3tKD9j1-cBvh6mX2t1OS7pzhOVrxXDyL2EyJAcz9vHyuz9ddZX3RGMq2E7e02DoBBwebTsRTp61dHdCM5wmfTppNjjff_sDOJDS1qd1uTHgS9wyPe60RB6sukHUklGh4BbXKV35-Ta1DnzjGV6cGW9qLbnzJORA8xxBy4A3cmvHezPNHEJwSr746S1PC177WIQZXs46IxfVWC15-uzlj8riSimaWqJDD8r353Y6MdtqcAdriMG-CU89wuqGonVZ7i6MEwr_ufFzGTM7i3fp_8ZcRWidmq9b4jSP7YcpiHfKuDqzqbiskXzeW2lXe8E1DNwdCp8WPnLh80LNMSbga2XV3_kKkplMfN1CPrBb6zAjJBqjdeCjkTPzEE61Mbov94WF5b0Zds0CtinJ5-Yiqp3Y0mi6Jz7n7UrVoZl2YtEiq2kPi6wAUn-GJTQAjmHI6LGL0Rsa7rozsps4M6IjPP2GvD6teXQXwu3IEHqxA4MDM4xaCJGij2nj4OX6nARVYo5CQHuQfP6IVYn8hE-AIaj0OD5cAz0C5NaCUoGzCAF8O8gGPEstU7qIVTe3plvSf6CjywQYQ6t8mOVjzdbfhKPPAr3gRYOp-ocsyC8JFd26CRHzPGTqdrvQfHSAr8K2aSEOVZjsk-VtJt3tjBCm9jqUE-3-H_hHOwncm6dJdA6Hr5o1lV0q0Z0dgd8R-aIo0Lo_FzV2i6l7kUP9dPdDBgZEgzNSk_3mIGjXI69E1v992ndcAtWfDVURydMpPRY9sjkxZkXQHMnqYXSMZ8dncYlCbX5r1Y6O2dWnp6Mx14nOaJ9d-25cCSVZeqIl4XhxgYYi8e8NCI7uB_r8QoCJ3c5YBdO0p3FKlVH4rfpkZNVWsMQaaMsSoSqWVye1uWP_gk44Gfs3vgwHrLkQFEIb-MqNocdgfduyOElR9oGLufB-u3cF3BxFK3-FNFsQpUSAzP8yFxPKHXocPDxagKGXiuKWhRaLOTE9BfhYodhrXSvvxMZOcdFnukCU7NQzVTVgF49WWR333uh8orcRwRb4Zaiq9lFBIksqsT_S2orQI8yO5T8h_u1W-AkwC7XsIdZTKNe6WKe-DnXD8MYxWfwEtLvv7eyShwsRPjVr-lVoJcJ2HwnmzGCvP0qcyeAB3Y_9XB4gaPJc-29_kdfGATKtUAFsNkyyZp9p8anL7dBLMyc_lBJ4f1cgYr8luioH39pgdDbHWwQDCoYmjwTEi2cso_mYUwvv9gsVC6h9GvuLM4J-xKe7Z4DPGo36rH-zO32t3_jWSB5upni5-Q_yFfKqtMk67hX2Dv2mfyzR2djAPU_SHJsP5-oted6suDBG1ywoN7mPrBsGoPGHYWMQAcRZ-6wHRi_DXAB3xh6D-FmANW9as_u768mNDlZYksypxzV2aM__ZmzD6n82PQRuIAlVt-fEo6qAozzizb3T3Ncr4mk0AQMLacp_fw6BeLp2RlMdRPZDJwYo6NcT6-V2BJa-5UjpKrLiJYAIE8aCwyxNeqhE3uCbdPdbzeUWtWAHDHB9Eqh81AvydvX_dO-6NkHreKSSH_hH_5ezyokw5uLZ_nH6o4NayXFBLSWS2PSyZqG9YMcDv2XaJPlnUmWtFb-0hyVjSP8OUU5DHs2BkufySiAO5K-vnuyG0_JuwSBUVJRNO1MWTKXo8s8j4T5utnfzVHFNOuAugf5VsvQWP-7pG5Wao0pxaZiE8NfJlC-PwzTQI3-vjphkC8QjxS9yb7zX7oylaUeoKCzoIWltxDOZN7lKBWvHe6M5FODofl3kz3WLLVG4e9cjhXc1ksqHTraTdjYsIDbsVv4CwIN_uep4mEBeFq7BB6NDTe0iCNp_iDzcDXTKPuKGjE-Qf7G1eIHsxrFLFi9IlNSqTn5ujQPtzwx5ofg3yVq30d8TmHFwPDoy3HpDO6y3raghfJWNqn_mxePYtVqVC2hnhSp0VzQvCr-_lsa9ACGp-z82rPXcYpoRelSxlrU_NXLSx4nKKGpOkdjUszM1RBk09WhcgnaS1sI6TKH7Gt3hcNGfRgOa71ngYNPn9TXdUX-tr_fBoSF2XMHzUBpEYsXDQ7O7URcseMznqtebnv4K3C1KkskPxUcPkAztmYm-ZtIc8TOPOEr1ICsOKg_MfSxYcC1h2zdl1cNIs3DZMwmnjZjW6kEdQDd7fOEwhe3-ur7vCdx4h1g1VquBFHPRS9NWZsa0vVg5yr8AVoKiKSB9GGEIaUBoEvGcT_jLVe5uai7cGX4ZM0vply6q3wuRkIXvCnvABP1M13TYt4LUgQZ055NwbUXrEJjPFP9CSWPsWABzMhRPFLk5oo-TzPodAamScve7G8JQUYcYhM-hKJD0JVwfz5rsotlj_bI9GbU4jsmRt6QB1CdKw8ouM3MgeldyDXRNuwGftFW3yMonKPY48ZQxQxQpQSLRG_c1E_3vNvRgcVpGKH1pUMYUUm5Nme2CPegyr_z61NH-d_kBge6fExBlQKxUD_bjWVZA50UtODwXLNnI7RhZUezAbEkRRO1pCEkp3eWm7WULaEI_e81a964YsID7KpZPv2E9OAV4zC3Vfxslqp-9U9d99BaSw1CDgaK35uN1oGvNRXXwa-orgfCjX1O17vB3CB-4iwvIDtulEtSnvRXpCaRAGXbQ3e2eiChU4oFYCK_rIze7DVztS3ldXh9Bzf0iKAFJupwIy6fqgosPH-1L1iizEWR8KIOi13WvkrTbcW0QznvFzERvOO7O29dGLVEJsn6Cw9q0VhPkxFPMcczkEs-_uB0Cp0ArQQo5Fsp4AgBQIhTf3hnOp8hgvsC6e2fUUMtp2UAhmGkrrixwm1aVGC7WR_8LasbIZjVqTWF8IAMs0TEi_3OtCcu7dWwd72wFaDVSJ69egQ0gvAv55HGVmB3sCiB3nKcxAAqYYp-nthXHrgaqkXGORjNtZWe5e11svSfmczubvzQjg4WHkGSXJ6Lk5bIlKcUDWcMabheFngh2C5VxzFpbjQdAc-NeL-7K3hdvoNqhWum5VU-pI56gF6Ta5nP3UVET97N4kKZDUX0kGDcVl-dss8oxWNboAHy6KqOWBvsb3OcJcVw0e9zsCjdjZLcFVUTW2mR-04a0hqugb_yFCXSujHgFzfsBKu3EJKgzlbhn4fMpLVV7yGJmsXnnY9TDzJ5L5J0qWAC-V1H5HqLBRvC8s7dqzcqR_RE_AbZF8-KGr0yooU5Z647JocUFlULmd3Wb_WgI8uq70IfW2-eBVbqhEypN-m9uyATtKygYBrk9o0PEnZtQ5jaWBxT8_9Zkcfq4npn9Fa3mNu8qNfuBdzy_Eg&cid=CAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ds=l&xdt=1&iif=1&cor=11001661722504872000&adk=3661671305&idt=90&cac=0&dtd=18

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66289d95d7634f47455d58ecb38c3db822d264ec7d7034edd93ed95570934673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11406
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmTagSLIDER_INSTREAM.js Show response
vidstat.taboola.com/vpaid/units/32_8_8/infra/ 722 KB
127 KB 27ms
10ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_8_8/infra/cmTagSLIDER_INSTREAM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.4/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 0c52722acd658876392066c9606b7b8e9c380cfd452862448dee17960ae80b9f

Request headers

Referer: https://www.correiodopovo.com.br/
Origin: https://www.correiodopovo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-meta-mtime: 1685956597
date: Wed, 21 Jun 2023 17:03:42 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: G6KV3VDJ5XQ6QB9C
age: 462517
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1685956598
x-amz-meta-mode: 33188
content-length: 129347
x-amz-id-2: fbAeo0H7EEGa1PgkxUwGoU4ANJuouW+Vr8jdc4I0J/iW0ekUnfEU2bQpf9B59QRFMJZZq1mimbc=
x-served-by: cache-fra-eddf8230087-FRA
last-modified: Mon, 05 Jun 2023 09:16:39 GMT
server: AmazonS3-br
x-timer: S1687367023.982884,VS0,VE0
etag: "f8b638d70028c8914209fe2cc6601fa2"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 4

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_8_8/assets/css/ 60 KB
8 KB 7ms
7ms Stylesheet
text/css 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_8_8/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.4/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-meta-mtime: 1685956642
date: Wed, 21 Jun 2023 17:03:42 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 88G1W7FC0N0XDB2B
age: 1410282
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1685956642
x-amz-meta-mode: 33188
content-length: 7877
x-amz-id-2: GcCXD8KdYBb+g5Vtk9wQ4x27v2HOc+dszuQv5xGzqSXRFMrTMu5VUVKloNv8X7kjr+70Cn2r9zI=
x-served-by: cache-fra-eddf8230110-FRA
last-modified: Mon, 05 Jun 2023 09:17:24 GMT
server: AmazonS3-br
x-timer: S1687367023.966766,VS0,VE0
etag: "92502277b3d6d05481ffd7687771377e"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 110158

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C65C 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7659768160298&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C65C 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7659768160298&version=m202301230201&ct=77&x=1&cor=6119218896691053000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C65C 15 KB
11 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKG1DAN5fi52lVKVpAKOMapcL8rNIrAF5yA7PzPxepQMb0nnqUImk4nWYa9n8XMVKw2Hnnrv0GbPwTr32cOPw1pQCcUnotwTAXL7X8Yk9XxPDEPlW0pREK6g8Z3B2U5Dz7dsiD6KrBl1w0HIy91ln1qG1r9pQBRP0Ghlr5hjk5b_k9Dkw&cry=1&dbm_d=AKAmf-BEcWYhWz5g4FCQlyu9wQFpoM891Lt8-Zhkj--q66mmkFrJ2FcDs_2XFyR_K9EntIC3mY5E57Kf45Y_61ae5IRvg7VVvUjIDn7FKCgZoB0HNxC_hlpUNNmL7hmjnmr_XO-uaUjYCrCuY0cSoVkyVsvHxCRM8D-2uu7tZiC_NTNiwbZGXjQMxRL4_Pt-TWMlt3Md9j9gNj-4pIrCFTre1PJZOM2f2sIRvKoboMl7VXZIFRNt-UtmbTNpKkfjayBrYX66D1Tot_qYQWQRFpNOA_7oJF9rieew-DgUI9wKsmr-I4TuxY4N2x6z5c1wB4RrfpGPPjK1T9hHIZypSRMd_PHiF-PVXgfteS34ircHIwKpAFSZJav48r9sVSzrd73gejteBf9A1tb-CrRQruyTELjBodxMe4DtkvK84_2TQzvko5KpZ3_B_rx4DD6gJeCD0YSeqfdchkTF_wO2C-Vo2cgGvx1IfMvL7cg5run9iY2K2-c0LqXyLzSrvF-IehdYHwP1j8Ofcn9JwGmhhC9hhWUIbE_b6GqnQyXpj6fLB-BlBGFHFHMgD9q85eI8fN_vKw30YwWC5KYcjpFMA6ZZbLHSdOByt7sMS0FzqwBQVKETWD3XKyKoUIGeShKdw1ybPZRGwuI7ZYkvKnCF_iPOLt8TZbKGKe55otftGN0xOptjMgfOYb60CSZhpgURA1pQa2dTZQchwf4LY0168LD3c38Vj5oLU9hdlk8_R2jW6ITKC7UIe7GWY1q0lrjtQ3hAdgkuAhwoFrppJkVkcvVqOLu96TSqZyNFgUlj1R6Sv-HFvMALzw_lCCtSMlyhNjIS1HBBTyUh4PY3vTbupjDJTcokAy_klK7uiH9uR32tfL2WEDHpfMcrM5q8Zwk3QKsGqFiPHEdroursN8Et_-CF33uP_0cXepmnN57_2M119jUOEml5CDQ9UCYhQSmKRjauh7jAP_WU1BTI_F4fG092YU2gjSzuwSgABegN-8v6xGj6_H77GlG4P8l1szR-A6JVj3aumSUklbf40Tyas6AyufdW5gFcJk-r_bkn_9O5AsT-9QDbcm78hEg6cz-KBqtOHze6uAfg-nRkXSHnuufUwQbvy8DwAzv-3G-5-0zeU9tB6wvysbwBTDJCICae2TT1KsRZEktcpGcBDFVxCoeCeXUBg5VwCYMfpVqV5eg58gZJBxeV5zGfXokN03Z4me1jGbbr_43RltIZvfZ6c_hK6pAdbIo6MdNK0PiKKRXqeUBEdbS3zHCNToLWmLQZ9CU_EcphybTCRs64-Pb5gTBwrFUhb1_7_7ZTQN3hw7dmjsFxJlztqJNOqIVuNvEZJPZ4RydSDR_NQKyJ4c25Gnwd1qKS3ww6mYK1U5X4skap4RWr1QvQcFuZHFmcuGvgf-pA5PEkoMghmL-M2f4GyHtqFAcsF-SOqJteFxbB5hKDTgEumF8QPs5T1cKaOhhN6nD4WA-B_n3qMFq5FNgsWTtcANmKhKiAmqVGgn5kVS0Cvpkpr8n7Xpx7pq7MCpPjcz0Ua1V3Mk4PuSobVKe5iOvUCgF7Edm9I-iGL9I7v5uFRMMWSECD4n4Q2L0qJZlk4Up-sS0c7at_3K5ysc2Bf1CcAlYi3-HpO-9MqcajngGHNSG0rgHDDTnWAJ9PIT5586Z98WBXYLf8iM8h3B4o9g9hNzD-7gQnF3ugJgJISxUZrJWX1vpzO3UzTY3-xNvOyOgVDZMa2Pwu3Q5sX9hZ_OlYoMzs0FD78XImKesSfjRDdaAfduNoylxqvLwMpEGBRC5_kGF2CG_0OpZoy05A9VPVoPRTD8thXV7qfvl4AegpyrrDnVHr19_cJbSsfrh9OEiFO5sXg-9ZjqA0OOpKwNOEgsuuYU-zGwS0W44RWMAPofUig6cupegjsucjVnP8rA7ntER2ckhHbiedJFlmKQCvyZkrPyzly3Fgk8ZEyIXEKbrmrMDiZjdLVurjFn4n28GVDtFmy4RDoo_6SePAaE2FlbFuU43NQHW9DxlG5pKbFlEwau6y93UgZmeZgu7iwA2TDXouiRSlCL_5YPQxExMe3SDTcWKh5iwfohuvOORd9KCj-F5Qc5ZfSyI1b0gu7Kxaj7n-Pw1wCTHJ0-eQJKXlfOEIwOtahsyRO2YGuOHls9ZfvyK7Ttm8dDg2amr0GhZ50VIqhSP3YqVz-WxEjxPyRmcmmQWMuJFfaV41WpBAZNZKTQLTDBvnAiMu7cHjcYGW2FHTF7aarUP92TFa8XICQNZWaUkfl7mmoVyuYCV0NM2GXNrJ5enWfP6rexNGdNaLZKvFsl6e8s2JOcrdyT04D3RDaLZL380o3tIF2s52fOCoqD5rSFN59p4iSDa6soXsZCCrHXHNKhk5p4mKMM2qfX4jPzB3VdYD5kVpxgLPcvYISPtif-eRYkPPKR6RsahZu1k5wtFbomzLPTis2lh4XCmDeNRCtFlP8k_GSZGeJOlSFco-3i_Ed3zFwC_vFUgCrzKC5t24FgPpBYc4STt2Q9irobzAdT6JAy38fXhbJlJ3Cfxk8rg9U_wpoIUtG_D1dPPf6641NxC16fWOrBS6oUcbqle5RXpP9ZbLXaC3udQhnCfq3cLtbXXQay8ufePe2ZqwY9OCziRlFHqYl8pWfp83TM1NhvuXzFHOcHdh6704KbYnUArvAP0NeL3CBNxuYGpFc3PgzozdIPQ_7c739NzYermlv9bcy2iNgAdlM3dKWfu3SOoXCDLmZGX4OAjqxy-WtScRce71F9Ib2y_0kYnL0oKwoYEgG22LtvmMJnBntVtwJWzT11SHaQmrE3bXUpilFoFa_jXgG9x393UdguqLDXWp0UaNTynaULENJNR8EdyDs1NXr5aUvuzV4akAwSbbCbD9-ym4odWsoxlzSTS_3txDzMIDi9p5czWeQVexq8mwlLJCSiVak-kOpBZEJhlBnI_ykND8u0XVs_kPwLe-xYDdLEIiAlPUplsm9WuwWlekRUv3F-25Y2YPH6dO07C-DcNnOs397QYQbbmDbYMiJ50L4_PCew_H2dkBRrasKsSwFb6oT1DzRb4nYwtQEEHLZAUq0ffg0eD3AtR8VBJq9iA86mwyuJi2soRgpgzjpdbO44fWMZfkWvuJ9i-dmc9pPpcqgFp_GtHgdxDR8a-aNlWWtN6TGYQCybCOBvwpYXGow9On3syoQjt4NvqGe3MdQYzZocOdXqb3cC9IbfkL_P06IIh_YzjrsmKLWRUB8ejAMSV8JtcMa3MzIHiF6hkFzt6hxMNRaPPucs2bF1uAktpdmR9KoYCrwighfJ1Ac7V4SOAZqIflrC6LxzEEixU_KOD8C6jHKIusX7Wjo7knNo8KLosp_Yj-nPAWFfn6HCKiYmiRiOM9fnZI4M47HpiIATu17DuQR_fQF8WGoC21oCfK9isAanlvCu0wUiCZAfZmxFVLYF10XhWYqWXh_rtxoHL09Go5wKP6MOHZmBcgEpa8E8z3CPNi8MMxtWBhCRoyu4n_J5Oe4s1T2Hy_0FuypfgJcBvW76M12a_9z9Rg5G6Qr7IQeNSAMu5p_b9faD4lTMMVztWRFQlof2OMQOp-f2Oi_uG7gecurJoR0VJn_TuCM1eKU_5sic9BjQd9D3e7LRmUJhCePaZj7-3fMFWwdwzXX9pxSsx2_WrIbsbhsKTqrruaYCXSonaCyjeS6GQX4hegl9s1bhjS8HF4WkJlG3jaUcVGrdgU8VfCPX27T8w8R9ssYW0TnWKb7QJWh_C2Yj-tHqjqenv5GtJjiYgiIL0Dbw2vnKHrt1yf56TcgEzVAA&cid=CAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ds=l&xdt=1&iif=1&cor=6119218896691053000&adk=496764934&idt=153&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e887cde188c26215d44e608578d19c5b3d3075e6b2fb084ef8c65e5ed60c8c6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11380
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5AEE 0
20 B 45ms
45ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2268345881629&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5AEE 0
20 B 45ms
45ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2268345881629&version=m202301230201&ct=77&x=1&cor=9179555485740904000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5AEE 15 KB
11 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AoR4oFeQVWDSlG1aIdNhl_mOUkBkT2iP4Oaz3F3RjeBtr8cNIZ_BZVp0RUfGf_T4gpk7hbm7YxmPtNiNSVUq5zNAq4dRjfeseRCzQJC0ebM-5jzBNJ2ZuXZGBKWFf6eYrfvHKWH1A7YWE0g1Jj2yIsTeHoCZa1j0wKo23TAvQglURcsg4&cry=1&dbm_d=AKAmf-DH33L2Di1aejG_4scisEPs7-4hG6l_PMO39jTn9gNwj4MJmAVJKXRFF5YCJixA7qg8e7TwmOAag7yBzG9fgIJ99LgupmbLy87IOSQBrTLOGm7RjBDemNdxHsG6rwnmDGiYHiVhG13L0fy7Tjm9hSoye5Qq4TIFCvwRC8LW-Pw4e2mFCZq9TJLwCUjjJfcBH-58WcbrQwtEGJIww_l113HG-i-LKNrEBDI0PvAjnMvgwJDnKjPkDaWnnKH_INCkQzyPkBBnbY4-1f8J58V2BErzZySba5KmXwzcYMOI2iRwXeVEzbTnDL8HwkJFRvg9IQ8prB3hJHrV8AflOqMm253EJn5kOXDik4Hul_jqdZGbXS-8PKwuYXJfa0bNTQ-GHrrwfAneYwKuekNtBO5oc-Q_g_10d--7mRaY5wwzeDBMeOGSmWrsErYaESvvLKRHzEdZW2j37ffAogWuvRc3CzqIgGzJiW1FQn9ghEbDMEaRfzVezl87RF3rYdkfB0ilBEw92UWnsqfFwCdPupM0g1nsfNB5g11-44fAAgCg9fiR88_RPoTAIhP43HwraZjwvrQLe6c5m_cOKKQ5TdiccE5MeNMSWkgdYuRquooYofzVolBAoZmrVK4txz3KVnzcY0eZK7kZQ5p3qCTZ8gFW7Lfx8RS23ZCzkYbdzvIiKeeNo7J6O6own05NMADiOTpRQBUuIzG3u92hh7B9d1hw7qu4W3e4uzNHMkqYyxiORlzX63UIuclx3kl9R-WHxaDveYBReecQ8dGhm1COMn3kmG4YZkvH3_NsiJKxPLxe9wzo7D35Kc--7l2Ptkyrx4w_ECtg-YKGRZePRedBUuMVch6WId5D2NtpALdIEgfMC7LFvVlv2BN_BKta1-RQ2RQXhMcV8-WPikz7elRlunEix0qabexNj1m7Lu-a_FDuCPQlnVIKsp2Uy5F_B3JJGGJWidBM0kAgRzMJtoEfzDMUK_S8zp8ZzgBo-9a9lD0tXZK_rH18BGuYqqSV9B_3KX6EKpHW0I23fx-siATNXGsv9pFo3VxuowGE8XMhEtIsLACGUE-fOXgNG6QHWl8vUXPBLe4JDihlHpfi5A_ZiaR6XOlImA_7-F4-7Dqv-P9jKZavysznWa9LEHxeMp5ThVgSm3HwwpVLEpxO-jsYEhbW457TAYBijFokh-0cIFTuhtsiOUBtRHWOLYx7EFOJJzT2gaptvr80zvEmqIRyxpSsdqW7RFLZ0JGy746F8e7bUsyMPuHSMcjsd9vU2IzPZuG-aiWXZpZgyU7FM9XnIH3MZNxtaWfbUC-e1hRpbCjf4pQlYWDThRKgydrxMv61jBSS5DrKdPKk7nO_hv9YAyXSomzUEFtE0ZHEJixofRbL7VdTast2yZlALZzoVrn6svHKGWR6xCHJQCC14GZaJwq8HOv8cqHFjW3WKIcSRXiYbiiGWxa0PZtVucqUCt_iOqCgV6LC5bGrQIcFR0Em26TgjqJYEYARK2T73joK-dMRv8CsNQew6O-j745Cq9T7Mn2VlBIElMCzhW9utJ8qaz9eYDaYDpiZ11cPAIodrAFGMk3HnlwdtGOgVtWZ311zt3TShorglPoTqWXJpOQgF72pqnTGjFOf8hTKNSWpB1IXgX-usVnVZ8Gl0Fa7P7OmRihVUUpmAQV143fkOJ3kuk3nnY2wMxpN87cg54kPgJy8YGGYY_zT0LAIMEAJzaKE4c2spUoPzgoy2l_BBMkNWaYrUN30Kxq52hAe4G-9anNP7Hznjl4Q4-jJHZny_nPQSGJoz8ZxQSGYeemRjylwj4M0Sxmj2COHikPgdhV-RpgHQHtqi-2n6pW9mAvm5ga6kuus5iy_sVMNAMFgCNG2hM8B0s6G6RrelEEv8bc8JaKwNXopmpiVgo-NEjQA_s_vNPWvJqXKc4RVI0zJeWb5wdEjMDyckDj-gFkYXssGMsT00fHlls4euD-JzPt9KI6GrYfElFRLq-u9nMS98W4eCl0vjd8_7lXuHAoWODrJpq5azSxAZOwnSQGw8XXMPdeULSbaUkX6Y_n1pxlyk1NnJzPn8sEZF45jCL-3JOPhxA5bSc9pT-lASqPXruVRvNhQ1cFRDKs9vPygHvfwTFhDn676UL052tVfdnUD_wzKpm898k3XcQ2HMLVG0xDe-yPTNYEbSjD5aFfgUB5I1WgEGnOomHLMa_RY0xTceR5gbHsddyc-i8RTGJW1WZj6-vQsIyQqexdriOHYg9sVgOa8pTMELptjLfx2fpIeGnEzS3z2JvCHp1_KiBwyR1UNQigRo6V_jgQyPU8CecOIoVHMpaStwv6FJ-WAVSEuUn45l5EWJYjUHTGJrRHq_8Dli2Dyc1PPS5gPauNPEX1E48MQgXFbdq21deIxopw4SqSa51morIkjWLNbbnCeo0RPONyceGC8HpHTJTqDJMKl-E_ChjXS7K93P6r0cLRoatqNF1XdMq5IahYdIMUTdBViCa4Lznh5pwq_7chIi6zDGvjxTK-xee6_IZMMvwPByYdOa7nh8z0lpQ3DTVrOc9BeveJ30jSB7sPNzGVIkLDzcmKXy1GVpdUWFlhU7FAjwWpqWdl7bw0afoVFQ1d5O6b3dQBLF-jmtfbhZ3bfrn81XIufVaVsuPmh0mKpniegP9b5bs4JF6voCDbcfP4zQriEZBllDofENKoBQbVQgo2OZH6Unavc-gR9zFt0fug_y-acDug7-alCYal7n5K0UFg1VFt6KuWUjuMfxPPCrjim52Vgs1bXKz7jJh56bgQB0IQzeP4C53QHXoscLC-TekXI6chpqs9zpDYHjS1uWuH12I150FWGKfX9KfNsm3ODftbmvO58OhVHmOFLwluWC42in4ZS1UHLvyPD57gIgtb77xsfqOawIOnYIvwEWO6xdXAqquCAU1tpCA8kJBjMz4IvfumxSuE7JTGlWmj0PtahmKFguDvfwsUdjAeEf1dXK3zk1Rx8HyxQNdCRBJrojSfSBF_-1QwCqYBXB_i0YN1htR8d91K66NzD6NLCgFXeXXjjDM6mairut-TKOGxbukJCSixvB4Cowrto7sOoHZ2y6FgLmj2ePRMacqhJo6_aATokPyCPqThElz80jrnv9R9Ppf2ffz8UlzepNOJowNUcf1KEF_SfysE0Pby5Nfv-KxX8VSIAk03cVaKT8nxsgU8Xu8OKyb00seID4ko_Jn25BWT1DM8UPEcVfWj9-kqx8GGACL-5ORoMmKwkYP0Hop_4tBPSdKgsfE9dPW9qOuOJ_VOMTakSJB9G8ecQcYroMdTQubnwdAdG1OY8R9IsS22Pa5YMDt1zvYXAaEb_9QmqIdrDelPFt_lOptHE69seAITxkzo7YE3bCkaiWWCrtQ69BXelkNH6QwLOIBsHxbh7BHjm2q1MUepQM2oQlWafZ4nTDZavEZX3zon6Rsv0QpvTpRFeyLR86_ce8eC7oj9YVoLJsfigEWSSKkHFbOfsz1WlSJWH8gDNXIzXC4SzwQ2ainoqo5P90QQePtb368xLENZ3KPdGxiehsMPGHk9kXakzZpxjzVPN4gUyDgSL0aZ4H4ZeYLYCi59SawYPhV763kHVmbHU0amGFfBUCD4mxCzfoyw06o_1EYaFe6fAbHdr6k5L4_baY3PcEXhDFbe00-vQfGa3RiYlDHozTssNEbi663ZYr0k6vSyS4Lna_n5thrKcedTiFFaN-XvJIGtejl8kHeXA0n-ywrpc0G-B2TV66-w8qkHkUBWArN2nlPfBhtikQE6NzezxhWpho2nmXyNj1aNpZK5DCPLaKw&cid=CAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ds=l&xdt=1&iif=1&cor=9179555485740904000&adk=2013371551&idt=154&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d96317f4b7bd6c910054274f8ff839b62d26f253810cb80fd3c887da280eec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11406
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame D449 172 KB
60 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Origin: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:17:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24378
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 10:17:24 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/elements/html/ Frame D449 11 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DthbYzTeve26u7OdmpQOYqkI-b5Gi6u80joXcZtDZVkypWO1WTrb-ylILR-N71p2mZJsRPk9R8cfwKryVvgbjP6et-jQ3xEb1B3GLGSDR6YZOslXwkz1Bo4PH0rPGOlq9Q1jJzRUcb5fjbaloDw8cqJQ1YtXQaABFkwHbBHUbVHDXu_KU&dbm_d=AKAmf-AhtzX-sggZbI5XUzd7SBREuTfm6Ni0ex9JQ9oPyySgLqfIVPyYtnmeahWL-_Zg4luzotmos74VYt8A0G7AFunuU0SfjDb7LvwmdZAO51Nw2-Z7urWPPbhXfZsxB7WWQ9Biij33XFm0Tt3ZhQubjwfHgPWndcFNHSbvQagGHnhqK-B2ValztMXH1ZMGmBR1msFNIlyuhiAc_PG60pvQzLzEoxL_auNvChGtDql7QzUbOpj2AzywVVAwBSYE0LeDkqfbyzZSen4I9E8X84u2fWnFZGwyy1Hz3KUcA8zgLGkuA0U07wDDGK2iFRunccvdS-QbPiX_p9YrAr-6EWgveMFnTzkcro0Hispq4t_6x_dvXWkAZ9QS0-ZIGhgUcAg6W9NE099h5KphVrmCF5UVmjzD_jjX5jwk6K9t0n7Xf3DZTTh1k2-64ZPIDfCqTU-NaTOLXDL4TPsNXNhpXw8e8GL4N08y847DCvzp5P9Ui-k5fD3zGgsAunDy5M2NK1px3jjS-KXZJpLv-14EUDpE_-b9SkNaJr5JYXb4yAbKm5UJHTLKhzqIkLC0AUyStIPsF-DoIIEJr8FDYmGVuP03Ax5wb7j8XhfZtVU-VZuz_3tZdWt5vnt3p9n1w9kikC3-ihUfAR6Z3RCPRRdTAnK68-cBRTOIxY7JKChCZOeZhinckUMtm2A4e7NQQM7ZxKVMYL-Zay63HKL2Pa8gN-uIVcKQ2fpskWKVcAc6-G1Qfap91gEHRYtE0lmdyz-JyATFxeWWYXNq1upgTKQyc0hEw8mzlkd4tFRDdN1lYtzf6inorXnXv4ZIMXdMClwxVomd4j24e0MQ-y6B7ocKGrxJWTGqzX10TPJVUqjJDXVPA_Dm_dXzNN_OaMoBTT2AWJJoPDqLIN_hqGXpWDXrdTAh7tiJngOUi3VTXpl2kciNd3FgyKesp2Le_Aq4i6kO34QKFRgeRaz19WLLcP10n1hCSJsY5SNmPAbbBlB9cX7_PiXoGqImJUPGPFSZHPZ6DkzJJZqI64eAEDRPsAENgG_oS1lalr9Dd0uPEIWu7dwpGcJ6cLCxONfpXtQ62LAFVHrPT8xhJpYTT0-li5Qn5pazrqYNjGQWZuvW3T9875FbLk2JG56bXLnSGW1w4-iZ63mwL4AACJyxr907ZSdW1muwKilDLPAQLOMsmpAmYt2bATXTIuUUBfwOvkLslSH3ZIar-PYZB36EL8Jobg01VLV-uJe1ThClEow2sZjwP9tzYZ8yUgs8ptsR3wkAKlAQ3TM19HMnpVIaOdINiaUKuBr9BHu4Y63Q8NDBknQ_nG1pgbUgutYhSAp3ClpuKTFpDmuYaRXZl8kGBH9YthvOsLBpFAzamvIZQPhaP-1TObedWiW6WwedmUtp5eO3zyo66dgSMFiXmbooaciePjfoc7i6qvkbG7K8OFUmnRshndIvL-bRfvVg4hh0g8khhYUIda5uoRSkj0Po_lowg6cL1B6LsY_GLh3zxo_N7GTgtgds0-c_11rsDZhoiVAF3iM6UYmwwKUyfGpUnhRqgvGXQ9US4wxc7f6Vgvx5gIoCVNLn7-qb8IK-zJhCdDL6jFrQigXztfZfxqBoYjA5-RHdwbp8IoTdubeQKz0-x026q2UdNi-23yOZnr0Gk3gITRszcmmfHodmN8ESaolWRVhdZ_Ueem4LN57RPA9eQ3Yv3D224TbNOZWD0FCOvhxiWDEsLbCsGkqcxSm85eDhT9ochW-0Y0RDi7Ihj5y8LYZXevZ-cPryAM1qInAdAEkKHOkNk8VckUvpTphNEWoTifOeOKysr7Iq57U_L0RWFaprxRU7-hc6JQn4K5Q16bxiuHV24IvwxA0Xos5ryojeA7KHgPHiMh8DvSsMeOEIyBwcL9HyWRvRlCvY4EwmHtICEuoTruTOz9bP086WAMw4nxrSDlYUPXacPToPMly3-c_7IWiys-U2CQeEY_5BPX-0EO2aSSnuG98Q4bkUNyzQOWwqurfLYehIH_iTENO7fuPAnHcWuHrAyFZm8uLOAHafeoc5lrBXI5THlI5YGkesi-KsxKe_0gPKT0s7DoT3hm66TtZCuvcuCbaWY1IPaSYHbGW6iIELvAlSW457CUPkFMaV2HuN_rI5TSTFg5FgVyISi1k7ADWlRHCNZ-Ppq5avlJYwI_w2JfM353D7zngM0xfoGYsa2TfugeWvB-arX7xrHF32eWMeOpyXR8Iq64UuOrM59G0EGQMNO7JvHXmcqT8WRGtCDrkTqYdb4VmP6f01f_A-LX-NYgBJcgdZuczLvqCG9FZk2Hu6RJgNGMuQw3Tmcyc-oXcCgxZ6lZs31enOAN45sKBDvjVxD5Bl7-YcIT8iyGrEyD6ro2HRJFBnvVoHbl2SZ7zxG_RV_u33ZMjiHR6J43bpbz-IlyLuDrNArfi8k4fvpd9Myd0MZYGYXuapopiHVuj-gibrqXw94LTyVzRCH9qcLp8XSoFQBZMDXGh-CZn4cNkdA2vrXGFBE6ZgI7QsqVoqfuVlrp7l7VmEybhEpx97qjpWaRBeQynEpBimwtdTP2BPHCwR7aDS94s5LH6WFYVFMYyfak0mRNKmxnyk-PqP9nYHRgQTz1VviJKYwv-TGdXDpQO9AaShg7wUMGkE3FNn9oqUjdJR0Yg0wb5Wzw_Jsymk9OQK_JZpvzlqswpmQpsDr7Qz_9BtmNfYILIZkI90beJr5fuIboW-AfsnmMcvcLCBvGgYPDsGQ1vspu1P0T7ZKAWNr3EY22zNLLnfNxB2MimkFBvYivyfPEUo1SbyqbsUJH919I5uF3sitelIn2-9hIdw0IBn1NZO0TvNVoaJR-6dsnRTgF7EIU95xK2xdbu-SRr7LrB8-qlSCKNI2ckxLaG56ErZMF49tLWD_WR12Sfx_u0_KkHBMM2onz0NMWEB_QC6wiVLwpXizkPsIN_r4OeKwaJcDz7x3hF_GaT46sIueTP6Ce3j6vdRt7dtLUigUdgW-YTL5PuglT60Cd5jk6Kkg-KruHk_w-L0j8RBjJ1odKuZMFRNGZoKuugHeEpw_ROczs1VMzdAnSlsXZkMwsy6Bb4Duk6iiRpiDW_KEv2abchziZkKb8myvtk0c5c5E7XZEKZnWtB4wu2e2YwG1cHvvVhlTWpfbBEzpThlD-_2unjq4IN_DGsCQ8Di-MMSLWIbe9uGlRPDABXnIGhabj9dha_eQ3BsIq0IVbDFBiNuKIZc9ZnCE_eGW4ficD-ggyIBUlI53MgjPoC1vX1mnhHHOCSeMWZ3QFNvrUZYWIzMwO223plLZqnj-mn7Df27leAdnhGZd28QyLw_tIVl2DtnhyIgUCj7yzLSDrUPOE0lo3KnrxQ66LIR9IIpK0S__l1Pv5xwEic8TSK7HCqbuAhBzUoOZ_Gq_-q_aK1ADCB76gnTav-Zyhzz-L2Sz9n1hPYRRy5GkWdQ3B0PZ5o0KBzOp60If2TcsJGE5OIsKKrjaUd8mDcu_C1LB-OZ6mQ9FjsYySDGXp8De8Zrk06ZKhimuKaIRZqZ4VhhTGgb086ZkhkuAqlGBwiV0_4tiDwkZx-77xV9H-nxuZe8ViuJUq7Kz6r71FcqL3F53gJZIW70gL4u4Y_SoxTAr2D6-l6JmWA&cid=CAQSSwBygQiDYnka_BzAvBMiWc_JKkzz1lmnqe7WR2UsJEyMP93dqtV9tkM8mhTHcl8n0HJ9eCRNoMrsUrmTjPog1Wn903MwhS6MDXYuohgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ds=l&xdt=1&iif=1&cor=2503743497171652000&adk=792902355&idt=233&cac=0&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:20:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2603
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 5499578052516643378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:20:19 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/ Frame D449 29 KB
11 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6977ce9520f2f65449534c21693dc8ffe2b30b3237f2eef6838d6dfc38187e31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:23:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2415
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11383
x-xss-protection: 0
server: cafe
etag: 11247298741758554759
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:23:27 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D449 41 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97867
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 13:52:35 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1ABD 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5481996067979&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1ABD 0
20 B 43ms
42ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5481996067979&version=m202301230201&ct=77&x=1&cor=1980630504628841200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1ABD 15 KB
11 KB 48ms
44ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Du7hv3pP6ZY8owfl32CTAQt8srESkkNyi-5eR4rX-czIr-I-iQy6eg-0Hx7L-p9p1dPPURRzYibDjeC6GiZgeeUUZBIT124kBV3Chg_cO0FY6OYHlJpM1F2ys-43sz7wtJ7Nso-5BnJiVGaCx5Est_gH-o9ZuK7itavx7PU4GSPt5kfgE&cry=1&dbm_d=AKAmf-B4ipdIEPRK5kz1AvEF39C7fnfr-SZqMn14E7EL-EIl2PHx8YrEwQkSoXQPpg9vlYHqxU_Z3k7VMYUIstegOv5XB_RheB0aFy62hh3DsKA4fE11KoOVD0xXsrpkp5Y-vENwjw_49dK0ubdIQeqFsELjgrDQJOP5EMQEFe4rdYZC-lSM65IU1OqzIlas8YQTwRZsXdAlujVlracNgCb4siWDco5vPTZM8T_xoIns2KgWTLopJUVKe0BGH6spwlI24kyb0o3lmXF6OPRD4xsq-lGawN_hNan8loh4750L6-ypWqIo-UmHuq7OunvOEuW8Jg2nLof0z1oi8JbX3WmyhzcQhSiOmJOan81S4of3L2qJoReDp6ww19-4bNsyQZLsvgLHVTuUM4BSACdl9Rhkq7ab1LRd0LCc4Efr1LY0yBHs3ZtDMgRgYaj6A5MUbKTl2Ftzz2kGhyf7eklYLatl-8RAmCQ0WKKOeJA5DOJhq0H7-NLJ9alqqSKoAlzHfTWrCtnXJHduhZr-E-uIHW4KPkZ3i5NBnDxuO1vmQ4U0Gd-bugKkFjE-EyGdTTlPvS9BYxM9DJ33DDFZbPFKenQk9Rn8twT107j4Xx80_Pw0Rr6FRAHlsCBbBzzCVL-_p0IRW1LkM0VxnWBukd0oGOOCFT2nBB_pPe5ef9817PaI6xS05VrrSJvpi98LAil4qn8XAveou2W8c9dVJ9S-7MO91Cn8umb0AG-lYL_RcqLYKAlnq6EnasjLZDYMHfiWEwHcS6ZXRwhZSX4Oej9EtszegRc-1Sp44RvmgIf2PQNJqKT55Ip8oK6-m1QUCeVQCR2Alo5O6f4Ej-k1bfF7jwu9CfEpcHHnfJY87fdXp0U2Wa2RTeZR97IlilFP6EsP-tpupIWZ28YvB54T42W2cLvMHgWjNKoannhYv00hiS_3HO0p2H9ubEXY9oabdL-TQRvevWWKmEcMpnUM9vqS6gAzYIZW9KzXpDDKXJ1xxQ6168yWoKeY-cQjdl5-U4-t_C49CRv53xwdblnlB0IkIzBkKyoqE2oJAKg0QKPvrzfS7JkaR-HIuXVxSbtlYa0vJqLgChxve4wBh0F-2bu1ifk_tAYG6bwprzHmJZ85-WL8sangCCVRd2YtqvYwyil4hKVBGKAHeKp0Ppw1hFmWJnyxZSqc3Y_jHfuURAdPHzcWw-E7HPubzIYDCNZezlaHmMldKRbhM7pmvalnRvwd6M59vwuj8Ig-4N1x5EUq_UL7DwTAxSgaBnL3eQ0bS-VFRMJhHp57_XdSf3lY64yCePWle13X_V_ZW7BVqCV3NdnyJ3U3-NgDeb4k_-ezQBq6058ad34l9cg7xpIAfw94cEDfzFgBKNJkC5Xs68rFvFbirKhJVMqUhx8ZXb_84vuy4nlsxr9BXY5OPt1f8km-B0YiCZWeFtmEYtKJEQbOk1zRjhN7bWYNLChxOohaTb5ZbaQ_ZOI08uExYDS-i45JPjZfznTyTX9nHxOvowKuvEjVqKgg8Dnnu--GM7MwYZd8qT8ICHt9fUg-HLn_d3HvrnFWoFwhQ5hseHt3RNgD1Xo2nP6H-3j-9_hcq_NspXJOH8pU53UjSyVNMLIBoJ4_k1X0a-XNTbkYNVQpmk5Zn-GMjHObEeYJ0Zu1g7w_OO-94L397PygmPEk1f6jz7ZAXmlqkTVMTZeV4kTcUoJ7Cdmh1UhmJA8SXiG9cVhGPjqhR4J_zkJ9kI1uKMoJnMevsbUVMa_XqEIX0Ya6yj_yIz8Rp-szU9Fq09o-3vGJg_S3vaTuUhslDbWHk6yjlRJxRFyixSRSeMgbgZulX6PGrvKrcdoFyNdrK3f8iNkTg0NcYcVoAdzwNvY1wZspx6hDl67uInXeboYQpu75lC-im3g_N7MaspnLjU0MaaZvoftmUwwg7ef1s4PENfot6mMf0FzKtoHPEWTYgbsDWo282dceZOaYfFzhFmnGVq24vGKh3VFx10nFAHP7kTmY0MNVQ1PB_PKOK2rG6aY1w5q3w-5mOPGmaS1OJeGKa1KHO6WW4z80_jq5auhEvM1O2iwo0ASSB2g-ARnlo9Yl-NfsTvOtygsyO4Zc8GcB3-HbVj1UtlkyIEcUN4PXxE3Hl8t9q8vrUaooe2e0UU2ljZZyvQKpkA9gMplNr_317Acuwh7IINmSJEQvaqgIqgqkJTXpxZ4ygCTPZFJto_WfsZMfKfQNokoNW6DYC1lU3Katbzgh_eoYWRNm9EQPImgiMl0E23Dg85HpS_36cFk26_1D_OBrAUVMPo8UOKVhJuWbNUgktw5H0gt-ZplvbkvV326MWj74V-W3lbqX1FpK4D29eVi7QK1uve6JXPzMqROog93DNwEezxi_CS395H54KGvsRyFhcE0Mp6ZAiQ3bQQbroqrPsycadU4856JmnMV1NuakVBFLMSOYi7Vh1OiaDlrwL8xILorlIxioixAxB-kv24cwF8srR_gZFqzz2C4TseLmmTWYokzaGCE4UZXVEQtPmYGdeSxzFIPWJhrcACwyW-bvWXy6_4QssyQBLnaeBWFu2Fm_dWt1mhpQeYDi9mSYO8hS5g9ENCdzs3Wv3kl1FFClv5exMNcOgo2v9oDrRmKqEbRPhQ3PRW5BKqQ0qZa4h4OBm4Qbu_F-YY3T5Ac7nFJ3uTToEKP1DpxSuhPOza8EEODAyx7oohVNh2EmhuxYyB9dxEGDP-qfhBAVlHwsc-PBXJTGTOYn6v5yBj4PjEe5RXktE0kTQlGS9ptabKPiu3C6qQa5t6XcWfslx6M0x6x088rrj33WLnxZAGp8QF9N65VAlXLew-FwLAcr_19u_mTs49Ap9BQHpcg33CKUDAR4rR9J7qbx9P2f_1oGC1Wxu8cWxat70rIlHhp8hs0QURUT-lbl6XmI4cLFh8pF-OcFYMUwlg4g5__b2geEleyNYEyBBpRFBj3G8ML5iYBWivll2djzeRRVoO-UdhjWzK0FXOBtVnB-ZJR7DaNtzPAM_xVqMyoTQsn1pClAyAwHQmQpWUm-yE9OOqidOvBBQjCK_61ICOtlZf-NF_5sLmkWpjzzsQjBixULlwLq0JtMIIhoNkeC6p7BLzqvDXOQT-8ZYB1S8HXl7ASOLiOru3fdpcc3lyKmItFMhjXCZyNotM2Re-RZyBd5TJPDg5Rik8DaxwkGvMlNBr0FcpuloaFgf3rSM9nJDkM6QvbcG_SvLh81IMaQjNAe-yYj-RR4WEySRkJv3rLKv1m0CMI4-ik8Jx0X4zionBAkznfDs6bg2gV70_ZagKXHwbfiIVZlGUnEVZRDzRb2UOteJW3xKG37_O7jXN2MHB3mOoEb_ShluyS1eSodfYg715ViwA8uvh_Uj0TmDLHF0PeoL6n0RXY6apDP23EBzB_d0PZr5f3A3a4G8otTqt8ooEixaInhHrzYzDOrL70PXqQVLi-K6rS_q7Nd5xU13xChpJ3AMgeeJ7dWKgtSmJciwaFtrsjHh6AJXFKYHMBihafTIbdooHvXGLNGb1imacP0N9H6vo4a9n78q9o2rW8BTQG-kwdXDlonyhH4UhzWPegv84ua6JMCgNmEY7BGdHHC0C42Tj8yjIfFoVuwCvq3zSl9YHvx54jt1LR9ddsfd01e0MAt4i5wKYWGpkzzl4zT1wlwUzpL7K_Y10_DMzelxGvm3XY_0SVZ7fpIOiVZDufgmY7qygT7SGfD06aSfFaiM-mffTlYpMptm3zJGsTV6A6eYas9TdtCfEMwI2W6JHYfB_Ib6wYOx8ABNoDgNc6lAaSEFeLRN9tagB8kpsy-aA&cid=CAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ds=l&xdt=1&iif=1&cor=1980630504628841200&adk=2265872549&idt=162&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ab7505ca4f1ddaa78434af8d18b9f0271adee7b6082593ac0e04196219925f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11284
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

user-registering
ads.stickyadstv.com/ Frame B01E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEFIMEmN4sWgjp9o5QqVatvQ&google_cver=1

43 B
645 B

33ms
18ms

Image
image/gif

2.16.202.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEFIMEmN4sWgjp9o5QqVatvQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNWub_Fl1tWKqxUFgAFyy5_iHS5fRZJpC9ngvO7RcGyUfR_7oYQmrxSxzkoHHPOsOFGU-fDAbR-cVTKQz7E-ZJ4T7eIduaF13w4Hn8IEIQkTLpkAv5pUcsSNmmf7arxdKCz0a5fPVA_knS_TOhEZt4Kt2aXGBc2VFsS5Fwv1uSF5uT_ATNuIxs05VXS45u5pdODD5zz9x6Sb6HA2Ls-N9KYstBBBxA
Protocol: HTTP/1.1
Server: 2.16.202.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:43 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1687367023089057-568
Expires: Wed, 21 Jun 2023 17:03:43 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEFIMEmN4sWgjp9o5QqVatvQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 317
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B01E
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YzQyYjgzODhlOTNmYmEzNzY5MWNlZDhlNGEzZWJlMzY=&gdpr=0&gdpr_consent=

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YzQyYjgzODhlOTNmYmEzNzY5MWNlZDhlNGEzZWJlMzY=&gdpr=0&gdpr_consent=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNWub_Fl1tWKqxUFgAFyy5_iHS5fRZJpC9ngvO7RcGyUfR_7oYQmrxSxzkoHHPOsOFGU-fDAbR-cVTKQz7E-ZJ4T7eIduaF13w4Hn8IEIQkTLpkAv5pUcsSNmmf7arxdKCz0a5fPVA_knS_TOhEZt4Kt2aXGBc2VFsS5Fwv1uSF5uT_ATNuIxs05VXS45u5pdODD5zz9x6Sb6HA2Ls-N9KYstBBBxA

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:43 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YzQyYjgzODhlOTNmYmEzNzY5MWNlZDhlNGEzZWJlMzY=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1687367022956072-578
Expires: Wed, 21 Jun 2023 17:03:43 GMT

GET
H/1.1

200
OK

user-registering
ads.stickyadstv.com/ Frame 73CE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEFIMEmN4sWgjp9o5QqVatvQ&google_cver=1

43 B
646 B

32ms
16ms

Image
image/gif

2.16.202.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEFIMEmN4sWgjp9o5QqVatvQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNW1djo7qBWqGf21_7hyL8cD_gAR7rH5h_E1tXiCUDiU6SskqyaIs6UhdwPmmVz0ovsQVl9HkyGnLijurf73LroFG62sG2uatAbMx1_69enARnmRXRn6qEyG7TS8bxhwJkp9Qxd_Wvw9SEHj5aQ3iwQ6Fwf78fFPBR5YFtPZ0knbmW1aAZwIO-rWDNVYHWTiZp3ANkv4vRC2LrM51t8-NWNxGvZseg
Protocol: HTTP/1.1
Server: 2.16.202.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:43 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1687367023121026-506
Expires: Wed, 21 Jun 2023 17:03:43 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEFIMEmN4sWgjp9o5QqVatvQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 317
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 73CE
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ODhhMDI1NmY3ZDRlY2YxZTY4OThjOWQxMmIxMmQ0OWE=&gdpr=0&gdpr_consent=

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ODhhMDI1NmY3ZDRlY2YxZTY4OThjOWQxMmIxMmQ0OWE=&gdpr=0&gdpr_consent=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNW1djo7qBWqGf21_7hyL8cD_gAR7rH5h_E1tXiCUDiU6SskqyaIs6UhdwPmmVz0ovsQVl9HkyGnLijurf73LroFG62sG2uatAbMx1_69enARnmRXRn6qEyG7TS8bxhwJkp9Qxd_Wvw9SEHj5aQ3iwQ6Fwf78fFPBR5YFtPZ0knbmW1aAZwIO-rWDNVYHWTiZp3ANkv4vRC2LrM51t8-NWNxGvZseg

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:43 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ODhhMDI1NmY3ZDRlY2YxZTY4OThjOWQxMmIxMmQ0OWE=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1687367022998034-600
Expires: Wed, 21 Jun 2023 17:03:43 GMT

GET
H/1.1

200
OK

user-registering
ads.stickyadstv.com/ Frame F6C3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEFIMEmN4sWgjp9o5QqVatvQ&google_cver=1

43 B
645 B

39ms
29ms

Image
image/gif

2.16.202.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEFIMEmN4sWgjp9o5QqVatvQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNWYmgpO-bnZEK-7ApZZO0nCH0_q56W2yuWuvQSx689e9GaJtLW11Gu8r7KcKuh31EqDhHOW2lAcuyy5-BmFvUFmtuZfu1WJhL8GQMVPs4Uso_rBYPu0rsoFSJ080e4CeVy4An4fW9XjrDo_8xI_0ivo1nncAlBe7T2J0Q-HAQ3HsEoMpBBZwyY0aBRoUYsjSxJUOsGnmQNB3uFi1C5viwgxqlA4iQ
Protocol: HTTP/1.1
Server: 2.16.202.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:43 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1687367023110060-586
Expires: Wed, 21 Jun 2023 17:03:43 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEFIMEmN4sWgjp9o5QqVatvQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 317
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F6C3
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MmNmOGExMTI5MWVhNmI4OTM1MmZlZTk0YWMxOWUwY2Y=&gdpr=0&gdpr_consent=

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MmNmOGExMTI5MWVhNmI4OTM1MmZlZTk0YWMxOWUwY2Y=&gdpr=0&gdpr_consent=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNWYmgpO-bnZEK-7ApZZO0nCH0_q56W2yuWuvQSx689e9GaJtLW11Gu8r7KcKuh31EqDhHOW2lAcuyy5-BmFvUFmtuZfu1WJhL8GQMVPs4Uso_rBYPu0rsoFSJ080e4CeVy4An4fW9XjrDo_8xI_0ivo1nncAlBe7T2J0Q-HAQ3HsEoMpBBZwyY0aBRoUYsjSxJUOsGnmQNB3uFi1C5viwgxqlA4iQ

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:43 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MmNmOGExMTI5MWVhNmI4OTM1MmZlZTk0YWMxOWUwY2Y=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1687367022989053-592
Expires: Wed, 21 Jun 2023 17:03:43 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 632 B
302 B 310ms
309ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=227302566722832&correlator=2689278792155946&eid=31074824&output=ldjh&gdfp_req=1&vrg=202306140101&ptt=17&impl=fifs&iu_parts=21715141650%3A1840275%2Cdesktop_square&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250&ifi=18&adks=3822297798&sfv=1-0-40&prev_scp=dk_refresh%3Dtrue%26index%3D6%26hostname%3Dwww%2Ccorreiodopovo%2Ccom%2Cbr%2Cwww.correiodopovo.com.br%26pathname%3D%252F%26placement_name%3Dsquare%26secom%3D1%26tier%3D1%26requested%3Dtrue&eri=1&sc=1&cookie=ID%3D24374c29096ff7d2%3AT%3D1687367020%3ART%3D1687367020%3AS%3DALNI_MZatcUSJN77lwWveC52MzCRo6eHAA&gpic=UID%3D00000c326f282931%3AT%3D1687367020%3ART%3D1687367020%3AS%3DALNI_MZDvftnhDeWWJVkCY6Fap_3iNVKIw&abxe=1&dt=1687367023028&lmt=1687367023&dlt=1687367019376&idt=1063&adxs=1034&adys=5381&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=15&ucis=h&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&frm=20&vis=1&psz=336x-1&msz=336x-1&fws=4&ohw=336&ga_vid=246229871.1687367020&ga_sid=1687367020&ga_hid=792804722&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

307f7b425be5f92185ae9899e004c3dd5181ebb15bdfc95dfd2d43f9876beb53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 273
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5634 0
0 54ms
53ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJVnbbS2TZICkA6nK7_UP0LKH-AGo0IiacLz3juKREaKIqpmRKRABIJPTxDJglYKYgqwHoAGCkOWHA8gBCakCigNiWNpRsj7gAgCoAwHIAwqqBJoCT9A4VOTMyAca4wZG1hTxohibdPtP0RyXx86WmyHBCq8JwV6DXHEwo1ht0jIhYCzS8V1j9FIRuyeWeWing_qn0ZkjZBtKhLMykEtBg3Yk9vPRBc5o8GvOmJEb2QatbiDFH9o7UpHiwAnhHqqiYvUHjQO0mDmQiV9fBdGoo1kPi-V10wbtWtLfhcHuJn92dDqAqPpHv96YQ9SU0s3RmVWnilBnp8qPHtQ4MRjFQSad1nUFNVq4uZehK4DheOIPDeUtOYvGfxFGWeS1VXqdtElKeknY1AYd1k0eXBrtGQkAttsz8mQYfPMUeVp6Eg3jkk2Yc1DzFcBtjMP1KzTLo71Nb2vV_yikYrpC6Y7PcXq4T5ZGa6kTWtugppYDwATav-zp3APgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHzIGtKKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIGRB9IIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwG4E-QD2BML0BUBgBcBshceChwIABIUcHViLTM0ODgwNTM1ODI2MjIwODUY16EL&sigh=dDqmwZnd6Gg&uach_m=[]&cid=CAQSTABygQiDFmgt5HRl-FJ4dul9tkhD8KnLk__ZuV26JydKhRcJ1rlqPoTTPCEkeSh6LrsP0KEGlesVTZgTRvXAoplDh5DuCohbBArhLEUYAQ&template_id=484&cbvp=2
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 /
www.google.com/pagead/1p-user-list/801247112/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/801247112/?random=1687367022183&cv=11&fst=1687366800000&bg=ffffff&guid=ON&async=1&gtm=45be36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&frm=0&tiba=Correio%20do%20Povo&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1228446982&rmt_tld=0&ipr=y

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/801247112/ 42 B
64 B 22ms
21ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/801247112/?random=1687367022183&cv=11&fst=1687366800000&bg=ffffff&guid=ON&async=1&gtm=45be36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&frm=0&tiba=Correio%20do%20Povo&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1228446982&rmt_tld=1&ipr=y

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/814785950/ 42 B
64 B 21ms
21ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/814785950/?random=1687367022275&cv=11&fst=1687366800000&bg=ffffff&guid=ON&async=1&gtm=45be36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&frm=0&tiba=Correio%20do%20Povo&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1724352342&rmt_tld=0&ipr=y

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/814785950/ 42 B
64 B 22ms
21ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/814785950/?random=1687367022275&cv=11&fst=1687366800000&bg=ffffff&guid=ON&async=1&gtm=45be36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&frm=0&tiba=Correio%20do%20Povo&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1724352342&rmt_tld=1&ipr=y

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame C1C5 50 B
89 B 9ms
8ms XHR
application/json 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.correiodopovo.com.br&client_id=172526348210-or5nfffa5l6rbsvruouad2070j7ngoec.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.Cy1mcuq0pv0.es5.O/d=1/rs=AOaEmlEhj5HVJD_ZY3G6uojx-6HYajJIjA/m=base

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

427653d8b0569e986b88bb7dca1852b627a034f69be1da68b150eb0d2bbacb5d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-QDyLActa5Z9d-9sSGHJdqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-QDyLActa5Z9d-9sSGHJdqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
x-content-type-options: nosniff
date: Wed, 21 Jun 2023 16:57:32 GMT
content-encoding: gzip
age: 371
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Origin
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 21 Jun 2023 17:57:32 GMT

GET
H3 200 www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame DD83 9 KB
2 KB 10ms
9ms Stylesheet
text/css 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.v28TTIwVaSQ.O%2Fd%3D1%2Frs%3DAHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.v28TTIwVaSQ.O%2Fd%3D1%2Frs%3DAHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 12:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 361972
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2447
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 01:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 16 Jun 2024 12:30:51 GMT

GET
H3 200 www-subscribe-embed-card_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame DD83 149 KB
150 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.v28TTIwVaSQ.O%2Fd%3D1%2Frs%3DAHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 10:57:33 GMT
x-content-type-options: nosniff
age: 367570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153068
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 16 Jun 2024 10:57:33 GMT

GET
DATA 200
OK truncated
/ Frame D449 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d9dd9255702a65fb1e002db15a9a4013bb940430a2b0c1133fe74087aa869f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2EA9 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3851251006634&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2EA9 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3851251006634&version=m202301230201&ct=76&x=1&cor=7374407698534579000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2EA9 93 KB
37 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BzdRFhBlZYhB8iv7kUVxvgEl6Z7ioljzvj6OXkopJVDtBTOGWV4Q3FeOQx4sFeVRBC4F0HIuYrXludvJ1WyQfep11r6F1Zv2FjqLtyGI69fNmDrkpSSNurDIrkLS7Tnll9RhJbUTvMfzjo_kDY0BJz6SWcSI9h9N7OGDMbwGwZx9AgFqg&dbm_d=AKAmf-DlJ5PbceoBaB8oOjwGTG3Q0PUIqgkRCriwHDu5_hMY7Y76uYl2XyKirnWOX_CQMdliXBt599VOy09QrbjA9TRKgqWyY70sE_x-JYGqgE5pg7-0HSrvygzmBs-OF0LtPeRuRX5fXeipy3PYR8hz63q9ldZOw1M2scGCMMRiyeXUmOK-z7Noz9pi-tt3idiqPmQXQYiI7eTz-HscLrlCDLHM5L9-7HsrVKhPK0TF7H48kGk2Lx4RHS_j-LRaI8_R6jcETnpmAGEI_oNB59-YXU2yvRnsY1eza7mzGwth56dtVIjn4ARanlBwcs8hNYQS7mj4dDEoeAj8qBLXlXoWSgPNMW6dN93yy9EfcYH-iXfyLdimWoW6PUvugkumWxnmSygzGnw0uv8vBu6hAX5O-aj0XznP8YTPFoIe_-iQld_TjsdEJIipz5d7MrB_lrkIIrXsvWzQgDvwd4tiO8rvzl-XUrR8t4ACywLkQqc1ZS90FcjreU4SjKa_5HspjrmW1jPH1377DOf4J1rwkt8TXe1LM4IO15PDaPuHtZDRk_ZCDo9AMCtsSs8asbDz-xSqRY6XDCKranpXlKaCyxBw4RtSnEIYBwvNL72Wi5dNYzjvbV2tFeWqFfTkDWEOc14udGpsD5znijUjYyHa2yXSg-Unm_0ss8CxN5oHoVNYmBzTQHPq1EA2Q5rczA_0Ghv6m363eOY_4V9yEQvx7ZiISWn3UECk2Hf-yVuxNr90JJOF8HbSsupxXaEOkTxdPqI81jmqNi5EPAlF9t8jZ2IHiTFwKBh5D9olmLqVjnrx5QO5T_x4frp7PAXGdgkLjKz_Kb4km6JeaMDgrn-C4QHT_Mts3yaigjDvm9Ds6S_8_EL3hE2WNy7RzSd9fvCjv12rsDrSxeOs27I33Hww_rriCtnnnpQexdDSEh7qZZ7IZE_Axhf5Jb1hTvxF0cU7bXfObW7KGcCRFV2sWyZLaBUdiLR0BcTzM5eC-ShpIyWYL9UTHUp7Gdgb1KunTkXCZYbQEAHrD_fxnyg5UQ5Q65PnfypVQLbsqm5-l7ehiy0H40WU6onhu9nafIz4RK6Hczdzoq-zgIgKM8ZRgDvVYmEFPiY1lO4BAo8RlSR9sImSeQIWx-fx3noFWZbEfON6S4Tqju13yIvOesgVssBmrTgHTl1L9OOCfxjPp03fmAOSZKq7ArH9L6QdeFEFpZ8OiRHPydPgrDr4tR6mbDrpI7w-PenzFc8Tfs-pUOkdwob8iO-hkXd56aw11-79wZbXMEP7-h2je9A28QAO7d6N5UcGlDact_P7W5fqnO6oaNAgZ8MaEaIpSkWBoRygBPwKJQqNEuF1K0-6Lnin5Wjw9LWOGT7zucaNduvw8AL1uxEspWkoMqEgkD0s4Bk-suQ_ReIDo929HCBkpKyEifQDYPAoStPDk_zjLIEOWv70O62lHDvgVyX6wQrcAzr8OobHHCVWVPDKmkDpqVABG2y1w5i3BEyypoT5nEO-Az5rKp_BAESTriAmwSvtHwfRMmXghkXeSIuIfBlIgJ5jXWZc67-avHa6Nztwyml9CA58yz8jB-B2V5Dk3dlzDEgAdYixiwK5C1j8iEvvhrAb9-nKecobGNovVmaW2TrsWLvhV88QHR9QdRYhE5lnm82bh_4DtsQpl9eP0GdlPZrUbAk9dE0tS95hQbhn43AY9D3dZm09NKh3CFyjXUkH-7Ug8UOVtCzj8qYIgS-Ycp5mZYSPObybxIDW0QSpAZhbTe8ou0zDcZOMpu8XX7ROdgCa-l017XCET-6g3f0OKYvUq4VQ6qu0vH2bZElpDex5vDTI4tHoGYBz_YDkkPU0vr0Kp_8-Gk9CgdaZ6ww_OEoeTw3t4a_W_gcepr2h_Ulrix0vyuQnygD3pSV-mdLu5itJwDSwkUAsRTda0RO8IwF0aZLr1kZKBNJHx0-m-MfLmi5E6pxYxL3C38OhOfEvVhz7tdCH6Dyg0rO8-1ArNJxCxXGfJD2ybTDND0GyzTo7DTPcaFwovfMov5SOGyeaXEicn4xbNMmdeVfoft8RdWg4wz8F5ZJ7EWMwVxpyzMhxbop2zW3LY6v9gXo393jhklgCXy4sbn3UxeKmsXPtAYbZATu6GTHbCsL6Megv2NbD6vNYoTBRX4zhG-Z7zyN-4uSxxb6YK4xhMKdHnHimZczHyXwX-qvjSptaqZb47Yt0N_HUB20W0QbJorTgwHijkVt7y8KxsSPXEOYQgZacP0sSvAm-a_1GUVb4FlB_6dd1sAgvQoQ1PoCauY8niEzBEkrf6QSd5VmzzdysJgOVcgAtXr2KihDf2as2es4tpwUgB4N3Q-JK3QOXKTYvn215irHo-GB4AYMUjzRLt4sv41aVhTSG7n21YTgFMUKp2KXfd8WxCzPgNK3PmaYsmDQq9WgqxINteRJaQL_DT5ol9lDfve8c_zRayUvoyICHTCRstiYYOlyM0xqgKPmAUMtfb72YAU0NtvvzMhFoooO5sm7WABsYYUpvtTsbeI4tFieZE7sVaHSULqzyYVjnYz39AUpWInl_WHtRGLgs6c2xJJf32ZSO_1X0iVPuDLQ71hAlmL_BVxIz2X6RlUFplJ0qoAoOVAhjI5pFj5p4xPMi-9yWMRe96GNGe1ARmJSeEzDIs176Qx3ynXc7OzVFc7vxB8qSS6NfONPp_lfWPrPrkEFuBNhFTO5fJrhXVAW6Et4th9rG0pwkMMxHMF0iUTnDBEfJ_Bz4YkmRQQmna4nXyxBNBBFYOgMfhBoAc5QQ6-g0jmPNUo5tBP2pZqbf1Q9KMsaVEEJlOv5tGhKVa-M3FXiG7iCHFfnYCXGq_FY6mltul7jzeIypd4hBI0SWtNzYIq6ccNDqUpiz7uHG6SDwd0JgvwhahSW6IKHFpeYKnShZ-sxp8zTIfyfrRNGdoOCNmkxQw_xt-fQhzD84RlmwlR-P3u8bSDP7Bg9TQvkAuyFqSSRhYLIbsgZjS7xf5f7ZguIviCQdPWBAg_Og5xwY_fZS4czlNumw1lvU9qJnO4x-HthKeVB-ppl3tMeP1FsNNhJ8k0XYzd4DLoWz2xR3B-ITlcWDFghFHSz6P_hu2TeOZj1zt52AB8OGyVWkh7M1iRqqHDHpjbcusXM4SvEGgXAHt-BMtevmKWTxpLiOTTMDKQoXE_kPVEZNfU9VysJuA1rIqSJC_zvXdMapM08I6o2ja2JRZ87RihFmyR3OS2o6IKi-K8GOq9W-IjsUpZOQHKcUEJgMJeaHY8hdcPPPCqzbdnYA7uNEAG6UOaB3CcLMb5wp2nao9o2aIAEus54zlfL04dMNSj5a15kZV0QpbiSKyDv1IWrE-oIZyFGTUDXGdMD74AlwfNyjUR-rAE-ksp81iqxZFWl0QUBmRCM47fjMcvLW86cntoAqwWanJSYcUubuygR6bCH7ziqojnhAfrjYTh5VwETqDcgulXNH5Wejl9poxrAMRejx2tvt1cwraWhEV0mRKzWsVwThxlVNK2_OzEixufzHKLgs8qexREvjXsNyK9iQQ-pNMw7sWes1aKdGmZXzIUZMG2NzNI8MZBvQQfguoFwD2mj2znaNMVSfdEvI-cXW1ro5-ygiEytmj2X_Wus7rc0gF6okQviQZmutuuWhvM7BbaOZQjquDS3HjveFQj1MvRWkRZqyPQ_AjutNjCfSJBNJRkqUQ9REcRmi2RCpNF7JU97zS4rT4D_w-jbiRJyB8vvxTyc1wro9m7UPFyqFNYfaiWxYNTBuaVBis8oYDtLIgywVvKLgLJUiilvUV2KzkjdRGpV_d9ksLZc6-KKvU1uD7CGu5thpH7ahmJe6aXLZaCvb09zf_y1EJOKbbK2RCS1k6mib9-qArPONNonAGAyN3qEjApE&cid=CAQSKQBygQiD8G9ZERdI3gx4sTb61D2vxgcxIggHpiioKdnGVIwq8AK46cCDGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ds=l&xdt=1&iif=1&cor=7374407698534579000&adk=531095043&idt=60&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a44b80afa6090ac98f6c8d70ac42f94a76777f13eccadab352abbe9bd3f72b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38121
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK e99aace94e6e5873881d3400993e1e7e Show response
pv.medialead.de/trck/epv/ Frame 5165 0
366 B 169ms
95ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=14047100088712104444978012362014&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=57201e1c70&subid=&uid=c0400d1677787a1f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCK8y1bC2TZO2FIZ6A7_UPm_-XoAOm5b2gab2YnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAooDYljaUbI-qAMBqgSYAk_QzL-5ZGdNcf2q2Mu-2CftQcbUfkQx-rUKksqqBXOyT3CXS51JONI2lnVa4Fmch2FHmeqkG0cBUU9nwWZqvd7Vu0hYc0fq_VSsFhB1fJmoJrT5_OdvoSOz1SFlq4rhebKC9oDZaGaCbq4K1SDhTXNI-4MqH2pFZZcVAORLfqkfm7yeyO1VRjgD7Ku04VLsgKQkVMgTlZ9u1GgMZxvJ1YXo0rdELCFK6hAdofA2olmLWzzSD6GjTE4pKJbilNrQN3NZp1MEIHLM0qW0Yw7IGxNy_QpHDwysH2GYDOhrwQ2JhrPXUy9-lPV4vYfwBFuzz9gv4vrFMXa8KNht64o9nBCaTOF94sCyhQcfmlpy8f0YeGvGtXwadurABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBygQiDLI7b8IcdlIPO7svN-c56WJEoL1dkldzlvZziKR7SRTY_f3yS3Li6-4MbO4tclIp3AG-p1oBNL1flogAug6iUBDuMcKMdnhgB%26sig%3DAOD64_2-dtJl7C8-ig7-HcOrXvyqApkCcw%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-A75K4vXUex7iamCqPzMJX1FMUrREW3ytTVGQH1RwEwfiCuTur6Blx2YUc1WutbyuzxoVbKwlbeAwEYFiPgJbextDhyAH2O75VeVHx5hnRJ97M2qGfdNghQ0EvazFYzcACdKqrUmgDO0mtPEHA8KsDSQDVxZYjAzV1UfA9t9AiBGFyDlL0%26cry%3D1%26dbm_d%3DAKAmf-ATbi0ZUkkr1GArhfdN2DCJIF6yiam9k3-JtbLCITbtcUOuC4jO3RlzbRCMEzXT1K5SQhCI2BlJGRY_bW-RlR85vl46MqLwZRjZTbflhzy9hmuHfNVuNnu6IFNqHkdq1MeqTOfp_v2aUs634uI5UKO14fF_hy-Q8oSSzD4Jrc8bbTGaVGKO1uY9jpEs5XoOGZyojgve_muBpvoPJbGIrTmAhuygohfZzJMHEAO-ZHD2jl8-JPd13JOumpvUfAGF0nRpFMsuC3zNqXuxZVwGBd7xQwZAUXqzjJH4A3WDr09PqJZeXtVe-XFvYEETbsUtejFRWXyaZjM0zeL3DN88JKcd0P_S4fEwZzBExPL-Gfh7-pG4hq6o_81H7QKFoksqGbJOZ9-JSoDhmM3CCebNjrYlfPKLhJ3TbBh847d-M3-pWZyNgKAAgSbzb14rb5ibA414_nsN7k3DO5poSYMBkAjKMT0Dnum1jDEGqLAribyAtvLbZtyirNar4mbmntAXPB-IS0avyuxQjMX-9Pl6n0O7Z-1XBwSKgcmj9_6Rrt3g0bFnI3mC5m5ZB9YeZIVISiK4_Ovy%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=3425197261540&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 0
Content-Type: application/javascript; charset=utf-8
Date: Wed, 21 Jun 2023 17:03:43 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: 253A3AF8:EBF4_91EFC182:01BB_64932D6F_262BB4F:25BCF

GET
H2 200 / Show response
adv.office-partner.de/ Frame BC45 930 B
931 B 68ms
7ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=57201e1c70&subid=&uid=c0400d1677787a1f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCK8y1bC2TZO2FIZ6A7_UPm_-XoAOm5b2gab2YnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAooDYljaUbI-qAMBqgSYAk_QzL-5ZGdNcf2q2Mu-2CftQcbUfkQx-rUKksqqBXOyT3CXS51JONI2lnVa4Fmch2FHmeqkG0cBUU9nwWZqvd7Vu0hYc0fq_VSsFhB1fJmoJrT5_OdvoSOz1SFlq4rhebKC9oDZaGaCbq4K1SDhTXNI-4MqH2pFZZcVAORLfqkfm7yeyO1VRjgD7Ku04VLsgKQkVMgTlZ9u1GgMZxvJ1YXo0rdELCFK6hAdofA2olmLWzzSD6GjTE4pKJbilNrQN3NZp1MEIHLM0qW0Yw7IGxNy_QpHDwysH2GYDOhrwQ2JhrPXUy9-lPV4vYfwBFuzz9gv4vrFMXa8KNht64o9nBCaTOF94sCyhQcfmlpy8f0YeGvGtXwadurABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBygQiDLI7b8IcdlIPO7svN-c56WJEoL1dkldzlvZziKR7SRTY_f3yS3Li6-4MbO4tclIp3AG-p1oBNL1flogAug6iUBDuMcKMdnhgB%26sig%3DAOD64_2-dtJl7C8-ig7-HcOrXvyqApkCcw%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-A75K4vXUex7iamCqPzMJX1FMUrREW3ytTVGQH1RwEwfiCuTur6Blx2YUc1WutbyuzxoVbKwlbeAwEYFiPgJbextDhyAH2O75VeVHx5hnRJ97M2qGfdNghQ0EvazFYzcACdKqrUmgDO0mtPEHA8KsDSQDVxZYjAzV1UfA9t9AiBGFyDlL0%26cry%3D1%26dbm_d%3DAKAmf-ATbi0ZUkkr1GArhfdN2DCJIF6yiam9k3-JtbLCITbtcUOuC4jO3RlzbRCMEzXT1K5SQhCI2BlJGRY_bW-RlR85vl46MqLwZRjZTbflhzy9hmuHfNVuNnu6IFNqHkdq1MeqTOfp_v2aUs634uI5UKO14fF_hy-Q8oSSzD4Jrc8bbTGaVGKO1uY9jpEs5XoOGZyojgve_muBpvoPJbGIrTmAhuygohfZzJMHEAO-ZHD2jl8-JPd13JOumpvUfAGF0nRpFMsuC3zNqXuxZVwGBd7xQwZAUXqzjJH4A3WDr09PqJZeXtVe-XFvYEETbsUtejFRWXyaZjM0zeL3DN88JKcd0P_S4fEwZzBExPL-Gfh7-pG4hq6o_81H7QKFoksqGbJOZ9-JSoDhmM3CCebNjrYlfPKLhJ3TbBh847d-M3-pWZyNgKAAgSbzb14rb5ibA414_nsN7k3DO5poSYMBkAjKMT0Dnum1jDEGqLAribyAtvLbZtyirNar4mbmntAXPB-IS0avyuxQjMX-9Pl6n0O7Z-1XBwSKgcmj9_6Rrt3g0bFnI3mC5m5ZB9YeZIVISiK4_Ovy%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=3425197261540&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Wed, 21 Jun 2023 17:03:43 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Wed, 28 Jun 2023 17:03:43 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

htlp Show response
futalis.de/ Frame F6F4
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=14047100088712104444978012362014&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2806776007

350 B
401 B

55ms
17ms

Document
text/html

167.233.14.134
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2806776007
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=57201e1c70&subid=&uid=c0400d1677787a1f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCK8y1bC2TZO2FIZ6A7_UPm_-XoAOm5b2gab2YnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAooDYljaUbI-qAMBqgSYAk_QzL-5ZGdNcf2q2Mu-2CftQcbUfkQx-rUKksqqBXOyT3CXS51JONI2lnVa4Fmch2FHmeqkG0cBUU9nwWZqvd7Vu0hYc0fq_VSsFhB1fJmoJrT5_OdvoSOz1SFlq4rhebKC9oDZaGaCbq4K1SDhTXNI-4MqH2pFZZcVAORLfqkfm7yeyO1VRjgD7Ku04VLsgKQkVMgTlZ9u1GgMZxvJ1YXo0rdELCFK6hAdofA2olmLWzzSD6GjTE4pKJbilNrQN3NZp1MEIHLM0qW0Yw7IGxNy_QpHDwysH2GYDOhrwQ2JhrPXUy9-lPV4vYfwBFuzz9gv4vrFMXa8KNht64o9nBCaTOF94sCyhQcfmlpy8f0YeGvGtXwadurABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBygQiDLI7b8IcdlIPO7svN-c56WJEoL1dkldzlvZziKR7SRTY_f3yS3Li6-4MbO4tclIp3AG-p1oBNL1flogAug6iUBDuMcKMdnhgB%26sig%3DAOD64_2-dtJl7C8-ig7-HcOrXvyqApkCcw%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-A75K4vXUex7iamCqPzMJX1FMUrREW3ytTVGQH1RwEwfiCuTur6Blx2YUc1WutbyuzxoVbKwlbeAwEYFiPgJbextDhyAH2O75VeVHx5hnRJ97M2qGfdNghQ0EvazFYzcACdKqrUmgDO0mtPEHA8KsDSQDVxZYjAzV1UfA9t9AiBGFyDlL0%26cry%3D1%26dbm_d%3DAKAmf-ATbi0ZUkkr1GArhfdN2DCJIF6yiam9k3-JtbLCITbtcUOuC4jO3RlzbRCMEzXT1K5SQhCI2BlJGRY_bW-RlR85vl46MqLwZRjZTbflhzy9hmuHfNVuNnu6IFNqHkdq1MeqTOfp_v2aUs634uI5UKO14fF_hy-Q8oSSzD4Jrc8bbTGaVGKO1uY9jpEs5XoOGZyojgve_muBpvoPJbGIrTmAhuygohfZzJMHEAO-ZHD2jl8-JPd13JOumpvUfAGF0nRpFMsuC3zNqXuxZVwGBd7xQwZAUXqzjJH4A3WDr09PqJZeXtVe-XFvYEETbsUtejFRWXyaZjM0zeL3DN88JKcd0P_S4fEwZzBExPL-Gfh7-pG4hq6o_81H7QKFoksqGbJOZ9-JSoDhmM3CCebNjrYlfPKLhJ3TbBh847d-M3-pWZyNgKAAgSbzb14rb5ibA414_nsN7k3DO5poSYMBkAjKMT0Dnum1jDEGqLAribyAtvLbZtyirNar4mbmntAXPB-IS0avyuxQjMX-9Pl6n0O7Z-1XBwSKgcmj9_6Rrt3g0bFnI3mC5m5ZB9YeZIVISiK4_Ovy%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=3425197261540&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.233.14.134 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-2.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Wed, 21 Jun 2023 17:03:43 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2806776007
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame CEAF 2 KB
2 KB 160ms
66ms Script
text/html 3.11.176.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=14047100088712104444978012362014&nw=1
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.176.98 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-176-98.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 3f05b22972922c3ccd4dc1d4e637a837bf29f40ec9d428c727f6ca2b28e5c18e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:43 GMT
last-modified: Wed, 21 Jun 2023 17:03:43 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 21 Jun 2023 17:04:43 GMT

GET
H2

200

activityi;dc_pre=CJCkl4Ds1P8CFckOogMdcNICPw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6030716497474.007 Show response
8019191.fls.doubleclick.net/ Frame AA90
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6030716497474.007?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CJCkl4Ds1P8CFckOogMdcNICPw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6030716497474.007?

391 B
327 B

61ms
60ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CJCkl4Ds1P8CFckOogMdcNICPw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6030716497474.007?

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

decd63a0a791cb423f6e763edef7277f0858b3844412b9264682cb58a8321a86

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 218
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:43 GMT
expires: Wed, 21 Jun 2023 17:03:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJCkl4Ds1P8CFckOogMdcNICPw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6030716497474.007?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900014.redintelligence.net/ Frame 773C 7 KB
2 KB 34ms
12ms Document
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request_content.php?s=14047100088712104444978012362014&a=915b2bc3
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=57201e1c70&subid=&uid=c0400d1677787a1f&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCK8y1bC2TZO2FIZ6A7_UPm_-XoAOm5b2gab2YnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAooDYljaUbI-qAMBqgSYAk_QzL-5ZGdNcf2q2Mu-2CftQcbUfkQx-rUKksqqBXOyT3CXS51JONI2lnVa4Fmch2FHmeqkG0cBUU9nwWZqvd7Vu0hYc0fq_VSsFhB1fJmoJrT5_OdvoSOz1SFlq4rhebKC9oDZaGaCbq4K1SDhTXNI-4MqH2pFZZcVAORLfqkfm7yeyO1VRjgD7Ku04VLsgKQkVMgTlZ9u1GgMZxvJ1YXo0rdELCFK6hAdofA2olmLWzzSD6GjTE4pKJbilNrQN3NZp1MEIHLM0qW0Yw7IGxNy_QpHDwysH2GYDOhrwQ2JhrPXUy9-lPV4vYfwBFuzz9gv4vrFMXa8KNht64o9nBCaTOF94sCyhQcfmlpy8f0YeGvGtXwadurABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBygQiDLI7b8IcdlIPO7svN-c56WJEoL1dkldzlvZziKR7SRTY_f3yS3Li6-4MbO4tclIp3AG-p1oBNL1flogAug6iUBDuMcKMdnhgB%26sig%3DAOD64_2-dtJl7C8-ig7-HcOrXvyqApkCcw%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-A75K4vXUex7iamCqPzMJX1FMUrREW3ytTVGQH1RwEwfiCuTur6Blx2YUc1WutbyuzxoVbKwlbeAwEYFiPgJbextDhyAH2O75VeVHx5hnRJ97M2qGfdNghQ0EvazFYzcACdKqrUmgDO0mtPEHA8KsDSQDVxZYjAzV1UfA9t9AiBGFyDlL0%26cry%3D1%26dbm_d%3DAKAmf-ATbi0ZUkkr1GArhfdN2DCJIF6yiam9k3-JtbLCITbtcUOuC4jO3RlzbRCMEzXT1K5SQhCI2BlJGRY_bW-RlR85vl46MqLwZRjZTbflhzy9hmuHfNVuNnu6IFNqHkdq1MeqTOfp_v2aUs634uI5UKO14fF_hy-Q8oSSzD4Jrc8bbTGaVGKO1uY9jpEs5XoOGZyojgve_muBpvoPJbGIrTmAhuygohfZzJMHEAO-ZHD2jl8-JPd13JOumpvUfAGF0nRpFMsuC3zNqXuxZVwGBd7xQwZAUXqzjJH4A3WDr09PqJZeXtVe-XFvYEETbsUtejFRWXyaZjM0zeL3DN88JKcd0P_S4fEwZzBExPL-Gfh7-pG4hq6o_81H7QKFoksqGbJOZ9-JSoDhmM3CCebNjrYlfPKLhJ3TbBh847d-M3-pWZyNgKAAgSbzb14rb5ibA414_nsN7k3DO5poSYMBkAjKMT0Dnum1jDEGqLAribyAtvLbZtyirNar4mbmntAXPB-IS0avyuxQjMX-9Pl6n0O7Z-1XBwSKgcmj9_6Rrt3g0bFnI3mC5m5ZB9YeZIVISiK4_Ovy%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=3425197261540&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: d9b92c1cb9ffb0e233e928d7cb3804c51b97f07096c2f6bf3ad7d4f5df6df1ea

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2031
Content-Type: text/html; charset=utf-8
Date: Wed, 21 Jun 2023 17:03:43 GMT
Expires: Wed, 21 Jun 2023 18:03:43 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame CEAF
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=14047100088712104444978012362014&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=14047100088712104444978012362014&t=htlp&gdpr=1&consent=1&gdpr_consent=

43 B
382 B

96ms
96ms

Image
image/gif

145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=14047100088712104444978012362014&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:43 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 253A3AF8:EBF4_91EFC182:01BB_64932D6F_262BB5D:25BCF
X-IPLB-Instance: 40027
Content-Type: image/gif
Keep-Alive: timeout=20
Content-Length: 43
Proxy-Host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=14047100088712104444978012362014&t=htlp&gdpr=1&consent=1&gdpr_consent=
date: Wed, 21 Jun 2023 17:03:43 GMT
server: nginx
content-length: 154
content-type: text/html

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 815 B
1 KB 24ms
16ms XHR
application/xml 2.16.202.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C63943%2C1%2C6283015888660968652381478453,,&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c3e4f366e39287cbd001252e6d300229b7c3a12b1fd4c26bf7e290f5b3162d7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:43 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 815
x-sticky-vk: 1687367023097030-561
Expires: Wed, 21 Jun 2023 17:03:43 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 831 B
1 KB 30ms
16ms XHR
application/xml 2.16.202.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C63943%2C1%2C8660968652381478453129366206%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a4b24f1ffd1ae8a2adcc35326436e4c656e8c6f6bcac7664fe203ba8442df558

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:43 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 831
x-sticky-vk: 1687367023110032-512
Expires: Wed, 21 Jun 2023 17:03:43 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 831 B
1 KB 32ms
19ms XHR
application/xml 2.16.202.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C63943%2C1%2C8660968652381478453711252620%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d409b82d13b5eb41064d86f329f78d9465da653e1d7dad24dbc9ff93c34e8828

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:43 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 831
x-sticky-vk: 1687367023121018-506
Expires: Wed, 21 Jun 2023 17:03:43 GMT

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
304 B 99ms
99ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Date: Wed, 21 Jun 2023 17:03:43 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 8922 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 11:36:49 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7574746098446268149/ Frame 7D5D 27 KB
5 KB 25ms
8ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7574746098446268149/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afdb84f077187542fa4631ce8c3cc8f56702ae9e1c738848620b72f47104258e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 15086
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5385
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 12:52:17 GMT
expires: Thu, 20 Jun 2024 12:52:17 GMT
last-modified: Thu, 08 Jun 2023 15:49:13 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 864C 0
0 101ms
69ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuzWgbVgHtSnn7AzD6P_1udOsFxrC3KfFtPhKhR3Yyeat87J5vKjnPXnTIyOrjwdoBv_b6kZzrZJBWk5bzXqtfaqLxOw34jUw_qH0oQpyzwJ9Lfhegia3A9p_T7ksMeDgWasTN_PIDt-KB-evT_VCK-mRCWbKXhSD01kKATTWhilgxxmioDNW-Lt8T0U7TCHmvvTuQ0eoBFyy-A2y7ovvQYXBumlfmNacdRyEDSbtCAjqshWBBI_wx5MN5mtOrGJ0wKBg9OOxJ5q1a2nyKPWl0ItI_PFhmBpoZWANOAWvIGyv5dXbRDBnY6fItItLKQnTW0pleqNhv5vK6bokWGTNKJlTol6Wtr98N4eMrVQLcAX-AVhucM7f5ACmbuFZBVp99zaXvXZqZpGOHKgUsr1RomWcYv9lab1TWxB02EIa2dLD5m-3vVZJeeTG-j1SN4zwbeRqB7a0yEjT_c7n8Xhh53nESZog96yMAJ6AmhT__7X4lScVYzImCTp-Bs7heHizXd_IJqMrew5R29r7Hz7CyTjCbrLsFpOx6LeSmbhXemXxSyr7CTzwfg8sx-7N556ODC2saxwLYi7M8x8BQDzX-y_Ki5BYYS6S_wK_QWMSwiYLbzfHhOJL4uy-iAa7agilUzmlNNYjS18MNsG71IVL5RTjiIqbpGhMNFb4EylrK-ilbQ3I7mifhpoPowk1bt6Mfr9WmE4uV9ywvulBBONA3HLIaGGwjiCtw57n_-cBw9ACgReBnsZZNwH6gi4ASZXZdWO9P1-6iHGdg_5UlXXa92AsKrI35CjMY3wbPt0CuGsM94GOHqLAD9ok_j53b_7Lq_UPl_tPJS4iLcXyWvD7oihSNlrWuagTuHkM2zh5OJBlgBOIO37JCi233n0oKMZQ_u7iQn-orLTDD2hEVMsBHpQ2169-qS3_5X0q21_dYJdyqANak91rod4P6mt9nZrsKK7IhoBcI8yrxSOGebOduoK_Mjqj4JteWnyWInVtuLUKlo9jgcoKI_WfmdjBOGkfUgBu0RNsK96BF7C4Mo6V0mT2DZ492vR6TRltTzEIsASaxQRvBqZ3AQCnQd5jm9F9traX06JtFJayuAVdAATgW-LqRVDVrAi0xaajzpzbdRT_cVP0YWAU0FQhjlpRWFPAQqDtUQUPEpY7964yFmVO2k_8cepDwvqGJt-iB2qWFuuJbWdg1xKGjyN_eGGnQRn3VbtNRCgdpVPpko7VrgE1As5iQ_B-9nPR1rcoHFuRGdhuO8_k0TzNGIoikf3GKt6Gto7hmeP9mVVFC5c_C9P1rGELUcAe2gXRIXL7e9nE6FlO7raJj3JMQW7UuwsUYNEjOL7I__6En-9EMJNU3-a5OQEVJiOXM1wt6zh0tggg&sai=AMfl-YTOadRpPAZKwRZ6LaOXbjS6OWrHKnJ1nr-f24UEuCrS5forYw-PM4sfzyhayndB179dKvaQLDvKCJgfYosLw7eweKKvqypodeENaCpZoir1jRM7JHWSRfcVgNUO6ahGqS8hySxPlBAJq14bYR1Ua4OTdRce3I8Abgb5bYvEJ2rXvBP2TGmOrKm07HWaSqlqRWqGuqSaYQZ2zcYzJQ2m2MZ7NNqkJJK0XXnLsDUvvtJjwi9dh8N0pxQ5qRaXVT2_sgvEZcmX85HbgRvc663_jSKYO5qrxFGSIKUxlX-h7uMpYLcWjO5aD4I&sig=Cg0ArKJSzKv1Ogpj1dmbEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=472&cbvp=1&cstd=469&cisv=r20230615.70629&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Jun 2023 17:03:43 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:43 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B9E 0
20 B 46ms
46ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=220885799814&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B9E 0
20 B 45ms
44ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=220885799814&version=m202301230201&ct=76&x=1&cor=6877162342574948000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6B9E 93 KB
37 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUZnP4xH0GuXKd8EAjtFXub1GlH-v1MWsUvcBhsm39i-1ek4DQ0zoomKtR3UQo3QmyTQy2_vO1_hqFnHPZrkQZZLI31oXCm3s8Na3jbSQzZm-cGGeh0EeB-No_2CMRSFeNTmR2V4lPdGWTJfpe4S2tDH8fmUAIeTGROROfAJzHlvUz8Do&dbm_d=AKAmf-BEuub1-K_tFoyyNO9TzVhjzwC4efxJh2z8BSbABAaIqzEnKchhjiYcKv_gpBut2dCpgoy0jgFOTE-9UNNC6kFrrun4KnAnV7ljJzZH6SSoeLDctWDmgTlDA4CN5sKhB1JEau69Qzj6HDhupYntthCU9r9_3HUzLlnH3HIcYXZUXMzi5xpluMKfSwkVxjCYeiT0sDXliQkLLTJP35XJEokHel-x7KCFy40F-DLloftksFy5X4n3RgHDhegYxCNOcgNhMO1Swbx7LiCynrWQr-ysOiv8LsxCn-YbD9luF5tfgi_DXIG3Q1IOprX-dCbhFHfIOAGarUlXRdmtjeqxrbLz63m775dFDpwRhZTFltZADEgDAV_bPqhmdFSeOqQSw1KJlATMMRvc3-2VoYHdTSyQyditKpr7qZjUGyVRuCwiDQnhgfd11JOdnVpgX322UEwJQpk4e5ECE9Rlm-N8RAYEyx7V30yWTrwUXzymor94d65kS84UHTR627rUonWVHZ9XtVnZ-k2EZdZRQZ3aacgGHgOB73jcLHmxbtkx1_IBM6w9eBuUphU4Rc_QCA-gVxmCPeTNwmb1hBoi_Wio_ET7EVBB3EI5c4cUsHyxLiIanioeOB3nyDYKRVzirPkuczswgHE-jD7osNhgLWLKwus-fBQ5ak4d4OxZSvy2G1IipZWCfrILxRfsyOI2lqUBcTGMzbdHkebpliDKhJAKavlyla6NzN_13p0t53hYh4aD6P0vequnTjyeTIsSLjKiWRX6iy9RcBhn-SILeLhwtt3HKJKuyVKb-Yu3V8aJEQ1Xy5yK1RK9IgPs6dA7VFBhh5WNSMSnAOPP4iHTcXkgIj-gwNhFKr7lOP5YGjrFkHB-bOPL6PS-_epRtV0Pvy34dLTCVU-vp9T3_gkRX7GElA1FVz9YLzO5Z8t4uhV7TvaHG7Kz_vfkx5ka08Z3Vo543whaK_vZHNlPoe6UtN3gEcRs2_iYQVB1te0YueNlfO2ST7orIq4TTKIqBv7ZFDKLpS8S8XkWPymC4aSMQ-pyCtIzU8axypOT-FZX4z4wmTlyLkjKDPYSlLneAnkdbl17RiqGEI_HmeQM1T2LaQiuZeFOxcieiB7GKUx0z3E0-tbzg2eu39d7hsHAuuGY_cKYaLb1NthfXVUhfDeKdGP9ifUVj6LTDHMn1_848FfS_fsU4rDOr-2Xzp2j9iSvhtoeDfH9wr0v0qD8wGA93qw-6GnjdMfKqAOq9pDqMDUkfN2hJtszyxvDm1aUlLAQPG5mG-3okdVJIxbKQcgG3EopgZsQswMDhQ2gN8UGGRYIDWjiLPYm6cdsEDmVhc-TQGVF2cy-Ch5QvQ8w_TS8MGPURJiSmFaous79xYtAtE-n6bEJIvD474x8HxlbAkL1u9WdPURREcgVx_cliBavDfmxN1T3xFzyZYXqEKqyg9TBrp1sGOjSninSLMpDFtoTXDQ6FeqZZwTmWC2KxbsVgePQ57K7DbDXHmlWr1NgH9ywlurzyIaANnGda4VHt7DNMBmMsGdn8IFIYZZ02JXj7Js_KauvgK-WQKvs6XWVKBN1vUJxezy4OyK8opsMgA2PstUjXgV6BADE21prssO83B7WzxkffM1hBYKHtvavsz547kk8kbxDMoXmfeqgwUmaJhsbEZXt3plKAsPI4NtGcoxW1GNRP2GfBNntyNgk86wvbDpjL-EXtp1654kD9LtrNXEkruMuRc2M7AyQ2_qoCBZk7uxtsGIarfEZtmbhuF_BNvbmkHHPPbC3q1PQrCfsMKJ7ksCC40qXrnRbcvd65VAGiT-3Cmx2JLoaB1OWnJ4-xsaSgkSVB-MyMQo9yz4nfAtaSCa3VflvRb4JNaY55eRzPi3Zw4IjruAZSZNa7DOL9osd0_GqPO9WK1sMixiBTaNaWp_FCRAQFVVgNvwIpUIloRQjNffUaX7iZ1u1lwA9u5OR9mxCTjE7sS-Z65cnFinVwUacOuumSD8IVPSHiXfAkjKSDQkLHnDzYUUZehwXvL2NmBA86UIwOJwFPv_Wx7h9uRD5gnz8msG4IXurWeHrC10iIkM2LvifmvFwlnC7Vb8bY8njsYTNM1G0QHhjBe7B8EnhaknOuaDvWhF0V68zVIYHv1HvpNP2SXVF07SVY85ZbbQvNgCQbIUF3RBlicH_LCybmKMtih7JUmwNlBhjm1grCdCRnwd0QPUdNgW3N4hxPdvvc5Q_ibh-IQP1X2oQf-9TPiE-sDkPvBkazM73n3r7RhzErVbO_Z-9qk--VOwFlsY-y_6TrsS571M1atZEEoxT9-RIK2xLNEkENuYARwOTEaWEjlgHl9N6RyOJyoHGRuRqSlmFv20x5Z--AGIYj_JQ5IFZeto9cLYwWe04IqySFtaieyMbzJXOrsFys4FDwQaFk1kjOkXEXJ8sTgCN9REGHHr_OT-tnZm4anBE_qdOOi6H0HFt9uYWWMIyhVnmyrCvShQZQv1qyCRDFV5ISTCxOoy9yTY5nU9p31gHAMGykcOtHut1O91DCzdsJT0Kx_NuQ9XT4QZ18sr_rRb0xViHScmYk_peoaLx5ENUkQlERvAinYx_ggtEnLOIyWWIKse4VbcIlkNgEDZyjiztibzBaxHpHPhVIpN93J2p57JLjYG20AQewcv9JaUeI9jlg_X-EnwSG838tlSxU1w3Y-icZdGVyrRuR3kafu0t7HVNvh5XVdg8MblveZcpd7k6j857OBfX3KK4HvDxUBXEhM8shK7HvzCM1II5ukkgOJ-PBg65BmLPyCQ-wbVvct6_RekWye8LVAv5Bvdu2BiWwF3YTKKcNLaVuvdxF44oKmVaWPemqnsEkkAy1xQXvwRXiyUko7UeYkzhFO8Idbfo72Xwo-vE2BcJB4tykn2Ty2os9Yrt3gYs4miTzBhknxxO6TELrR4Y1c2mS-9-CDlEZpRDBwl_rshFq6vLfumtg6S-fOFAO0g3lPUHlo0YWQv60vFzfWm8nM96f3F9U8vDe7ldEWtHzM2DW4mxDGtsQG2JrCQxkmZWkIpTVFiGNK5LmUjUyDa1UrWfMsnpKfOmXZqeGD8VKo2gPy2dMNhWAUVr72Tpv8AYG1BOmbK0xdxhW4Gd21OkKlNf3IiJY3U5OtmiwjghsXrosr_U9VO_OVvoNu9kBLPdEkSpzWzms7osFcHzaZnRdreyFbTa00Z4LorzUyr7bo9G-qs5CMCGPle362b7SeO1jyKPF977olchi-1izXF7NxGwdRKpgx5iuLjT1NU06K1nwdrnN99Hq3mtey8ZIbL-OCD3X7dkfIZgH3Og0byzQeXWU0E-VF_-dzzWeHNEcJQPUSTKeaSoxBA5i9T_9N3mxum1rSAD9jHX4ImFQP6QZeTMLvjW46gItXYgMAebKxokYbDRRNbUQWSQ3bFrd2eM7-t17naWOqc3iw-f2gXuoGTkBK5tk2FtOJHgD43uhrvFKwjSZTskbSrz39joj7XzGVkzcRdt5QehpOjWXv7fpVSqWy4cG1RZRyLRfmT_vwgyMByvcDrzEKnea_4rexa_7_01CXLHKM4uHAz1BqKVfJCto-y6LeAfeN0jAtHlncrlE_aVItbnomF3hlH8EfSOPkH54HhMHAFHG8IGzSTupObdYk81GqEmGtcSwWlEvkP731ZLsOgbf7czihgznibgZqseqs_Cl9k13M-PI7Mvhe-kI78xKYSBRXr7NWn80hRdteunEEgq3EVo10qBk8_eCbakgMX60KSN8NAs_mvRhcZXXfNd3B7wDDImmnSBqHVp3buR0G3Ih66WslkCL28rjT__B1N1mpyMdKFMZmmIIluh-YCbGwn6Z2677nJ3Rh7ez19OiF1egKAQdABxpubqUEqWJsjoKBDg5uHGZVI&cid=CAQSKQBygQiD8G9ZERdI3gx4sTb61D2vxgcxIggHpiioKdnGVIwq8AK46cCDGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ds=l&xdt=1&iif=1&cor=6877162342574948000&adk=2975593758&idt=140&cac=0&dtd=34

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3fe567af6ef23cadaf5d33e9bcb1ccf73dc194f3f1bad537dca5f26a303959c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37925
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C4B6 0
20 B 52ms
51ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9686073701928&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C4B6 0
20 B 50ms
50ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9686073701928&version=m202301230201&ct=76&x=1&cor=636309029302438300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C4B6 93 KB
37 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D3wpvkDLePHZ_Dwe0TFcYQ81C_knVBc7FTm2TiOJbPYidEnuuSbFQup040CSsukb0FzZw6bYUHcz9lykhuU57WfJKQ5Yv-Tqc_kNmetQR3flm3T-doDfecLOg3f3wZTWo5dS6gV87zCRfDZ3PH0Fz2hjyV-W7rQA_s8zsRZIUUerHIHqk&dbm_d=AKAmf-ANc0Hh82JaeIWqr80Iz0FN06fZPxUxX4IiaMJ3fDgvBo2A5mFTbsULTg4qsanZzvZNZh5ohmSrExzsTP9M087W3CBf1Rb2LxGYTcHH_-VqG0gnRXwiQfUvOmEpkd1jjIUK2NV-qb1qmTzwgwM7Ir58KNVBVszmtNV-k2u1WoXtVji63dRJdrvC9J9aQnOVeUlUl_zksQACSdZKsqGWi-5oEXFj1Anu2mHnxCVX1uEvlIvEicAYFL-Y137I3rrOLSlGca1_y8_l0yHnN-f_ES8OFi55qPKd17kstrsWkUe3eynYxPbQNMjzwMtnLvCCKQL2-yCWrixtvoq8vhw5jDzJpx_rP5W1FTEbtDMZjEfoquWHUYjhcx3SOH2rsAWRmeeqy2p5c5xWfLOO0YORBWrjLW6MdSC-lKzTLTvN__fZpxGue668pHNsQwEQScNT1Q3o-iQVdNrFugSj7znrCwlYIT0owqbNO1FsMf3i8INAMo3_HYExTMw427UGPoa54OGDGbLuhrBGXcFgwTquU3_YDq5DjCJDPFaN4UfKzF6B-SZ6t8BOFXRF6nG3O9A1IX4aBiZu-eW_FyKO7zdYM4gkfEf_owfpvnsxOmA9SpP3MdZXh18ny0kO61918isbJY5P4NDYp9sDLcqbtfep4TdV87RNDHkxOlpRvG3kq-BhQYjm5zbq-FZCYMDb3qyxRRDg2HqReBLok1XoBfHdIPz9abC2XPSfZCN97gPnyslo0KDGMUbEnJnnm4QW4C0rWoMH1BZRSGogQXGz1ohSxYOy_fmVsfPeIDip58HZMXPPKpSSKcYCG5QS9Vc6daCEGy-x2z7hc2gqchiWgAfks_HuyLXHkProisg7Zci_jfeFptQcQYRelKW4cMuJM8rL4F1XMWNzqD-q8vAswrz-4rRe1Jb6g1SqHB4-hppPTMr7ydRHF_tLzAfK1aqjXPVbMh-ewB5OL-mC3tdt3j6jbwFIxmQRQC7Y040-NXd7AB2K3sEc3m9i_WF_jxuLNsaRYfVRYwwAQ-NLi28bqJfK6Tj_NLgR4hguaVl9eRWajYwSIstg-wWwSkDslaIHRg1fdUl4GqGjGH447J7VS_kgnKoNi2cWQO78AkANaEfrIiP5yx_y7C32zS0nlM-MC9f2-fnxQnByK6YqyKoR7imv2vBVXlOZqIk9niinpapCZja7TXuC_NFQQrea_--nGdEQtnvOTj6rKAKHcMpkEwa9EcO8569Yz7xHQKUcP6J07c4o6OCsSF1pXqL1O6ni36r-H90FYINzusKXWGBpCkCMOtUbRty7f80QpRvlV5beB-JgTKo4HRWtomGyrXxMvG9MVVAS6RByMIZLAkt3ZjJfuKLvWY2AW0BsU5TzC80m2wz4iDuhaIgW8YqkM-o0xQjtRKbeYFgoky68Im1CdNAST2kuCqMCo9AuAsVYmhM81lR9wWFzpMqJUomLFluUl8hiOKjdpjlNcg4j8uDqEVoQWGe97lXwSFm_IhcJNmfhX4lwG4lym-iwQhX8cvpi_VBE59wx3DMMkAbevsjqHQEjgJbjr-8igdmAg-Jk0x91YM_rW7LQq66geDg4ep00LToLSOy6gT_QkoRk-ifnFUOqCedckSsn2cUeW0AhrW2V3dbZTfQuTywmu82-D2u1VCnY4CH7J42BjGwFy7mS-DtL_GKUwNl7Vh_CT9eB2KGGTqAnla9IAXZl4_32boKb7A-O8uskvRGssK0XNXWnoCH4avewyTv_0gQUjcvGvCsZWWBjzoZL3YRpDMn1yjknejyzFzFGlcccWqq6AaimnNndd0B1ZgvBCayXNZype19KgcD_d-VN53gys1HXzjvANrMS-EI1cvyhsMHJIzGpPxK7ZjE35AnolE2XtD-hjuUh1Kc49Cs4pMTVLv-pUbxJUIaXA4B-IgbbTLILiahHUPZRKDR_IVsr_QrHO0UvtneDnjR0VBl134h-Ge2b32BgsPx6nt5Cu3ehu0eOEhosgkAm8LsE7lmPX5ToMpI24-b_DCphI7I4MMqIqMljtRyos9AZ67uThvCU8kfcfPLl9QKoP0mntuFHSO4gYP92bq8kj7y_S-h5VvdrfXhogtPHkn23DwFUac4XzVWBS8ZWDTEaI3OBNKnFu2ySBwWtMGJVnWOkdtsj7lCDtWNil9aI6PecOdYhcnj4S9aKPtvVEYZpmQUt9upP3sQQD5atqRgcawZf1i8z_M7n9glg_qwYb9wJ8EPouHH4_bOriigjibtYExXBOP4vwTz_EZcfiqIIpQa0f1zxnFsweoxBzrXZBjd1W9QKdFkQZCnOoG9uLpKgJJ8rNt8bEvzxiAcGqnPDT4kNSrCsPFUyXIsoGUwOc0AoAe0bgOCEH_H42_0QEWYptX1LawLNSz_FYKshfCJBM27f2Phc-R1DlHLjOLGYchRqDnWDaK8eX6gX2uNOp9sFPNGNWJvNICkzY_zkywNqguzO_eCbR1JwR5KI7XicWMCbDnjTOJKO6_0B0a1Ns8ELsOdX4Jr2hDeC78DgrfwJl_nnbK8QMLDeA2zVf0g5P7AGi2dAL75EpcfmLfNP-GwUxExdKLZe-sgcyjX6Ku2ZBfNEkgJtEKHgY_-6cynSfU1tX1JSeuxO_YBDdeGTffU6XJwGxQRv2b9atkMYaGX5mXGAP4eyGvHuT733Ic_vYHSoY9DVocW5D0MCLCrhI3d8JtAcbWeRMz0BEZDoYyQGPzCx9FiGihQBf5xnSLhQa4bCnXpt3sczbYLXp8AgvPQH6n2IB85tR1JoEgZ4JABkKfR4pWdBtOwwrdw9Tnx6DpA_iidSRtaiTzQ_7WRTz9DuqJ-3FjQV23TKBn5PzcDADyRlJYLKGrqtSnAzUFjgJe5vrUnBxVaMRDxdX94hsnsZ8dswx3xSTxQxyxnPWUcaiXOxzSyV22-xUQVL_bFNIy3YCsBGSQmtgX3-0REHV9WqeYn4tXFeNrqZHYvuODXEbkj4rV0OiMIjrtXUBH9PGcB4SIaU1wlul-zvxgCVz6vVNAUX7mdbMr5gyA4wzOlzmhgwj8Xke1ppI9ErqKvikQOdNZUSu_WucctgXOwvIKy9eQOBmwiADpcY1gPtBQ_cvyxURG5X-ekOQtu8K9MlgzdLCCQdIAnAYIra5GIx4T49JPjRQhzCA2JA5E4eEIzKk5G7AL0aRYJEoHUrMCtpEVv_qyrzHFS6PLXP92pVo4SIiO7EHEZav4Ibpf_4VDaz7Qk-C5HOIQfMt-8kF-0d94-Wc3g6NRciP-PLvNhuqemFr8MCZ2tCbQiqcVbeFBrsXx_UUuwgiScn8VYWLVWdRDnV5OAcvWU-XVnUrgKlUZKOv7hh0W18-wzxX19krC_Qtcy8BwCIvjoCB2fW1EDjKlEGwJxAVjjZ0_b46pPAE4NuKTTt6vp5AGCWMAeAR5G8-W54x6eqxJ65R_o-0Boieg9KVcNZeUCpb5BMNQBv5BV01zIgxVy2DR8teIQHOWrrBlaDNjje_0IfM03ujwqUfCX-ljp2gpC7uD4cI_rgy_P3Rwchsm1lAERMIg6MrGuJs6tkZUBkIpA4VullFKnPhA-a1w94cvCan3aw4YP4RKIc3IwFichnXnHpyAb86nSy827_XFusTLpfocFwJp04SSv9eHX9BwngDAMLN26Z0AQf8-2r7xr76WnwRaHXkcBtmrOisgB1S8kyOCEQla2QpumDMLYW_PNYFIDX0nDlZDfGNO10OYgQc-7jsVCuNtLBpgJ3vvNXEoPzkIj-CEkjvVlqH4BIiqQsVy4YmKpCL3p2ongnPgnEZ-IbORV3Z3bw8TVMD8pFPp80vnj9hkSSf_Rulp035TJHP-erW2OXEbKCaiC6pAwAr74ZPuZCq7xcPa8qBpI_Mug&cid=CAQSKQBygQiD8G9ZERdI3gx4sTb61D2vxgcxIggHpiioKdnGVIwq8AK46cCDGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ds=l&xdt=1&iif=1&cor=636309029302438300&adk=72288713&idt=135&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb00ac5c9563c3c1ff9543ccb12c8115843773b068f221a593965ff463a8760c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38021
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
app.retargetly.com/ Frame B6F1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=retargetly_ddp&google_hm=YTNkMjIyOTQtODE0Yy00OGJkLWE4YjAtYjQ3YTQ4Nzk1MmRi&google_cm
https://app.retargetly.com/sync?pid=11&google_gid=CAESEKtDhWqFufPC6edVg8cxl18&google_cver=1

68 B
402 B

136ms
120ms

Image
image/png

2606:4700:10::ac43:8f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.retargetly.com/sync?pid=11&google_gid=CAESEKtDhWqFufPC6edVg8cxl18&google_cver=1
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Correio%20do%20Povo&md=&mk=&il=0&limit_drop=&userid=a3d22294-814c-48bd-a8b0-b47a487952db&idx=&fullVersionList=&platform=&_rlid=a3d22294-814c-48bd-a8b0-b47a487952db
Protocol: H2
Server: 2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/png
access-control-allow-origin: *
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control: no-cache
cf-ray: 7dadd398088f9a00-FRA
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://app.retargetly.com/sync?pid=11&google_gid=CAESEKtDhWqFufPC6edVg8cxl18&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m
cm.mgid.com/ Frame B6F1 43 B
432 B 75ms
29ms Image
image/gif 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=712808&adu=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%7Bmuidn%7D%26pid%3D70
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Correio%20do%20Povo&md=&mk=&il=0&limit_drop=&userid=a3d22294-814c-48bd-a8b0-b47a487952db&idx=&fullVersionList=&platform=&_rlid=a3d22294-814c-48bd-a8b0-b47a487952db
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7dadd3976db5b78b-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/sync/ Frame B6F1 643 B
1 KB 18ms
17ms Script
text/javascript 95.101.148.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/js?mt_lim=12&sync=auto&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Correio%20do%20Povo&md=&mk=&il=0&limit_drop=&userid=a3d22294-814c-48bd-a8b0-b47a487952db&idx=&fullVersionList=&platform=&_rlid=a3d22294-814c-48bd-a8b0-b47a487952db
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-198.deploy.static.akamaitechnologies.com
Software: MT3 1031 59fd23a master zrh zrh-pixel-x10 config_version:"1524" /
Resource Hash: 59b18cedd72766a0c2ab958a6683365999cd94563b2c1ed9387463b21a3edbbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:43 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x10 config_version:"1524"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 643
Expires: Wed, 21 Jun 2023 17:03:42 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame B6F1
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3012&partner_device_id=a3d22294-814c-48bd-a8b0-b47a487952db&_rand=1687367023005
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3012&partner_device_id=a3d22294-814c-48bd-a8b0-b47a487952db&_rand=1687367023005

95 B
437 B

25ms
24ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3012&partner_device_id=a3d22294-814c-48bd-a8b0-b47a487952db&_rand=1687367023005

Requested by

Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Correio%20do%20Povo&md=&mk=&il=0&limit_drop=&userid=a3d22294-814c-48bd-a8b0-b47a487952db&idx=&fullVersionList=&platform=&_rlid=a3d22294-814c-48bd-a8b0-b47a487952db

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:43 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Wed, 21 Jun 2023 17:03:43 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3012&partner_device_id=a3d22294-814c-48bd-a8b0-b47a487952db&_rand=1687367023005
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 28347
tags.bluekai.com/site/ Frame B6F1 62 B
218 B 277ms
194ms Image
image/gif 2.23.197.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/28347?limit=0&id=a3d22294-814c-48bd-a8b0-b47a487952db&redir=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%24_BK_UUID%26pid%3D9
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Correio%20do%20Povo&md=&mk=&il=0&limit_drop=&userid=a3d22294-814c-48bd-a8b0-b47a487952db&idx=&fullVersionList=&platform=&_rlid=a3d22294-814c-48bd-a8b0-b47a487952db
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-197-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 21 Jun 2023 17:03:43 GMT
content-length: 62
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame B6F1 70 B
264 B 35ms
33ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=83i98y4&ttd_tpi=1
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Correio%20do%20Povo&md=&mk=&il=0&limit_drop=&userid=a3d22294-814c-48bd-a8b0-b47a487952db&idx=&fullVersionList=&platform=&_rlid=a3d22294-814c-48bd-a8b0-b47a487952db
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 usersync
pixel-sync.sitescout.com/connectors/retargetly/ Frame B6F1 0
187 B 65ms
13ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/connectors/retargetly/usersync?redir=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%7BuserId%7D%26pid%3D23
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Correio%20do%20Povo&md=&mk=&il=0&limit_drop=&userid=a3d22294-814c-48bd-a8b0-b47a487952db&idx=&fullVersionList=&platform=&_rlid=a3d22294-814c-48bd-a8b0-b47a487952db
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:42 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

sync
app.retargetly.com/ Frame B6F1
Redirect Chain

https://secure.adnxs.com/getuid?https://app.retargetly.com/sync?sid=$UID&pid=2
https://app.retargetly.com/sync?sid=5589260742170955798&pid=2

68 B
408 B

115ms
114ms

Image
image/png

2606:4700:10::ac43:8f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.retargetly.com/sync?sid=5589260742170955798&pid=2
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Correio%20do%20Povo&md=&mk=&il=0&limit_drop=&userid=a3d22294-814c-48bd-a8b0-b47a487952db&idx=&fullVersionList=&platform=&_rlid=a3d22294-814c-48bd-a8b0-b47a487952db
Protocol: H2
Server: 2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/png
access-control-allow-origin: *
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control: no-cache
cf-ray: 7dadd39939cc9a00-FRA
expires: 0

Redirect headers

Date: Wed, 21 Jun 2023 17:03:43 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 3a7ab7e9-18cb-4f3b-9afd-c8e18b2c0461
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://app.retargetly.com/sync?sid=5589260742170955798&pid=2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
app.retargetly.com/ Frame B6F1
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3a%2f%2fapp.retargetly.com%2fsync%3fpid%3d14%26sid%3d%23PM_USER_ID
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3a%2f%2fapp.retargetly.com%2fsync%3fpid%3d14%26sid%3d%23PM_USER_ID&rdf=1
https://app.retargetly.com/sync?pid=14&sid=CA57F6AE-0E19-4326-BAA9-8F1794321670

68 B
434 B

113ms
113ms

Image
image/png

2606:4700:10::ac43:8f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.retargetly.com/sync?pid=14&sid=CA57F6AE-0E19-4326-BAA9-8F1794321670
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Correio%20do%20Povo&md=&mk=&il=0&limit_drop=&userid=a3d22294-814c-48bd-a8b0-b47a487952db&idx=&fullVersionList=&platform=&_rlid=a3d22294-814c-48bd-a8b0-b47a487952db
Protocol: H2
Server: 2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/png
access-control-allow-origin: *
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control: no-cache
cf-ray: 7dadd39afc079a00-FRA
expires: 0

Redirect headers

location: https://app.retargetly.com/sync?pid=14&sid=CA57F6AE-0E19-4326-BAA9-8F1794321670
date: Wed, 21 Jun 2023 17:03:41 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 400 tpid=a3d22294-814c-48bd-a8b0-b47a487952db
bcp.crwdcntrl.net/map/c=11530/tp=RTRG/ Frame B6F1 0
0 105ms
31ms Image
text/html 54.155.101.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=11530/tp=RTRG/tpid=a3d22294-814c-48bd-a8b0-b47a487952db
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Correio%20do%20Povo&md=&mk=&il=0&limit_drop=&userid=a3d22294-814c-48bd-a8b0-b47a487952db&idx=&fullVersionList=&platform=&_rlid=a3d22294-814c-48bd-a8b0-b47a487952db
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.101.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-101-92.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 sync
sync.teads.tv/rt/ Frame B6F1 2 B
153 B 58ms
57ms Image
text/plain 104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/rt/sync?vid=a3d22294-814c-48bd-a8b0-b47a487952db&gdpr=0&us_privacy=%221-N-%22
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Correio%20do%20Povo&md=&mk=&il=0&limit_drop=&userid=a3d22294-814c-48bd-a8b0-b47a487952db&idx=&fullVersionList=&platform=&_rlid=a3d22294-814c-48bd-a8b0-b47a487952db
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Wed, 21 Jun 2023 17:03:43 GMT
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 2
content-type: text/plain; charset=UTF-8

GET
H2

200

sync
app.retargetly.com/ Frame B6F1
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5Bsas_uid%5D%26pid%3D63
https://sync.smartadserver.com/getuid?gdpr=0&url=https://app.retargetly.com/sync?sid=[sas_uid]&pid=63&cklb=1
https://app.retargetly.com/sync?sid=7047329588402905016

68 B
223 B

500ms
500ms

Image
image/png

2606:4700:10::ac43:8f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.retargetly.com/sync?sid=7047329588402905016
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Correio%20do%20Povo&md=&mk=&il=0&limit_drop=&userid=a3d22294-814c-48bd-a8b0-b47a487952db&idx=&fullVersionList=&platform=&_rlid=a3d22294-814c-48bd-a8b0-b47a487952db
Protocol: H2
Server: 2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/png
access-control-allow-origin: *
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control: no-cache
cf-ray: 7dadd39b0c139a00-FRA
expires: 0

Redirect headers

location: https://app.retargetly.com/sync?sid=7047329588402905016
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 204 current
retargetly-match.dotomi.com/match/bounce/ Frame B6F1 0
104 B 112ms
30ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://retargetly-match.dotomi.com/match/bounce/current?networkId=95012&version=1&nuid=a3d22294-814c-48bd-a8b0-b47a487952db
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Correio%20do%20Povo&md=&mk=&il=0&limit_drop=&userid=a3d22294-814c-48bd-a8b0-b47a487952db&idx=&fullVersionList=&platform=&_rlid=a3d22294-814c-48bd-a8b0-b47a487952db
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8F72 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CN_Yd5jGICvyv5zrafSgC0PFF3RnEqgRX4jeTddr-6uJpoEobsexZQ-bi-0BjdUeWLS9wA7zuyfwd3kfVJzHwedMb3bOz7HZJbDXEW3JeCCVCAmkc7gx5LjGj-2XfgYCtjB6AAJ81hTwjPp7TjRCUsdHeYLvJYvHIDEY5MEDqoYN0yY0w&cry=1&dbm_d=AKAmf-B06oq3KFpK26956DxDs58MadmDjxHO9tdlLUv1C11o6eF8gg_kvjGxuZtbqb5CuLjnsckqkirq7N4iwuIkg9YzeFlNb4MHzHjRVn3kZegQVewfsUlkZJzUlBf_H39rkEa3YVz7Zm7KOUtBXqbs6G4mJo4YKYbGdj3TpQQidyOvjs_GB1jhBL_--s0yqLO5lOGVVfaSQbxLymzPepJy9tN5SuuO48s9qS_PsjL4i2AWZzxRAeRCmUzbntDVSicYXpE1vMyFhswXMjAxk3IPfSHKVz-cyoAely5uQgJ6fOrecVFdMiy_3uTHppAHAUbMc6XOHm2aN0PmHkaZFUAyDQ7GgG4UmPyJX2VZ0bDK72cjPg1PWrf8W-LsLKdraDJXfdB7Iq0jB6_crK3_1AZ8bAU7fMsbGAT82qKgV5Zip8kjKoiu6jCqBmPvaFNsUFWPQi94lY8_58MpyvaG45egIZvsReb52c7B3IJsbriPP3tKD9j1-cBvh6mX2t1OS7pzhOVrxXDyL2EyJAcz9vHyuz9ddZX3RGMq2E7e02DoBBwebTsRTp61dHdCM5wmfTppNjjff_sDOJDS1qd1uTHgS9wyPe60RB6sukHUklGh4BbXKV35-Ta1DnzjGV6cGW9qLbnzJORA8xxBy4A3cmvHezPNHEJwSr746S1PC177WIQZXs46IxfVWC15-uzlj8riSimaWqJDD8r353Y6MdtqcAdriMG-CU89wuqGonVZ7i6MEwr_ufFzGTM7i3fp_8ZcRWidmq9b4jSP7YcpiHfKuDqzqbiskXzeW2lXe8E1DNwdCp8WPnLh80LNMSbga2XV3_kKkplMfN1CPrBb6zAjJBqjdeCjkTPzEE61Mbov94WF5b0Zds0CtinJ5-Yiqp3Y0mi6Jz7n7UrVoZl2YtEiq2kPi6wAUn-GJTQAjmHI6LGL0Rsa7rozsps4M6IjPP2GvD6teXQXwu3IEHqxA4MDM4xaCJGij2nj4OX6nARVYo5CQHuQfP6IVYn8hE-AIaj0OD5cAz0C5NaCUoGzCAF8O8gGPEstU7qIVTe3plvSf6CjywQYQ6t8mOVjzdbfhKPPAr3gRYOp-ocsyC8JFd26CRHzPGTqdrvQfHSAr8K2aSEOVZjsk-VtJt3tjBCm9jqUE-3-H_hHOwncm6dJdA6Hr5o1lV0q0Z0dgd8R-aIo0Lo_FzV2i6l7kUP9dPdDBgZEgzNSk_3mIGjXI69E1v992ndcAtWfDVURydMpPRY9sjkxZkXQHMnqYXSMZ8dncYlCbX5r1Y6O2dWnp6Mx14nOaJ9d-25cCSVZeqIl4XhxgYYi8e8NCI7uB_r8QoCJ3c5YBdO0p3FKlVH4rfpkZNVWsMQaaMsSoSqWVye1uWP_gk44Gfs3vgwHrLkQFEIb-MqNocdgfduyOElR9oGLufB-u3cF3BxFK3-FNFsQpUSAzP8yFxPKHXocPDxagKGXiuKWhRaLOTE9BfhYodhrXSvvxMZOcdFnukCU7NQzVTVgF49WWR333uh8orcRwRb4Zaiq9lFBIksqsT_S2orQI8yO5T8h_u1W-AkwC7XsIdZTKNe6WKe-DnXD8MYxWfwEtLvv7eyShwsRPjVr-lVoJcJ2HwnmzGCvP0qcyeAB3Y_9XB4gaPJc-29_kdfGATKtUAFsNkyyZp9p8anL7dBLMyc_lBJ4f1cgYr8luioH39pgdDbHWwQDCoYmjwTEi2cso_mYUwvv9gsVC6h9GvuLM4J-xKe7Z4DPGo36rH-zO32t3_jWSB5upni5-Q_yFfKqtMk67hX2Dv2mfyzR2djAPU_SHJsP5-oted6suDBG1ywoN7mPrBsGoPGHYWMQAcRZ-6wHRi_DXAB3xh6D-FmANW9as_u768mNDlZYksypxzV2aM__ZmzD6n82PQRuIAlVt-fEo6qAozzizb3T3Ncr4mk0AQMLacp_fw6BeLp2RlMdRPZDJwYo6NcT6-V2BJa-5UjpKrLiJYAIE8aCwyxNeqhE3uCbdPdbzeUWtWAHDHB9Eqh81AvydvX_dO-6NkHreKSSH_hH_5ezyokw5uLZ_nH6o4NayXFBLSWS2PSyZqG9YMcDv2XaJPlnUmWtFb-0hyVjSP8OUU5DHs2BkufySiAO5K-vnuyG0_JuwSBUVJRNO1MWTKXo8s8j4T5utnfzVHFNOuAugf5VsvQWP-7pG5Wao0pxaZiE8NfJlC-PwzTQI3-vjphkC8QjxS9yb7zX7oylaUeoKCzoIWltxDOZN7lKBWvHe6M5FODofl3kz3WLLVG4e9cjhXc1ksqHTraTdjYsIDbsVv4CwIN_uep4mEBeFq7BB6NDTe0iCNp_iDzcDXTKPuKGjE-Qf7G1eIHsxrFLFi9IlNSqTn5ujQPtzwx5ofg3yVq30d8TmHFwPDoy3HpDO6y3raghfJWNqn_mxePYtVqVC2hnhSp0VzQvCr-_lsa9ACGp-z82rPXcYpoRelSxlrU_NXLSx4nKKGpOkdjUszM1RBk09WhcgnaS1sI6TKH7Gt3hcNGfRgOa71ngYNPn9TXdUX-tr_fBoSF2XMHzUBpEYsXDQ7O7URcseMznqtebnv4K3C1KkskPxUcPkAztmYm-ZtIc8TOPOEr1ICsOKg_MfSxYcC1h2zdl1cNIs3DZMwmnjZjW6kEdQDd7fOEwhe3-ur7vCdx4h1g1VquBFHPRS9NWZsa0vVg5yr8AVoKiKSB9GGEIaUBoEvGcT_jLVe5uai7cGX4ZM0vply6q3wuRkIXvCnvABP1M13TYt4LUgQZ055NwbUXrEJjPFP9CSWPsWABzMhRPFLk5oo-TzPodAamScve7G8JQUYcYhM-hKJD0JVwfz5rsotlj_bI9GbU4jsmRt6QB1CdKw8ouM3MgeldyDXRNuwGftFW3yMonKPY48ZQxQxQpQSLRG_c1E_3vNvRgcVpGKH1pUMYUUm5Nme2CPegyr_z61NH-d_kBge6fExBlQKxUD_bjWVZA50UtODwXLNnI7RhZUezAbEkRRO1pCEkp3eWm7WULaEI_e81a964YsID7KpZPv2E9OAV4zC3Vfxslqp-9U9d99BaSw1CDgaK35uN1oGvNRXXwa-orgfCjX1O17vB3CB-4iwvIDtulEtSnvRXpCaRAGXbQ3e2eiChU4oFYCK_rIze7DVztS3ldXh9Bzf0iKAFJupwIy6fqgosPH-1L1iizEWR8KIOi13WvkrTbcW0QznvFzERvOO7O29dGLVEJsn6Cw9q0VhPkxFPMcczkEs-_uB0Cp0ArQQo5Fsp4AgBQIhTf3hnOp8hgvsC6e2fUUMtp2UAhmGkrrixwm1aVGC7WR_8LasbIZjVqTWF8IAMs0TEi_3OtCcu7dWwd72wFaDVSJ69egQ0gvAv55HGVmB3sCiB3nKcxAAqYYp-nthXHrgaqkXGORjNtZWe5e11svSfmczubvzQjg4WHkGSXJ6Lk5bIlKcUDWcMabheFngh2C5VxzFpbjQdAc-NeL-7K3hdvoNqhWum5VU-pI56gF6Ta5nP3UVET97N4kKZDUX0kGDcVl-dss8oxWNboAHy6KqOWBvsb3OcJcVw0e9zsCjdjZLcFVUTW2mR-04a0hqugb_yFCXSujHgFzfsBKu3EJKgzlbhn4fMpLVV7yGJmsXnnY9TDzJ5L5J0qWAC-V1H5HqLBRvC8s7dqzcqR_RE_AbZF8-KGr0yooU5Z647JocUFlULmd3Wb_WgI8uq70IfW2-eBVbqhEypN-m9uyATtKygYBrk9o0PEnZtQ5jaWBxT8_9Zkcfq4npn9Fa3mNu8qNfuBdzy_Eg&cid=CAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ds=l&xdt=1&iif=1&cor=11001661722504872000&adk=3661671305&idt=90&cac=0&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97868
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 13:52:35 GMT

GET
DATA 200
OK truncated
/ Frame CEAF 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ad05b126fe41d7078c3eeb15d27d6fb59ede2b60d852691a38a87852337fe00

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C65C 41 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKG1DAN5fi52lVKVpAKOMapcL8rNIrAF5yA7PzPxepQMb0nnqUImk4nWYa9n8XMVKw2Hnnrv0GbPwTr32cOPw1pQCcUnotwTAXL7X8Yk9XxPDEPlW0pREK6g8Z3B2U5Dz7dsiD6KrBl1w0HIy91ln1qG1r9pQBRP0Ghlr5hjk5b_k9Dkw&cry=1&dbm_d=AKAmf-BEcWYhWz5g4FCQlyu9wQFpoM891Lt8-Zhkj--q66mmkFrJ2FcDs_2XFyR_K9EntIC3mY5E57Kf45Y_61ae5IRvg7VVvUjIDn7FKCgZoB0HNxC_hlpUNNmL7hmjnmr_XO-uaUjYCrCuY0cSoVkyVsvHxCRM8D-2uu7tZiC_NTNiwbZGXjQMxRL4_Pt-TWMlt3Md9j9gNj-4pIrCFTre1PJZOM2f2sIRvKoboMl7VXZIFRNt-UtmbTNpKkfjayBrYX66D1Tot_qYQWQRFpNOA_7oJF9rieew-DgUI9wKsmr-I4TuxY4N2x6z5c1wB4RrfpGPPjK1T9hHIZypSRMd_PHiF-PVXgfteS34ircHIwKpAFSZJav48r9sVSzrd73gejteBf9A1tb-CrRQruyTELjBodxMe4DtkvK84_2TQzvko5KpZ3_B_rx4DD6gJeCD0YSeqfdchkTF_wO2C-Vo2cgGvx1IfMvL7cg5run9iY2K2-c0LqXyLzSrvF-IehdYHwP1j8Ofcn9JwGmhhC9hhWUIbE_b6GqnQyXpj6fLB-BlBGFHFHMgD9q85eI8fN_vKw30YwWC5KYcjpFMA6ZZbLHSdOByt7sMS0FzqwBQVKETWD3XKyKoUIGeShKdw1ybPZRGwuI7ZYkvKnCF_iPOLt8TZbKGKe55otftGN0xOptjMgfOYb60CSZhpgURA1pQa2dTZQchwf4LY0168LD3c38Vj5oLU9hdlk8_R2jW6ITKC7UIe7GWY1q0lrjtQ3hAdgkuAhwoFrppJkVkcvVqOLu96TSqZyNFgUlj1R6Sv-HFvMALzw_lCCtSMlyhNjIS1HBBTyUh4PY3vTbupjDJTcokAy_klK7uiH9uR32tfL2WEDHpfMcrM5q8Zwk3QKsGqFiPHEdroursN8Et_-CF33uP_0cXepmnN57_2M119jUOEml5CDQ9UCYhQSmKRjauh7jAP_WU1BTI_F4fG092YU2gjSzuwSgABegN-8v6xGj6_H77GlG4P8l1szR-A6JVj3aumSUklbf40Tyas6AyufdW5gFcJk-r_bkn_9O5AsT-9QDbcm78hEg6cz-KBqtOHze6uAfg-nRkXSHnuufUwQbvy8DwAzv-3G-5-0zeU9tB6wvysbwBTDJCICae2TT1KsRZEktcpGcBDFVxCoeCeXUBg5VwCYMfpVqV5eg58gZJBxeV5zGfXokN03Z4me1jGbbr_43RltIZvfZ6c_hK6pAdbIo6MdNK0PiKKRXqeUBEdbS3zHCNToLWmLQZ9CU_EcphybTCRs64-Pb5gTBwrFUhb1_7_7ZTQN3hw7dmjsFxJlztqJNOqIVuNvEZJPZ4RydSDR_NQKyJ4c25Gnwd1qKS3ww6mYK1U5X4skap4RWr1QvQcFuZHFmcuGvgf-pA5PEkoMghmL-M2f4GyHtqFAcsF-SOqJteFxbB5hKDTgEumF8QPs5T1cKaOhhN6nD4WA-B_n3qMFq5FNgsWTtcANmKhKiAmqVGgn5kVS0Cvpkpr8n7Xpx7pq7MCpPjcz0Ua1V3Mk4PuSobVKe5iOvUCgF7Edm9I-iGL9I7v5uFRMMWSECD4n4Q2L0qJZlk4Up-sS0c7at_3K5ysc2Bf1CcAlYi3-HpO-9MqcajngGHNSG0rgHDDTnWAJ9PIT5586Z98WBXYLf8iM8h3B4o9g9hNzD-7gQnF3ugJgJISxUZrJWX1vpzO3UzTY3-xNvOyOgVDZMa2Pwu3Q5sX9hZ_OlYoMzs0FD78XImKesSfjRDdaAfduNoylxqvLwMpEGBRC5_kGF2CG_0OpZoy05A9VPVoPRTD8thXV7qfvl4AegpyrrDnVHr19_cJbSsfrh9OEiFO5sXg-9ZjqA0OOpKwNOEgsuuYU-zGwS0W44RWMAPofUig6cupegjsucjVnP8rA7ntER2ckhHbiedJFlmKQCvyZkrPyzly3Fgk8ZEyIXEKbrmrMDiZjdLVurjFn4n28GVDtFmy4RDoo_6SePAaE2FlbFuU43NQHW9DxlG5pKbFlEwau6y93UgZmeZgu7iwA2TDXouiRSlCL_5YPQxExMe3SDTcWKh5iwfohuvOORd9KCj-F5Qc5ZfSyI1b0gu7Kxaj7n-Pw1wCTHJ0-eQJKXlfOEIwOtahsyRO2YGuOHls9ZfvyK7Ttm8dDg2amr0GhZ50VIqhSP3YqVz-WxEjxPyRmcmmQWMuJFfaV41WpBAZNZKTQLTDBvnAiMu7cHjcYGW2FHTF7aarUP92TFa8XICQNZWaUkfl7mmoVyuYCV0NM2GXNrJ5enWfP6rexNGdNaLZKvFsl6e8s2JOcrdyT04D3RDaLZL380o3tIF2s52fOCoqD5rSFN59p4iSDa6soXsZCCrHXHNKhk5p4mKMM2qfX4jPzB3VdYD5kVpxgLPcvYISPtif-eRYkPPKR6RsahZu1k5wtFbomzLPTis2lh4XCmDeNRCtFlP8k_GSZGeJOlSFco-3i_Ed3zFwC_vFUgCrzKC5t24FgPpBYc4STt2Q9irobzAdT6JAy38fXhbJlJ3Cfxk8rg9U_wpoIUtG_D1dPPf6641NxC16fWOrBS6oUcbqle5RXpP9ZbLXaC3udQhnCfq3cLtbXXQay8ufePe2ZqwY9OCziRlFHqYl8pWfp83TM1NhvuXzFHOcHdh6704KbYnUArvAP0NeL3CBNxuYGpFc3PgzozdIPQ_7c739NzYermlv9bcy2iNgAdlM3dKWfu3SOoXCDLmZGX4OAjqxy-WtScRce71F9Ib2y_0kYnL0oKwoYEgG22LtvmMJnBntVtwJWzT11SHaQmrE3bXUpilFoFa_jXgG9x393UdguqLDXWp0UaNTynaULENJNR8EdyDs1NXr5aUvuzV4akAwSbbCbD9-ym4odWsoxlzSTS_3txDzMIDi9p5czWeQVexq8mwlLJCSiVak-kOpBZEJhlBnI_ykND8u0XVs_kPwLe-xYDdLEIiAlPUplsm9WuwWlekRUv3F-25Y2YPH6dO07C-DcNnOs397QYQbbmDbYMiJ50L4_PCew_H2dkBRrasKsSwFb6oT1DzRb4nYwtQEEHLZAUq0ffg0eD3AtR8VBJq9iA86mwyuJi2soRgpgzjpdbO44fWMZfkWvuJ9i-dmc9pPpcqgFp_GtHgdxDR8a-aNlWWtN6TGYQCybCOBvwpYXGow9On3syoQjt4NvqGe3MdQYzZocOdXqb3cC9IbfkL_P06IIh_YzjrsmKLWRUB8ejAMSV8JtcMa3MzIHiF6hkFzt6hxMNRaPPucs2bF1uAktpdmR9KoYCrwighfJ1Ac7V4SOAZqIflrC6LxzEEixU_KOD8C6jHKIusX7Wjo7knNo8KLosp_Yj-nPAWFfn6HCKiYmiRiOM9fnZI4M47HpiIATu17DuQR_fQF8WGoC21oCfK9isAanlvCu0wUiCZAfZmxFVLYF10XhWYqWXh_rtxoHL09Go5wKP6MOHZmBcgEpa8E8z3CPNi8MMxtWBhCRoyu4n_J5Oe4s1T2Hy_0FuypfgJcBvW76M12a_9z9Rg5G6Qr7IQeNSAMu5p_b9faD4lTMMVztWRFQlof2OMQOp-f2Oi_uG7gecurJoR0VJn_TuCM1eKU_5sic9BjQd9D3e7LRmUJhCePaZj7-3fMFWwdwzXX9pxSsx2_WrIbsbhsKTqrruaYCXSonaCyjeS6GQX4hegl9s1bhjS8HF4WkJlG3jaUcVGrdgU8VfCPX27T8w8R9ssYW0TnWKb7QJWh_C2Yj-tHqjqenv5GtJjiYgiIL0Dbw2vnKHrt1yf56TcgEzVAA&cid=CAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ds=l&xdt=1&iif=1&cor=6119218896691053000&adk=496764934&idt=153&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97868
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 13:52:35 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5AEE 41 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AoR4oFeQVWDSlG1aIdNhl_mOUkBkT2iP4Oaz3F3RjeBtr8cNIZ_BZVp0RUfGf_T4gpk7hbm7YxmPtNiNSVUq5zNAq4dRjfeseRCzQJC0ebM-5jzBNJ2ZuXZGBKWFf6eYrfvHKWH1A7YWE0g1Jj2yIsTeHoCZa1j0wKo23TAvQglURcsg4&cry=1&dbm_d=AKAmf-DH33L2Di1aejG_4scisEPs7-4hG6l_PMO39jTn9gNwj4MJmAVJKXRFF5YCJixA7qg8e7TwmOAag7yBzG9fgIJ99LgupmbLy87IOSQBrTLOGm7RjBDemNdxHsG6rwnmDGiYHiVhG13L0fy7Tjm9hSoye5Qq4TIFCvwRC8LW-Pw4e2mFCZq9TJLwCUjjJfcBH-58WcbrQwtEGJIww_l113HG-i-LKNrEBDI0PvAjnMvgwJDnKjPkDaWnnKH_INCkQzyPkBBnbY4-1f8J58V2BErzZySba5KmXwzcYMOI2iRwXeVEzbTnDL8HwkJFRvg9IQ8prB3hJHrV8AflOqMm253EJn5kOXDik4Hul_jqdZGbXS-8PKwuYXJfa0bNTQ-GHrrwfAneYwKuekNtBO5oc-Q_g_10d--7mRaY5wwzeDBMeOGSmWrsErYaESvvLKRHzEdZW2j37ffAogWuvRc3CzqIgGzJiW1FQn9ghEbDMEaRfzVezl87RF3rYdkfB0ilBEw92UWnsqfFwCdPupM0g1nsfNB5g11-44fAAgCg9fiR88_RPoTAIhP43HwraZjwvrQLe6c5m_cOKKQ5TdiccE5MeNMSWkgdYuRquooYofzVolBAoZmrVK4txz3KVnzcY0eZK7kZQ5p3qCTZ8gFW7Lfx8RS23ZCzkYbdzvIiKeeNo7J6O6own05NMADiOTpRQBUuIzG3u92hh7B9d1hw7qu4W3e4uzNHMkqYyxiORlzX63UIuclx3kl9R-WHxaDveYBReecQ8dGhm1COMn3kmG4YZkvH3_NsiJKxPLxe9wzo7D35Kc--7l2Ptkyrx4w_ECtg-YKGRZePRedBUuMVch6WId5D2NtpALdIEgfMC7LFvVlv2BN_BKta1-RQ2RQXhMcV8-WPikz7elRlunEix0qabexNj1m7Lu-a_FDuCPQlnVIKsp2Uy5F_B3JJGGJWidBM0kAgRzMJtoEfzDMUK_S8zp8ZzgBo-9a9lD0tXZK_rH18BGuYqqSV9B_3KX6EKpHW0I23fx-siATNXGsv9pFo3VxuowGE8XMhEtIsLACGUE-fOXgNG6QHWl8vUXPBLe4JDihlHpfi5A_ZiaR6XOlImA_7-F4-7Dqv-P9jKZavysznWa9LEHxeMp5ThVgSm3HwwpVLEpxO-jsYEhbW457TAYBijFokh-0cIFTuhtsiOUBtRHWOLYx7EFOJJzT2gaptvr80zvEmqIRyxpSsdqW7RFLZ0JGy746F8e7bUsyMPuHSMcjsd9vU2IzPZuG-aiWXZpZgyU7FM9XnIH3MZNxtaWfbUC-e1hRpbCjf4pQlYWDThRKgydrxMv61jBSS5DrKdPKk7nO_hv9YAyXSomzUEFtE0ZHEJixofRbL7VdTast2yZlALZzoVrn6svHKGWR6xCHJQCC14GZaJwq8HOv8cqHFjW3WKIcSRXiYbiiGWxa0PZtVucqUCt_iOqCgV6LC5bGrQIcFR0Em26TgjqJYEYARK2T73joK-dMRv8CsNQew6O-j745Cq9T7Mn2VlBIElMCzhW9utJ8qaz9eYDaYDpiZ11cPAIodrAFGMk3HnlwdtGOgVtWZ311zt3TShorglPoTqWXJpOQgF72pqnTGjFOf8hTKNSWpB1IXgX-usVnVZ8Gl0Fa7P7OmRihVUUpmAQV143fkOJ3kuk3nnY2wMxpN87cg54kPgJy8YGGYY_zT0LAIMEAJzaKE4c2spUoPzgoy2l_BBMkNWaYrUN30Kxq52hAe4G-9anNP7Hznjl4Q4-jJHZny_nPQSGJoz8ZxQSGYeemRjylwj4M0Sxmj2COHikPgdhV-RpgHQHtqi-2n6pW9mAvm5ga6kuus5iy_sVMNAMFgCNG2hM8B0s6G6RrelEEv8bc8JaKwNXopmpiVgo-NEjQA_s_vNPWvJqXKc4RVI0zJeWb5wdEjMDyckDj-gFkYXssGMsT00fHlls4euD-JzPt9KI6GrYfElFRLq-u9nMS98W4eCl0vjd8_7lXuHAoWODrJpq5azSxAZOwnSQGw8XXMPdeULSbaUkX6Y_n1pxlyk1NnJzPn8sEZF45jCL-3JOPhxA5bSc9pT-lASqPXruVRvNhQ1cFRDKs9vPygHvfwTFhDn676UL052tVfdnUD_wzKpm898k3XcQ2HMLVG0xDe-yPTNYEbSjD5aFfgUB5I1WgEGnOomHLMa_RY0xTceR5gbHsddyc-i8RTGJW1WZj6-vQsIyQqexdriOHYg9sVgOa8pTMELptjLfx2fpIeGnEzS3z2JvCHp1_KiBwyR1UNQigRo6V_jgQyPU8CecOIoVHMpaStwv6FJ-WAVSEuUn45l5EWJYjUHTGJrRHq_8Dli2Dyc1PPS5gPauNPEX1E48MQgXFbdq21deIxopw4SqSa51morIkjWLNbbnCeo0RPONyceGC8HpHTJTqDJMKl-E_ChjXS7K93P6r0cLRoatqNF1XdMq5IahYdIMUTdBViCa4Lznh5pwq_7chIi6zDGvjxTK-xee6_IZMMvwPByYdOa7nh8z0lpQ3DTVrOc9BeveJ30jSB7sPNzGVIkLDzcmKXy1GVpdUWFlhU7FAjwWpqWdl7bw0afoVFQ1d5O6b3dQBLF-jmtfbhZ3bfrn81XIufVaVsuPmh0mKpniegP9b5bs4JF6voCDbcfP4zQriEZBllDofENKoBQbVQgo2OZH6Unavc-gR9zFt0fug_y-acDug7-alCYal7n5K0UFg1VFt6KuWUjuMfxPPCrjim52Vgs1bXKz7jJh56bgQB0IQzeP4C53QHXoscLC-TekXI6chpqs9zpDYHjS1uWuH12I150FWGKfX9KfNsm3ODftbmvO58OhVHmOFLwluWC42in4ZS1UHLvyPD57gIgtb77xsfqOawIOnYIvwEWO6xdXAqquCAU1tpCA8kJBjMz4IvfumxSuE7JTGlWmj0PtahmKFguDvfwsUdjAeEf1dXK3zk1Rx8HyxQNdCRBJrojSfSBF_-1QwCqYBXB_i0YN1htR8d91K66NzD6NLCgFXeXXjjDM6mairut-TKOGxbukJCSixvB4Cowrto7sOoHZ2y6FgLmj2ePRMacqhJo6_aATokPyCPqThElz80jrnv9R9Ppf2ffz8UlzepNOJowNUcf1KEF_SfysE0Pby5Nfv-KxX8VSIAk03cVaKT8nxsgU8Xu8OKyb00seID4ko_Jn25BWT1DM8UPEcVfWj9-kqx8GGACL-5ORoMmKwkYP0Hop_4tBPSdKgsfE9dPW9qOuOJ_VOMTakSJB9G8ecQcYroMdTQubnwdAdG1OY8R9IsS22Pa5YMDt1zvYXAaEb_9QmqIdrDelPFt_lOptHE69seAITxkzo7YE3bCkaiWWCrtQ69BXelkNH6QwLOIBsHxbh7BHjm2q1MUepQM2oQlWafZ4nTDZavEZX3zon6Rsv0QpvTpRFeyLR86_ce8eC7oj9YVoLJsfigEWSSKkHFbOfsz1WlSJWH8gDNXIzXC4SzwQ2ainoqo5P90QQePtb368xLENZ3KPdGxiehsMPGHk9kXakzZpxjzVPN4gUyDgSL0aZ4H4ZeYLYCi59SawYPhV763kHVmbHU0amGFfBUCD4mxCzfoyw06o_1EYaFe6fAbHdr6k5L4_baY3PcEXhDFbe00-vQfGa3RiYlDHozTssNEbi663ZYr0k6vSyS4Lna_n5thrKcedTiFFaN-XvJIGtejl8kHeXA0n-ywrpc0G-B2TV66-w8qkHkUBWArN2nlPfBhtikQE6NzezxhWpho2nmXyNj1aNpZK5DCPLaKw&cid=CAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ds=l&xdt=1&iif=1&cor=9179555485740904000&adk=2013371551&idt=154&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97868
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 13:52:35 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1ABD 41 KB
15 KB 14ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Du7hv3pP6ZY8owfl32CTAQt8srESkkNyi-5eR4rX-czIr-I-iQy6eg-0Hx7L-p9p1dPPURRzYibDjeC6GiZgeeUUZBIT124kBV3Chg_cO0FY6OYHlJpM1F2ys-43sz7wtJ7Nso-5BnJiVGaCx5Est_gH-o9ZuK7itavx7PU4GSPt5kfgE&cry=1&dbm_d=AKAmf-B4ipdIEPRK5kz1AvEF39C7fnfr-SZqMn14E7EL-EIl2PHx8YrEwQkSoXQPpg9vlYHqxU_Z3k7VMYUIstegOv5XB_RheB0aFy62hh3DsKA4fE11KoOVD0xXsrpkp5Y-vENwjw_49dK0ubdIQeqFsELjgrDQJOP5EMQEFe4rdYZC-lSM65IU1OqzIlas8YQTwRZsXdAlujVlracNgCb4siWDco5vPTZM8T_xoIns2KgWTLopJUVKe0BGH6spwlI24kyb0o3lmXF6OPRD4xsq-lGawN_hNan8loh4750L6-ypWqIo-UmHuq7OunvOEuW8Jg2nLof0z1oi8JbX3WmyhzcQhSiOmJOan81S4of3L2qJoReDp6ww19-4bNsyQZLsvgLHVTuUM4BSACdl9Rhkq7ab1LRd0LCc4Efr1LY0yBHs3ZtDMgRgYaj6A5MUbKTl2Ftzz2kGhyf7eklYLatl-8RAmCQ0WKKOeJA5DOJhq0H7-NLJ9alqqSKoAlzHfTWrCtnXJHduhZr-E-uIHW4KPkZ3i5NBnDxuO1vmQ4U0Gd-bugKkFjE-EyGdTTlPvS9BYxM9DJ33DDFZbPFKenQk9Rn8twT107j4Xx80_Pw0Rr6FRAHlsCBbBzzCVL-_p0IRW1LkM0VxnWBukd0oGOOCFT2nBB_pPe5ef9817PaI6xS05VrrSJvpi98LAil4qn8XAveou2W8c9dVJ9S-7MO91Cn8umb0AG-lYL_RcqLYKAlnq6EnasjLZDYMHfiWEwHcS6ZXRwhZSX4Oej9EtszegRc-1Sp44RvmgIf2PQNJqKT55Ip8oK6-m1QUCeVQCR2Alo5O6f4Ej-k1bfF7jwu9CfEpcHHnfJY87fdXp0U2Wa2RTeZR97IlilFP6EsP-tpupIWZ28YvB54T42W2cLvMHgWjNKoannhYv00hiS_3HO0p2H9ubEXY9oabdL-TQRvevWWKmEcMpnUM9vqS6gAzYIZW9KzXpDDKXJ1xxQ6168yWoKeY-cQjdl5-U4-t_C49CRv53xwdblnlB0IkIzBkKyoqE2oJAKg0QKPvrzfS7JkaR-HIuXVxSbtlYa0vJqLgChxve4wBh0F-2bu1ifk_tAYG6bwprzHmJZ85-WL8sangCCVRd2YtqvYwyil4hKVBGKAHeKp0Ppw1hFmWJnyxZSqc3Y_jHfuURAdPHzcWw-E7HPubzIYDCNZezlaHmMldKRbhM7pmvalnRvwd6M59vwuj8Ig-4N1x5EUq_UL7DwTAxSgaBnL3eQ0bS-VFRMJhHp57_XdSf3lY64yCePWle13X_V_ZW7BVqCV3NdnyJ3U3-NgDeb4k_-ezQBq6058ad34l9cg7xpIAfw94cEDfzFgBKNJkC5Xs68rFvFbirKhJVMqUhx8ZXb_84vuy4nlsxr9BXY5OPt1f8km-B0YiCZWeFtmEYtKJEQbOk1zRjhN7bWYNLChxOohaTb5ZbaQ_ZOI08uExYDS-i45JPjZfznTyTX9nHxOvowKuvEjVqKgg8Dnnu--GM7MwYZd8qT8ICHt9fUg-HLn_d3HvrnFWoFwhQ5hseHt3RNgD1Xo2nP6H-3j-9_hcq_NspXJOH8pU53UjSyVNMLIBoJ4_k1X0a-XNTbkYNVQpmk5Zn-GMjHObEeYJ0Zu1g7w_OO-94L397PygmPEk1f6jz7ZAXmlqkTVMTZeV4kTcUoJ7Cdmh1UhmJA8SXiG9cVhGPjqhR4J_zkJ9kI1uKMoJnMevsbUVMa_XqEIX0Ya6yj_yIz8Rp-szU9Fq09o-3vGJg_S3vaTuUhslDbWHk6yjlRJxRFyixSRSeMgbgZulX6PGrvKrcdoFyNdrK3f8iNkTg0NcYcVoAdzwNvY1wZspx6hDl67uInXeboYQpu75lC-im3g_N7MaspnLjU0MaaZvoftmUwwg7ef1s4PENfot6mMf0FzKtoHPEWTYgbsDWo282dceZOaYfFzhFmnGVq24vGKh3VFx10nFAHP7kTmY0MNVQ1PB_PKOK2rG6aY1w5q3w-5mOPGmaS1OJeGKa1KHO6WW4z80_jq5auhEvM1O2iwo0ASSB2g-ARnlo9Yl-NfsTvOtygsyO4Zc8GcB3-HbVj1UtlkyIEcUN4PXxE3Hl8t9q8vrUaooe2e0UU2ljZZyvQKpkA9gMplNr_317Acuwh7IINmSJEQvaqgIqgqkJTXpxZ4ygCTPZFJto_WfsZMfKfQNokoNW6DYC1lU3Katbzgh_eoYWRNm9EQPImgiMl0E23Dg85HpS_36cFk26_1D_OBrAUVMPo8UOKVhJuWbNUgktw5H0gt-ZplvbkvV326MWj74V-W3lbqX1FpK4D29eVi7QK1uve6JXPzMqROog93DNwEezxi_CS395H54KGvsRyFhcE0Mp6ZAiQ3bQQbroqrPsycadU4856JmnMV1NuakVBFLMSOYi7Vh1OiaDlrwL8xILorlIxioixAxB-kv24cwF8srR_gZFqzz2C4TseLmmTWYokzaGCE4UZXVEQtPmYGdeSxzFIPWJhrcACwyW-bvWXy6_4QssyQBLnaeBWFu2Fm_dWt1mhpQeYDi9mSYO8hS5g9ENCdzs3Wv3kl1FFClv5exMNcOgo2v9oDrRmKqEbRPhQ3PRW5BKqQ0qZa4h4OBm4Qbu_F-YY3T5Ac7nFJ3uTToEKP1DpxSuhPOza8EEODAyx7oohVNh2EmhuxYyB9dxEGDP-qfhBAVlHwsc-PBXJTGTOYn6v5yBj4PjEe5RXktE0kTQlGS9ptabKPiu3C6qQa5t6XcWfslx6M0x6x088rrj33WLnxZAGp8QF9N65VAlXLew-FwLAcr_19u_mTs49Ap9BQHpcg33CKUDAR4rR9J7qbx9P2f_1oGC1Wxu8cWxat70rIlHhp8hs0QURUT-lbl6XmI4cLFh8pF-OcFYMUwlg4g5__b2geEleyNYEyBBpRFBj3G8ML5iYBWivll2djzeRRVoO-UdhjWzK0FXOBtVnB-ZJR7DaNtzPAM_xVqMyoTQsn1pClAyAwHQmQpWUm-yE9OOqidOvBBQjCK_61ICOtlZf-NF_5sLmkWpjzzsQjBixULlwLq0JtMIIhoNkeC6p7BLzqvDXOQT-8ZYB1S8HXl7ASOLiOru3fdpcc3lyKmItFMhjXCZyNotM2Re-RZyBd5TJPDg5Rik8DaxwkGvMlNBr0FcpuloaFgf3rSM9nJDkM6QvbcG_SvLh81IMaQjNAe-yYj-RR4WEySRkJv3rLKv1m0CMI4-ik8Jx0X4zionBAkznfDs6bg2gV70_ZagKXHwbfiIVZlGUnEVZRDzRb2UOteJW3xKG37_O7jXN2MHB3mOoEb_ShluyS1eSodfYg715ViwA8uvh_Uj0TmDLHF0PeoL6n0RXY6apDP23EBzB_d0PZr5f3A3a4G8otTqt8ooEixaInhHrzYzDOrL70PXqQVLi-K6rS_q7Nd5xU13xChpJ3AMgeeJ7dWKgtSmJciwaFtrsjHh6AJXFKYHMBihafTIbdooHvXGLNGb1imacP0N9H6vo4a9n78q9o2rW8BTQG-kwdXDlonyhH4UhzWPegv84ua6JMCgNmEY7BGdHHC0C42Tj8yjIfFoVuwCvq3zSl9YHvx54jt1LR9ddsfd01e0MAt4i5wKYWGpkzzl4zT1wlwUzpL7K_Y10_DMzelxGvm3XY_0SVZ7fpIOiVZDufgmY7qygT7SGfD06aSfFaiM-mffTlYpMptm3zJGsTV6A6eYas9TdtCfEMwI2W6JHYfB_Ib6wYOx8ABNoDgNc6lAaSEFeLRN9tagB8kpsy-aA&cid=CAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ds=l&xdt=1&iif=1&cor=1980630504628841200&adk=2265872549&idt=162&cac=0&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97868
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 13:52:35 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
707 B 18ms
9ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Wed, 21 Jun 2023 17:03:43 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 9428
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-eddf8230110-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1687367023.271978,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 20
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 4045

GET
H3 200 css
fonts.googleapis.com/ Frame 773C 5 KB
682 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=14047100088712104444978012362014&a=915b2bc3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Jun 2023 17:03:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 16:53:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Jun 2023 17:03:43 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 773C 100 KB
100 KB 113ms
89ms Image
image/png 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=14047100088712104444978012362014&a=915b2bc3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: a34a081b7c69de64cde1874dfec92b71c56a7bf0b69c2fbf7bc3805146ecff85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:43 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 773C 81 KB
81 KB 93ms
70ms Image
image/png 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=14047100088712104444978012362014&a=915b2bc3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 0c4134c8bb7daf3ab651ddc864b206c7d2f8e21a1c88d988d30d27f1f6049746

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:43 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 773C 69 KB
69 KB 144ms
122ms Image
image/png 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=14047100088712104444978012362014&a=915b2bc3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 32babb5aa74c35a0d3feff97cc25627ab536ef44d3b99d317aea296b31219a78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:43 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 97ms
97ms Preflight
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.correiodopovo.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Jun 2023 17:03:43 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame 5400 0
170 B 105ms
104ms XHR
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Wed, 21 Jun 2023 17:03:43 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 vpaid_3bc8d9fc.js Show response
vpaid.springserve.com/production/ Frame BA5B 521 KB
91 KB 65ms
8ms Script
application/javascript 2600:9000:206f:e800:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_3bc8d9fc.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:e800:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fcc64316c5f3a1f5a4adb8183f9bdb4cf1c1e95713781e63c9ae243877f62128

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 15:49:54 GMT
content-encoding: br
via: 1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
last-modified: Tue, 06 Jun 2023 22:03:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 1214029
etag: W/"a29292a78266a1cc6eb74cbf0c848fb0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2678400
x-amz-cf-id: lkfjOW_5azPnjTt8w936XderJ9YjfDmnDpJLd07vFAxzs7sQ0jjH_A==

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 0222c204667789ce9432cf06f1e011de.js Show response
s0.2mdn.net/sadbundle/7574746098446268149/ Frame 7D5D 107 KB
30 KB 8ms
7ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7574746098446268149/0222c204667789ce9432cf06f1e011de.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7574746098446268149/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8029009dd2a58a3903f200eb1dce076f4d8a7940f9fcd29f9fbb32b2c4bdaa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7574746098446268149/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35845
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31008
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 15:49:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jun 2024 07:06:18 GMT

GET
H/1.1 200
OK wmoiqux43uzw Show response
hal9000.redintelligence.net/zone/ Frame 8F72 11 KB
4 KB 38ms
14ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1687367021515732&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLZNTbS2TZJS9H9zJ7_UPyqKDsAim5b2gab2TnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAs2exV2lU7I-qAMBqgSbAk_QXrdcytEbzF1JY2M1xHmiJBUL8ReBmVoFMlYtc8vcL3EruFPunlOYKjW0ybnB_iHpsikda33m8_rqDsM2YpSm7RtllDoB6vSfUKl9fuCNzS6bMbPBKhJv8pDaqvBC4pFncU_QdF8M4VqzsOEcb17zZVEkNcwtfTEGOfLy2SKrra_zyKHypzifa8wgiIRyjUNyzmmKm1VBhrSEI4uRNJHu6Kmwn8O1juKLVs9B2I8zumti6x8rSV4L-kmWy9XMiT_91MIf85LHReb99s-tWdc_qPM2NE9S3mXDRbWuMyEx_IlI4d7NcoIPJFsLUQufDRY5nbH2yB7I755OPRwBddhxETB6SgXN5vkRhKs5tRTDF35g7WVmueOBcM_ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE%26sig%3DAOD64_0XKIYe8XAz4PvqqvFZ93Re-R4QIQ%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-DYSjJr_VaRDYPZSSDJOGgKi_S6wQkFkvChGvmWJ-3cQYzb50qC_dvkzonFxQoXe98wnwsTtJC_VD9CSQhEg30tEz1BPGWupWWOCVNT8LwxVkSIy46awAFjF23walTWcY4fywy-KsBY4AgH0fxEv5_8yjrPHjAOG2LvuL3EG0hK7pqf2Lg%26cry%3D1%26dbm_d%3DAKAmf-D3ToacVBzmNWqwKi9XdgZJrH4y8Qujsh-tDBn4IYC6hASKydz6IA3DaAPrrd98nvNQRqM5sSMPIFs7Sl_88hleuz9evLJauExLQiCFDdUYz-4fYP_r8C9Z3YpsRENCgTMUUGyhUKfVB3yNZpXJcc8zOCDDJAB-mnX5NAQC0Cr7OlqpM_mBvO9i-Uddc4LwAywjJYRjRRgaRIPaD7dmr4WFQ8XbCc1jTh84Vy5--rTcpTwMELNaUXJDnZVeQClDmX4lGSv4ym1X1DZkuVPWUSJ4BdcthylRxEbz7JTTJivqFQXzwr7Su318zf0wKmUNi0GTbVu0MUKB0autEwiD_OSX7bC_XX1U2WW2Y9QBsiETCAe6wBn9EBjCbEHkaiSRC3FjrRNDy_S2IRMbzN0QJnS_dZMM7NEtuypw5-zM30W4sDF5wSnxyJiB12KyPwtRHgpf3I_plbVnoqI0DXfSrsQVIVLB_oFQtZT9ZiCrINwSonqPLw6rNtfCwMCOMraDX6N2XQlcSvvhG5XkBZB1WswOrX2Ckqa-m2OkEUWVWknxAFlhHkrIRBSP2Rrkfk26Vk0gtFUa%26adurl%3D
Requested by: Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e7259511931fbdb6fa52b5119c2c4bf68804ff635cb6efc4c139ed1204dead04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:43 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4173
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5358810056708269933/ Frame 6003 15 KB
2 KB 17ms
16ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=93KdxgAicU&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e00636ae85753830f398b2024f479648576821eb66d1d5dc0955b120e60cf2c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2269
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:43 GMT
expires: Thu, 20 Jun 2024 17:03:43 GMT
last-modified: Thu, 16 Feb 2023 16:32:29 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D449 0
0 56ms
55ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuWXM13kU2WV1Qkybxw4GtyVrDOlJDYuehKalC5EiGbF16zMTVMQj2dz2t-ng48BzFy0q9K8FQlhPyOeX5HGZ7ksduqJip6yYAKgiAD3S-N3EaZjNx5MR-_slSanFpjhjXETBMqpyxF2naLN2AgCZ7SvZbb8GDOng_ZveeXyvDZosaa-nijBylN85mOnxFTOnqeHe9Mu6QKdwaPw_Bl7YVDblmRTOfj7DND3xVnW5DSqE6wr6h5kwZrr8i9aH6gkKY_ZYm--ggGlXslvVGpNwFXNxR9J_OMCvtjYu2caNz6NYwNcMMYC_1iVVBCqgjSHfiwOb1hXtV2DQTL1R0POaTlOcDTxRPivlZiJobn-u8zBymG0nBni8drv9eAczHh4Yqwnjoaios60lXNF2djocsYK9-WvhWw85xooLKGAjWViLguMiH2Dwqw6v7SXYHFhx7dBNVHPoITk9X78iZvlrKo84NEnasqoueuEv_qd5Z-39JKn3Wb9SiW3qUo17gZC3bn9j2qduZ8uZnMFakRmpC3B3yS3QEKFXT0SbZlR84YbBh60cvyiWIyNvmPFpMDbOI7U_GKzeYgYysWdOmtFS48LCAQFkXBLS14xUJD1bfWDWO8KMAbYSJlkyzfKSvjLuYuhKanDR3hGB4Baq4OvRVjXfJowxHHTcw7hApGYZSY9EgWwDrJBFkYQsqkvWILeJnJvc0agT_nG60tCSXZWJUsTt-mo5k-dsQoBGbBBVSjIBgDz75LHGERYwEi4m8wFysgA3j4Hl3ZazPEj6WQrjL84heTfx5zGPp2bEgXL81T2Qg3yad0pcIxLp12DEu8ewJADxRIgdoTqNQX7L7ftDgy1So5rNlUbaOxB5uZByOGcNZ_3Y9CEgsKq-VuwEdA1B-ge9UzxzioJrB3CoHJNWXENNdtAIBGpyxt-kDxZ5wk23vETB2nzSDHNGB-9JFT0UzT-dIYoe1nkiZ0DvcVx1cbve5DyhEOjShEotbj-X_s9RU08c2VEk54kUamVNyEbPZ1YoM0m9ghrUJ3CW1du5icSW1tEj2OI9_RP4qhdk7axtBSdCztbj51vjhLnt8l4IcFpA-m_yA_ULkVcam272FSxbPrrutIdtr7p6XPbiokdeK9pjFBk9L2Gx46baDQJ_-Mcagtq_N2Q2d4_4nC_D0JUmjkLxa8C4nOrcjXIs_PPwy2KYEiLtI7laYJ_loc1s-aalJGClCeEbxCJn8loIzMh-XAPrd_gI9DQi1tz8wt9WKvNs612qPhjTbJNLI16ByVSv65Qr2CKO4hC5V26LoryYz0apR9LGcOfnOAzO-d5nlAk0QHs0pa_Wj6QvmFsZFtIOq8MTw7yPGEeKBOGCSZNKdLofHgTYIf0qz3aoHXQPJqMvFrPpLphg&sai=AMfl-YQoFu9wHjjapwfHwVYZ2Dl4zNdnMDp9_mJYz4pm703a_jBRjZJe9aM7qIlkRDK8G2M4ljQPxFIlWC1vroWeyJtJDFsh7b3_vEOxNnWk0f2doY16iEuzF8O9gEXKYu5FmtNHEzli-UBz6xEc8JsaRmI4-DBNNpdfwViR8tnOkq4yXkoGAtDoGW2CayKz8c-LzXZnczat1pMKNupShnATaSSweTKhB_yBSq9B-L5zmBUiNxy2dsTV2H6rKSaBaNDvHIGcph7abHrlobFyayTl-7uAcc9mSg5S&sig=Cg0ArKJSzH98g-zaMrt2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=357&cbvp=1&cstd=348&cisv=r20230615.82797&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Jun 2023 17:03:43 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:43 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/ Frame DD83 136 KB
45 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

281ff524d25faadc640852c299a49d97a38a84d14e8caaa3be48018f09d20d43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 01:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46508
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 15:25:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Jun 2024 01:13:32 GMT

GET
H/1.1 200
OK wmoiqux43uzw Show response
hal9000.redintelligence.net/zone/ Frame C65C 11 KB
4 KB 39ms
12ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1687367021515734&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsAeFbS2TZJa9H9zJ7_UPyqKDsAim5b2gab2TnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAs2exV2lU7I-qAMBqgSbAk_Qgd_tEGKFlctgRsfqNLXaTUl_vj2z6zNYR8Zkkaj1GxBQ072qf64yOkWFZQ243VmzzRiarACnr7AuyMdfEQ4-IgLOmSwSBtpp43WiVu-y6Hj8cWWyZjkL8m2UNmqaBGj-pds1W42wKcn-KqR-pRwS5KR80Xhdk1GEGqr4x_17HoyIMxKM2ROMZefXhKq6q0s3mpmtGj0-ykd01Md_ZGeZ6blxdcEquPeXjrXju-YQu-ZCoXz6pr1PXhcQGRSkrY7AK65izpPorVGGaCS3B20QDpcpuVQ7gOoDkNxl93T8ZOn1WwUSySUIQuutqYv0e_d8YnP_9NVhQlQdfADiVorWQavkFZZLcnW-iW84vtINc57H_OxGsWcbKYzABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE%26sig%3DAOD64_1aclOOU8yXsXGRpaec5BnRfFapBA%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-BGJa8VXM_HhIjbAfJp_-UIGMdw9dfYCFTDlhVM2sSO0M5jVMqTb-aBQiQ5OjEW75G7GsvJosv9RgmLxMgv4hp12SOxpH70gBiYsEKwYufmTESC3YDMDZHgegc9LmHJFocdNMu-sDrozaBLBHwJdmjVKAVozhb_5TuX1esfStoq8Iho-x0%26cry%3D1%26dbm_d%3DAKAmf-BIgVhcRWQeEYgDPXPrHtx5M0dESQK8OxXAYnIeDJdGJ7CyruzajZOITfutAQSWBiuOuTGRk4WnbB3o2ta89b19frgkU34T08vzROejSeDbeS0PPG8AHfIOVKK7HAzcmv7ICXG0RwzaPKyXlSsbuK-5MkewPSI2SbepKeKEI0ZuOBSJxSorxVsEZ6Wq8tiapbbMFiObBleFPMbfRdMC2Cy-oMkz5NiSQN2pN0XBlHCb0buR5QrxcxCInUEka3iJxR54HdSHVdQ8SNxjaBnlOKv8MuYFjj2e1vqbKToxAeaVaawWAbHuWlejwRtqxSx882YQxuWaOXCwIoenhb_sxFNL2l5_ZSHsVIoVH125ChtyyibuFNvs5YlbvZRGAX49fnr5byMLmuo3QJPkQ9kcOd2TzSXfxCh4pLhEEuBuGNjsdj2XyAOHpZ3bVrpO5IagtyJaPN9NA12r3BzlTiYoBx7ZnkQTFoFOgp8HW63Qxy8nwkYS9LOq_U1GRCkk4ezlZ9WLtNqHEoN_GawQ-dAGXTIGofZSpSRkMamQXL0y089QwYdjyyOTTdWEJbYN569gwRCBYhlG%26adurl%3D
Requested by: Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 8fecc2c0b5f937995edcf47643341ffebb2354d8f6682f4931d79cf1bc1ee827

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:43 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4168
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK wmoiqux43uzw Show response
hal9000.redintelligence.net/zone/ Frame 5AEE 11 KB
4 KB 38ms
13ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1687367021515735&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9kjqbS2TZJe9H9zJ7_UPyqKDsAim5b2gab2TnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAs2exV2lU7I-qAMBqgSbAk_Qg-WyXmMaSfRguCzqXLL7udFKGCNkBwzL1jfl7k7NqP43_I6QT45ZSY-RBQKU1xukMkLl74VYN-V0WuLhTzYFd_wJR2UZtsXPsfH5NqeBNyNfMTdrCN99rhXbj2EXqhe-5EgX5LJLP3HICpuCiet0rohX7Aagh0Tgg80-gx9Frr9Kle-LAZcKhr6UqCvV747Sfwmq5LutvaagoBh-gFTtNuO218aQzS2uCwVnY2Qf13dNd7HGQit42J_rBaGv8aL14t0g8Qdt6_oHzmGLGwiMelJBdlVkadLhY4y4bAh0W3QoAbABIa76iXeonGG_N0l0M_78B7Tv4EW7wAmXknxcpCw_z8Gde3UQQf0tZbEPz-3XX_p_hI76i0_ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE%26sig%3DAOD64_0rGe1bPMRkpeoKoVth5Wfbkgy96A%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-BJ5oTs_Nn0DIXDt7g1VA9oaNPKRwHCjGBZNyq7Ddoq-l-gt03vm5l7RAk9EbDBGGzSUuQIOxv2a5eRctz6eU0TCBhzfY1EU9zvswKZypqKHrYrrtjGmcTQSYHsiFAiQ9_iKUp0j2WxW32px-Pk7lAVWw2dS2-vdHRqUXIYpLc8ysvfryk%26cry%3D1%26dbm_d%3DAKAmf-BaJXltT9SJ5wwioxd9fw4Z-tHUsE9B3Oz1E3Y_FWeZzXpxMdOLxiZtm2i-YLpp3Pky0v2scc9aIkt03CQYYCRgMCvGUt4aEe1y8cv3ZPtC1vmJzJW_zpSmfW_Mq-5KZuC78E0Yve0hRuxOl8kBKLLo44TACh4IrVYiN-BZ907rJMgGz77Yb4f20MKL4gDn-jzaW9c-ZzauUdexFXyatkluTp3Sapb74LnEHfhkTgxayDrFv330RtFKt4sJpn3fytcfY6kJPYn4AYoNzYrNok3_-xZxTEDbXivEHAbxxbVFHjfZ4F38MdOIq9Ggxs3dh3VBkqXb6YE99ZrIW1-mmOnclkc34Q38Io5X0Ua1GmIvENdPVJMDXTExIeZWztUcrRPHdqQm23eDaZnKE2xz8znfP3-ofuh887r3zYbImBEMM_Vs2OEZikot1RHjjR6D2NvCHfKgYtIu1-kSI-a51nGbezrOBigNuYpDOuRgGvWOtx_HtwX4LAlggIVj9sSvJ10wBiyn93pk3_TRJ_MMTHE233684JA24Qli25dIBCFM9yHwjQu5uQGZ8bw-YN7e55uq7Pin%26adurl%3D
Requested by: Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: f02195fcd75f1c3503631ba8f472b9d4ee136f9e4e2f60b2dc6a09d7e12e3f8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:43 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4166
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 204 generate_204
www.youtube.com/ Frame 05B0 0
12 B 7ms
7ms Image
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?URXU_w
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/q-mqyVPJxlA?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 05B0 4 KB
2 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 17:03:43 GMT

GET
H/1.1 200
OK wmoiqux43uzw Show response
hal9000.redintelligence.net/zone/ Frame 1ABD 11 KB
4 KB 36ms
12ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1687367021515733&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_wY0bS2TZJW9H9zJ7_UPyqKDsAim5b2gab2TnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAs2exV2lU7I-qAMBqgSbAk_QzG2bVJfT8_fLKNFIWWz7McQKH-xhYDNrV5Z6yxjP65UFiBGYYaaXgCmNG91_ZEsg48YBx6MepEaVPjgvPOc_173_ydQicuguDRGSlxwLIh2r-w0_xkwRXPhV-kWtVPfvkl4BMWt7xFDfQhIPgTNNL-MSuVn1XdHgOb_qctjJzPclvkKSoPrVxKw473Wk7A8f6hBbwZRKV7rDfMi7uODQfhYPSYzQ-H1KLhIAS3wxJzap_nnHUHsUcI7DWaCnN8WEgNF8KBlMti_KUvn6dE-ifL95CNgmBZ1NDOLdGRR8SMaX4412-RAFJm-eBvVC8i5tD4csUDQo5RSVIMNnBGTH3eQjn_Er2QjTm0ajNwhQ5KhiAKTGykgUfTPABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE%26sig%3DAOD64_1NLGiTc6Pj9hv-upLqet1bVd5srA%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-BZMvKOeaaP2wCJvcB9ZadZLKUVvbsNA_rTwZdfMrJoI7qQ-Pgdy48gi7uVIae47ySsSusldujGlmFjsOQNPByKUPjma7oPMW0p9TL45SBxjFfDhiOyYtjFP8FyiLu53qrepeamP-kv3mvJan5NM6Xw1-o5jSm0XLmpO2LputSklfQZaIU%26cry%3D1%26dbm_d%3DAKAmf-BNOSIm8HA07v0QxtSYOAsIkyMoQQBYXWCCYPDH9yPnvlXN2nJQHpLeig3rBO57dwpHqFXq5lH6kvOgXlNnprRDg_Cd4m8oVG0gK4FuoKAU3-K-7smSoILJZx_bptXgvgN4YCJBb_7bCXWKioZpOfoaeEE7YznQ1aKg4SbNPDeCItyNvctlatasEIzeWk8pPLRfbmVSPiEE41oi0owrKG7ZkH9iaoyBcf6ZXhnTjBAxAos1OMy0AY81k7T_gocICBYx-FMzwxqx76CLlgO6ZBJT9HssfM5DlKXVDTT4GsH9DnDzidpX3WXZACe7v27lQH2MYk-e_tz2CdKUIS7NgoxHXPY-vbh2fqEMAK6gbKyjxL7-sdQyshAgIfDqFHbMZkJBFRldiNOlPdK7mgqZO3Rfl5dJp1lsFYWklezIHKPVxNSyxdKY34zXnOuIYKDgX3PDYgosKSWjbUQnrQor5Xk4aBq29JthWjk4_wL4cLO9KvxomPhSMDDPRsdKvGTpTnd3RoUfdtB0LZtzZUOCl22SDKFb0olLMzQsMt8Oy8IOD8kkFV1qcxc8Pl1EsVY6CbUwGUHe%26adurl%3D
Requested by: Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 0a21a9a53d492505d1cbb9b4fe37ab63e0ba4ee852080e408fad10c4d49dda2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:43 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4172
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 53F8 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 97836
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 13:53:07 GMT
expires: Wed, 19 Jun 2024 13:53:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 api.gif
tags.denakop.com/ 0
208 B 129ms
128ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1687367023489&cb=0.056163454545738345&aa=square

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7dadd398ddda9128-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 dc_pre=CJCkl4Ds1P8CFckOogMdcNICPw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6030716497474.007
adservice.google.com/ddm/fls/z/ Frame AA90 42 B
63 B 44ms
44ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJCkl4Ds1P8CFckOogMdcNICPw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6030716497474.007

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJCkl4Ds1P8CFckOogMdcNICPw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6030716497474.007?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame 5400 0
170 B 97ms
96ms XHR
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Wed, 21 Jun 2023 17:03:43 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 95ms
95ms Preflight
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.correiodopovo.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Jun 2023 17:03:43 GMT
server: nginx

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 2EA9 172 KB
60 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Origin: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:17:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24379
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 10:17:24 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/elements/html/ Frame 2EA9 11 KB
4 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BzdRFhBlZYhB8iv7kUVxvgEl6Z7ioljzvj6OXkopJVDtBTOGWV4Q3FeOQx4sFeVRBC4F0HIuYrXludvJ1WyQfep11r6F1Zv2FjqLtyGI69fNmDrkpSSNurDIrkLS7Tnll9RhJbUTvMfzjo_kDY0BJz6SWcSI9h9N7OGDMbwGwZx9AgFqg&dbm_d=AKAmf-DlJ5PbceoBaB8oOjwGTG3Q0PUIqgkRCriwHDu5_hMY7Y76uYl2XyKirnWOX_CQMdliXBt599VOy09QrbjA9TRKgqWyY70sE_x-JYGqgE5pg7-0HSrvygzmBs-OF0LtPeRuRX5fXeipy3PYR8hz63q9ldZOw1M2scGCMMRiyeXUmOK-z7Noz9pi-tt3idiqPmQXQYiI7eTz-HscLrlCDLHM5L9-7HsrVKhPK0TF7H48kGk2Lx4RHS_j-LRaI8_R6jcETnpmAGEI_oNB59-YXU2yvRnsY1eza7mzGwth56dtVIjn4ARanlBwcs8hNYQS7mj4dDEoeAj8qBLXlXoWSgPNMW6dN93yy9EfcYH-iXfyLdimWoW6PUvugkumWxnmSygzGnw0uv8vBu6hAX5O-aj0XznP8YTPFoIe_-iQld_TjsdEJIipz5d7MrB_lrkIIrXsvWzQgDvwd4tiO8rvzl-XUrR8t4ACywLkQqc1ZS90FcjreU4SjKa_5HspjrmW1jPH1377DOf4J1rwkt8TXe1LM4IO15PDaPuHtZDRk_ZCDo9AMCtsSs8asbDz-xSqRY6XDCKranpXlKaCyxBw4RtSnEIYBwvNL72Wi5dNYzjvbV2tFeWqFfTkDWEOc14udGpsD5znijUjYyHa2yXSg-Unm_0ss8CxN5oHoVNYmBzTQHPq1EA2Q5rczA_0Ghv6m363eOY_4V9yEQvx7ZiISWn3UECk2Hf-yVuxNr90JJOF8HbSsupxXaEOkTxdPqI81jmqNi5EPAlF9t8jZ2IHiTFwKBh5D9olmLqVjnrx5QO5T_x4frp7PAXGdgkLjKz_Kb4km6JeaMDgrn-C4QHT_Mts3yaigjDvm9Ds6S_8_EL3hE2WNy7RzSd9fvCjv12rsDrSxeOs27I33Hww_rriCtnnnpQexdDSEh7qZZ7IZE_Axhf5Jb1hTvxF0cU7bXfObW7KGcCRFV2sWyZLaBUdiLR0BcTzM5eC-ShpIyWYL9UTHUp7Gdgb1KunTkXCZYbQEAHrD_fxnyg5UQ5Q65PnfypVQLbsqm5-l7ehiy0H40WU6onhu9nafIz4RK6Hczdzoq-zgIgKM8ZRgDvVYmEFPiY1lO4BAo8RlSR9sImSeQIWx-fx3noFWZbEfON6S4Tqju13yIvOesgVssBmrTgHTl1L9OOCfxjPp03fmAOSZKq7ArH9L6QdeFEFpZ8OiRHPydPgrDr4tR6mbDrpI7w-PenzFc8Tfs-pUOkdwob8iO-hkXd56aw11-79wZbXMEP7-h2je9A28QAO7d6N5UcGlDact_P7W5fqnO6oaNAgZ8MaEaIpSkWBoRygBPwKJQqNEuF1K0-6Lnin5Wjw9LWOGT7zucaNduvw8AL1uxEspWkoMqEgkD0s4Bk-suQ_ReIDo929HCBkpKyEifQDYPAoStPDk_zjLIEOWv70O62lHDvgVyX6wQrcAzr8OobHHCVWVPDKmkDpqVABG2y1w5i3BEyypoT5nEO-Az5rKp_BAESTriAmwSvtHwfRMmXghkXeSIuIfBlIgJ5jXWZc67-avHa6Nztwyml9CA58yz8jB-B2V5Dk3dlzDEgAdYixiwK5C1j8iEvvhrAb9-nKecobGNovVmaW2TrsWLvhV88QHR9QdRYhE5lnm82bh_4DtsQpl9eP0GdlPZrUbAk9dE0tS95hQbhn43AY9D3dZm09NKh3CFyjXUkH-7Ug8UOVtCzj8qYIgS-Ycp5mZYSPObybxIDW0QSpAZhbTe8ou0zDcZOMpu8XX7ROdgCa-l017XCET-6g3f0OKYvUq4VQ6qu0vH2bZElpDex5vDTI4tHoGYBz_YDkkPU0vr0Kp_8-Gk9CgdaZ6ww_OEoeTw3t4a_W_gcepr2h_Ulrix0vyuQnygD3pSV-mdLu5itJwDSwkUAsRTda0RO8IwF0aZLr1kZKBNJHx0-m-MfLmi5E6pxYxL3C38OhOfEvVhz7tdCH6Dyg0rO8-1ArNJxCxXGfJD2ybTDND0GyzTo7DTPcaFwovfMov5SOGyeaXEicn4xbNMmdeVfoft8RdWg4wz8F5ZJ7EWMwVxpyzMhxbop2zW3LY6v9gXo393jhklgCXy4sbn3UxeKmsXPtAYbZATu6GTHbCsL6Megv2NbD6vNYoTBRX4zhG-Z7zyN-4uSxxb6YK4xhMKdHnHimZczHyXwX-qvjSptaqZb47Yt0N_HUB20W0QbJorTgwHijkVt7y8KxsSPXEOYQgZacP0sSvAm-a_1GUVb4FlB_6dd1sAgvQoQ1PoCauY8niEzBEkrf6QSd5VmzzdysJgOVcgAtXr2KihDf2as2es4tpwUgB4N3Q-JK3QOXKTYvn215irHo-GB4AYMUjzRLt4sv41aVhTSG7n21YTgFMUKp2KXfd8WxCzPgNK3PmaYsmDQq9WgqxINteRJaQL_DT5ol9lDfve8c_zRayUvoyICHTCRstiYYOlyM0xqgKPmAUMtfb72YAU0NtvvzMhFoooO5sm7WABsYYUpvtTsbeI4tFieZE7sVaHSULqzyYVjnYz39AUpWInl_WHtRGLgs6c2xJJf32ZSO_1X0iVPuDLQ71hAlmL_BVxIz2X6RlUFplJ0qoAoOVAhjI5pFj5p4xPMi-9yWMRe96GNGe1ARmJSeEzDIs176Qx3ynXc7OzVFc7vxB8qSS6NfONPp_lfWPrPrkEFuBNhFTO5fJrhXVAW6Et4th9rG0pwkMMxHMF0iUTnDBEfJ_Bz4YkmRQQmna4nXyxBNBBFYOgMfhBoAc5QQ6-g0jmPNUo5tBP2pZqbf1Q9KMsaVEEJlOv5tGhKVa-M3FXiG7iCHFfnYCXGq_FY6mltul7jzeIypd4hBI0SWtNzYIq6ccNDqUpiz7uHG6SDwd0JgvwhahSW6IKHFpeYKnShZ-sxp8zTIfyfrRNGdoOCNmkxQw_xt-fQhzD84RlmwlR-P3u8bSDP7Bg9TQvkAuyFqSSRhYLIbsgZjS7xf5f7ZguIviCQdPWBAg_Og5xwY_fZS4czlNumw1lvU9qJnO4x-HthKeVB-ppl3tMeP1FsNNhJ8k0XYzd4DLoWz2xR3B-ITlcWDFghFHSz6P_hu2TeOZj1zt52AB8OGyVWkh7M1iRqqHDHpjbcusXM4SvEGgXAHt-BMtevmKWTxpLiOTTMDKQoXE_kPVEZNfU9VysJuA1rIqSJC_zvXdMapM08I6o2ja2JRZ87RihFmyR3OS2o6IKi-K8GOq9W-IjsUpZOQHKcUEJgMJeaHY8hdcPPPCqzbdnYA7uNEAG6UOaB3CcLMb5wp2nao9o2aIAEus54zlfL04dMNSj5a15kZV0QpbiSKyDv1IWrE-oIZyFGTUDXGdMD74AlwfNyjUR-rAE-ksp81iqxZFWl0QUBmRCM47fjMcvLW86cntoAqwWanJSYcUubuygR6bCH7ziqojnhAfrjYTh5VwETqDcgulXNH5Wejl9poxrAMRejx2tvt1cwraWhEV0mRKzWsVwThxlVNK2_OzEixufzHKLgs8qexREvjXsNyK9iQQ-pNMw7sWes1aKdGmZXzIUZMG2NzNI8MZBvQQfguoFwD2mj2znaNMVSfdEvI-cXW1ro5-ygiEytmj2X_Wus7rc0gF6okQviQZmutuuWhvM7BbaOZQjquDS3HjveFQj1MvRWkRZqyPQ_AjutNjCfSJBNJRkqUQ9REcRmi2RCpNF7JU97zS4rT4D_w-jbiRJyB8vvxTyc1wro9m7UPFyqFNYfaiWxYNTBuaVBis8oYDtLIgywVvKLgLJUiilvUV2KzkjdRGpV_d9ksLZc6-KKvU1uD7CGu5thpH7ahmJe6aXLZaCvb09zf_y1EJOKbbK2RCS1k6mib9-qArPONNonAGAyN3qEjApE&cid=CAQSKQBygQiD8G9ZERdI3gx4sTb61D2vxgcxIggHpiioKdnGVIwq8AK46cCDGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ds=l&xdt=1&iif=1&cor=7374407698534579000&adk=531095043&idt=60&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:20:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2604
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 5499578052516643378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:20:19 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/ Frame 2EA9 29 KB
11 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6977ce9520f2f65449534c21693dc8ffe2b30b3237f2eef6838d6dfc38187e31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:23:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11383
x-xss-protection: 0
server: cafe
etag: 11247298741758554759
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:23:27 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2EA9 41 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97868
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 13:52:35 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame BC45 113 KB
43 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0650e20caafed8b318134c45e1fcb2b371616ab25ae80a05ce34bd7ad04ff0e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44179
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 16:09:52 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jun 2023 17:03:43 GMT

GET
H3 200 1676550659977.css
s0.2mdn.net/sadbundle/5358810056708269933/ Frame 6003 8 KB
2 KB 11ms
9ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=93KdxgAicU&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c29d3cfbb333f3612e8d9c53c25176c80cda8c3e3a1767c5e3d2875395fe749c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=93KdxgAicU&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343450
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2325
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:32:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 16 Jun 2024 17:39:33 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 6003 118 KB
40 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=93KdxgAicU&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=93KdxgAicU&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23242
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 10:36:21 GMT

GET
H3 200 1676550659977.js Show response
s0.2mdn.net/sadbundle/5358810056708269933/ Frame 6003 20 KB
5 KB 11ms
10ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=93KdxgAicU&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=93KdxgAicU&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 11:56:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18421
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5491
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:32:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jun 2024 11:56:42 GMT

GET
H2 200 b Show response
b.t.tailtarget.com/ 91 B
535 B 118ms
118ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-9964-3&tY=1&tS=3&tU=0100007F6E2D93645B0631970241E403&tX=b.52&tZ=769916178
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: dd8ef56243d389be44d8777269f653fdd1df8e6fd0f6f40b24121e2efb2c6a9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:43 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H/1.1 204
No Content hb Show response
cpm.denakop.com/ 0
271 B 55ms
22ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.denakop.com/hb?zone=166090&v=1.6
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:43 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
295 B 30ms
23ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=441198b9-4fb7-442f-9a91-006a94315c8f&l_pb_bid_id=260dd51746caf7e4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.34022673886922306
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 95650c9d81fe1c228f5a3485392bcd4a048d7ef3142b6fe8886896a18f4d262c

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
295 B 27ms
19ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=d26088a2-24e2-410c-9b4a-5c384247d5b1&l_pb_bid_id=261afc47e15040d3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8015413393097357
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7e6e3ca2cda7602dded4601cb79552175be48233013dbe9cc61b78d89db81e77

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
295 B 25ms
18ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=4925139f-2218-4a7a-b2b9-5c09b79e1bbb&l_pb_bid_id=262dbc58352a1609&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7301058921743517
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ae27969e2235dfa0c5d55347ee46055262af5ed8f06db630cac4734e3627ea32

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
295 B 27ms
20ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=dffd7327-ced4-4e21-992a-f7fbfd039a15&l_pb_bid_id=263a5f65da3ef35a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.41125644676828843
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d70f50943c120adb73de29c6270d9244084ab60159bab3c7be5f362734db7055

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
295 B 27ms
21ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=478937de-dc61-493d-962c-c571f1a76c9c&l_pb_bid_id=2643095f09d4c22b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6399622487167229
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 16aab44d4aadf8ef1a74f17f0ef1430447f88dc76223f42a73630f517bd3aed1

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
298 B 102ms
96ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=123862ed-86b0-4d23-8748-8afcf0aeef2b&l_pb_bid_id=265f4d372c3612a8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.07455835935739707
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e110353336c27db196d1afdff49d38748b06ca8d33bdb809e1d4af0711f9e4ae

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 263
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
298 B 121ms
114ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=a544e2fa-9b09-4f31-aa83-099a974545d6&l_pb_bid_id=266cb375a1ee374b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.31350289309046486
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d7b361b911f3975f84793313e0b87bb3a9968bc3db3eef81b1221f0ae4c5d0d0

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 263
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
298 B 158ms
152ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=a596d927-6181-425c-9fd5-e1ddce53672a&l_pb_bid_id=267356ff41517861&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9837305212897343
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1da9518693fb277beca91eebf740b361a8bca168eb810742a2aa787b87b84e96

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 263
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
294 B 78ms
72ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=2&alt_size_ids=55&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=6162fbc9-6d2e-4c24-b60a-a7c013bdf683&l_pb_bid_id=268d9fd9c4f4a9ac&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5280292242400939
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 44073ea2d6fef50d1b40d00e2c77ffdf7d9dd588a13ea79b45c5d12c47d57592

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 260
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
295 B 27ms
22ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=15&alt_size_ids=16&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=fe2bb489-e591-4459-8af7-ab5d984c6e47&l_pb_bid_id=269a9ba6a8a50e95&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.45919847929162483
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: de03e97b14da79c775be2e4938e7021b8ac0bdfbfbf8dade8d2c2c00b91af689

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
298 B 94ms
88ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=433162&zone_id=2477026&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!denakop.com,10102,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=59c1a466-5c4b-4f46-864b-cf4d59c28681&l_pb_bid_id=270c9a28973ca8f7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.23106429424224872
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 28d460a92f80d93d9c90649d901c93f8501e6ded8d74987c1bea0d72917ed9a1

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 263
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 1 KB
2 KB 635ms
632ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

71b508240d05cc13eff98fd08fa682044ed8bd195e99b05d9f5057be89ef7050

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 21 Jun 2023 17:03:44 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: a2a170a0-4649-4db1-a920-c7ec70ea6b7f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 214ms
210ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 81ms
77ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 79ms
76ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 84ms
80ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
571 B 179ms
176ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 141ms
138ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 249ms
167ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 189ms
106ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 178ms
94ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 247ms
106ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 273ms
94ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 7ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230620-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Wed, 21 Jun 2023 17:03:43 GMT
x-amz-request-id: 1V3JN4Z08BWJNCK3
age: 1323
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by: cache-fra-eddf8230110-FRA
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1687367024.609134,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 46
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 6053

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 6B9E 172 KB
60 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Origin: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:17:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24379
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 10:17:24 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/elements/html/ Frame 6B9E 11 KB
4 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUZnP4xH0GuXKd8EAjtFXub1GlH-v1MWsUvcBhsm39i-1ek4DQ0zoomKtR3UQo3QmyTQy2_vO1_hqFnHPZrkQZZLI31oXCm3s8Na3jbSQzZm-cGGeh0EeB-No_2CMRSFeNTmR2V4lPdGWTJfpe4S2tDH8fmUAIeTGROROfAJzHlvUz8Do&dbm_d=AKAmf-BEuub1-K_tFoyyNO9TzVhjzwC4efxJh2z8BSbABAaIqzEnKchhjiYcKv_gpBut2dCpgoy0jgFOTE-9UNNC6kFrrun4KnAnV7ljJzZH6SSoeLDctWDmgTlDA4CN5sKhB1JEau69Qzj6HDhupYntthCU9r9_3HUzLlnH3HIcYXZUXMzi5xpluMKfSwkVxjCYeiT0sDXliQkLLTJP35XJEokHel-x7KCFy40F-DLloftksFy5X4n3RgHDhegYxCNOcgNhMO1Swbx7LiCynrWQr-ysOiv8LsxCn-YbD9luF5tfgi_DXIG3Q1IOprX-dCbhFHfIOAGarUlXRdmtjeqxrbLz63m775dFDpwRhZTFltZADEgDAV_bPqhmdFSeOqQSw1KJlATMMRvc3-2VoYHdTSyQyditKpr7qZjUGyVRuCwiDQnhgfd11JOdnVpgX322UEwJQpk4e5ECE9Rlm-N8RAYEyx7V30yWTrwUXzymor94d65kS84UHTR627rUonWVHZ9XtVnZ-k2EZdZRQZ3aacgGHgOB73jcLHmxbtkx1_IBM6w9eBuUphU4Rc_QCA-gVxmCPeTNwmb1hBoi_Wio_ET7EVBB3EI5c4cUsHyxLiIanioeOB3nyDYKRVzirPkuczswgHE-jD7osNhgLWLKwus-fBQ5ak4d4OxZSvy2G1IipZWCfrILxRfsyOI2lqUBcTGMzbdHkebpliDKhJAKavlyla6NzN_13p0t53hYh4aD6P0vequnTjyeTIsSLjKiWRX6iy9RcBhn-SILeLhwtt3HKJKuyVKb-Yu3V8aJEQ1Xy5yK1RK9IgPs6dA7VFBhh5WNSMSnAOPP4iHTcXkgIj-gwNhFKr7lOP5YGjrFkHB-bOPL6PS-_epRtV0Pvy34dLTCVU-vp9T3_gkRX7GElA1FVz9YLzO5Z8t4uhV7TvaHG7Kz_vfkx5ka08Z3Vo543whaK_vZHNlPoe6UtN3gEcRs2_iYQVB1te0YueNlfO2ST7orIq4TTKIqBv7ZFDKLpS8S8XkWPymC4aSMQ-pyCtIzU8axypOT-FZX4z4wmTlyLkjKDPYSlLneAnkdbl17RiqGEI_HmeQM1T2LaQiuZeFOxcieiB7GKUx0z3E0-tbzg2eu39d7hsHAuuGY_cKYaLb1NthfXVUhfDeKdGP9ifUVj6LTDHMn1_848FfS_fsU4rDOr-2Xzp2j9iSvhtoeDfH9wr0v0qD8wGA93qw-6GnjdMfKqAOq9pDqMDUkfN2hJtszyxvDm1aUlLAQPG5mG-3okdVJIxbKQcgG3EopgZsQswMDhQ2gN8UGGRYIDWjiLPYm6cdsEDmVhc-TQGVF2cy-Ch5QvQ8w_TS8MGPURJiSmFaous79xYtAtE-n6bEJIvD474x8HxlbAkL1u9WdPURREcgVx_cliBavDfmxN1T3xFzyZYXqEKqyg9TBrp1sGOjSninSLMpDFtoTXDQ6FeqZZwTmWC2KxbsVgePQ57K7DbDXHmlWr1NgH9ywlurzyIaANnGda4VHt7DNMBmMsGdn8IFIYZZ02JXj7Js_KauvgK-WQKvs6XWVKBN1vUJxezy4OyK8opsMgA2PstUjXgV6BADE21prssO83B7WzxkffM1hBYKHtvavsz547kk8kbxDMoXmfeqgwUmaJhsbEZXt3plKAsPI4NtGcoxW1GNRP2GfBNntyNgk86wvbDpjL-EXtp1654kD9LtrNXEkruMuRc2M7AyQ2_qoCBZk7uxtsGIarfEZtmbhuF_BNvbmkHHPPbC3q1PQrCfsMKJ7ksCC40qXrnRbcvd65VAGiT-3Cmx2JLoaB1OWnJ4-xsaSgkSVB-MyMQo9yz4nfAtaSCa3VflvRb4JNaY55eRzPi3Zw4IjruAZSZNa7DOL9osd0_GqPO9WK1sMixiBTaNaWp_FCRAQFVVgNvwIpUIloRQjNffUaX7iZ1u1lwA9u5OR9mxCTjE7sS-Z65cnFinVwUacOuumSD8IVPSHiXfAkjKSDQkLHnDzYUUZehwXvL2NmBA86UIwOJwFPv_Wx7h9uRD5gnz8msG4IXurWeHrC10iIkM2LvifmvFwlnC7Vb8bY8njsYTNM1G0QHhjBe7B8EnhaknOuaDvWhF0V68zVIYHv1HvpNP2SXVF07SVY85ZbbQvNgCQbIUF3RBlicH_LCybmKMtih7JUmwNlBhjm1grCdCRnwd0QPUdNgW3N4hxPdvvc5Q_ibh-IQP1X2oQf-9TPiE-sDkPvBkazM73n3r7RhzErVbO_Z-9qk--VOwFlsY-y_6TrsS571M1atZEEoxT9-RIK2xLNEkENuYARwOTEaWEjlgHl9N6RyOJyoHGRuRqSlmFv20x5Z--AGIYj_JQ5IFZeto9cLYwWe04IqySFtaieyMbzJXOrsFys4FDwQaFk1kjOkXEXJ8sTgCN9REGHHr_OT-tnZm4anBE_qdOOi6H0HFt9uYWWMIyhVnmyrCvShQZQv1qyCRDFV5ISTCxOoy9yTY5nU9p31gHAMGykcOtHut1O91DCzdsJT0Kx_NuQ9XT4QZ18sr_rRb0xViHScmYk_peoaLx5ENUkQlERvAinYx_ggtEnLOIyWWIKse4VbcIlkNgEDZyjiztibzBaxHpHPhVIpN93J2p57JLjYG20AQewcv9JaUeI9jlg_X-EnwSG838tlSxU1w3Y-icZdGVyrRuR3kafu0t7HVNvh5XVdg8MblveZcpd7k6j857OBfX3KK4HvDxUBXEhM8shK7HvzCM1II5ukkgOJ-PBg65BmLPyCQ-wbVvct6_RekWye8LVAv5Bvdu2BiWwF3YTKKcNLaVuvdxF44oKmVaWPemqnsEkkAy1xQXvwRXiyUko7UeYkzhFO8Idbfo72Xwo-vE2BcJB4tykn2Ty2os9Yrt3gYs4miTzBhknxxO6TELrR4Y1c2mS-9-CDlEZpRDBwl_rshFq6vLfumtg6S-fOFAO0g3lPUHlo0YWQv60vFzfWm8nM96f3F9U8vDe7ldEWtHzM2DW4mxDGtsQG2JrCQxkmZWkIpTVFiGNK5LmUjUyDa1UrWfMsnpKfOmXZqeGD8VKo2gPy2dMNhWAUVr72Tpv8AYG1BOmbK0xdxhW4Gd21OkKlNf3IiJY3U5OtmiwjghsXrosr_U9VO_OVvoNu9kBLPdEkSpzWzms7osFcHzaZnRdreyFbTa00Z4LorzUyr7bo9G-qs5CMCGPle362b7SeO1jyKPF977olchi-1izXF7NxGwdRKpgx5iuLjT1NU06K1nwdrnN99Hq3mtey8ZIbL-OCD3X7dkfIZgH3Og0byzQeXWU0E-VF_-dzzWeHNEcJQPUSTKeaSoxBA5i9T_9N3mxum1rSAD9jHX4ImFQP6QZeTMLvjW46gItXYgMAebKxokYbDRRNbUQWSQ3bFrd2eM7-t17naWOqc3iw-f2gXuoGTkBK5tk2FtOJHgD43uhrvFKwjSZTskbSrz39joj7XzGVkzcRdt5QehpOjWXv7fpVSqWy4cG1RZRyLRfmT_vwgyMByvcDrzEKnea_4rexa_7_01CXLHKM4uHAz1BqKVfJCto-y6LeAfeN0jAtHlncrlE_aVItbnomF3hlH8EfSOPkH54HhMHAFHG8IGzSTupObdYk81GqEmGtcSwWlEvkP731ZLsOgbf7czihgznibgZqseqs_Cl9k13M-PI7Mvhe-kI78xKYSBRXr7NWn80hRdteunEEgq3EVo10qBk8_eCbakgMX60KSN8NAs_mvRhcZXXfNd3B7wDDImmnSBqHVp3buR0G3Ih66WslkCL28rjT__B1N1mpyMdKFMZmmIIluh-YCbGwn6Z2677nJ3Rh7ez19OiF1egKAQdABxpubqUEqWJsjoKBDg5uHGZVI&cid=CAQSKQBygQiD8G9ZERdI3gx4sTb61D2vxgcxIggHpiioKdnGVIwq8AK46cCDGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ds=l&xdt=1&iif=1&cor=6877162342574948000&adk=2975593758&idt=140&cac=0&dtd=34

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:20:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2604
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 5499578052516643378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:20:19 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/ Frame 6B9E 29 KB
11 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6977ce9520f2f65449534c21693dc8ffe2b30b3237f2eef6838d6dfc38187e31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:23:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11383
x-xss-protection: 0
server: cafe
etag: 11247298741758554759
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:23:27 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6B9E 41 KB
15 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97868
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 13:52:35 GMT

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame C4B6 172 KB
60 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Origin: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:17:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24379
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 10:17:24 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/elements/html/ Frame C4B6 11 KB
4 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D3wpvkDLePHZ_Dwe0TFcYQ81C_knVBc7FTm2TiOJbPYidEnuuSbFQup040CSsukb0FzZw6bYUHcz9lykhuU57WfJKQ5Yv-Tqc_kNmetQR3flm3T-doDfecLOg3f3wZTWo5dS6gV87zCRfDZ3PH0Fz2hjyV-W7rQA_s8zsRZIUUerHIHqk&dbm_d=AKAmf-ANc0Hh82JaeIWqr80Iz0FN06fZPxUxX4IiaMJ3fDgvBo2A5mFTbsULTg4qsanZzvZNZh5ohmSrExzsTP9M087W3CBf1Rb2LxGYTcHH_-VqG0gnRXwiQfUvOmEpkd1jjIUK2NV-qb1qmTzwgwM7Ir58KNVBVszmtNV-k2u1WoXtVji63dRJdrvC9J9aQnOVeUlUl_zksQACSdZKsqGWi-5oEXFj1Anu2mHnxCVX1uEvlIvEicAYFL-Y137I3rrOLSlGca1_y8_l0yHnN-f_ES8OFi55qPKd17kstrsWkUe3eynYxPbQNMjzwMtnLvCCKQL2-yCWrixtvoq8vhw5jDzJpx_rP5W1FTEbtDMZjEfoquWHUYjhcx3SOH2rsAWRmeeqy2p5c5xWfLOO0YORBWrjLW6MdSC-lKzTLTvN__fZpxGue668pHNsQwEQScNT1Q3o-iQVdNrFugSj7znrCwlYIT0owqbNO1FsMf3i8INAMo3_HYExTMw427UGPoa54OGDGbLuhrBGXcFgwTquU3_YDq5DjCJDPFaN4UfKzF6B-SZ6t8BOFXRF6nG3O9A1IX4aBiZu-eW_FyKO7zdYM4gkfEf_owfpvnsxOmA9SpP3MdZXh18ny0kO61918isbJY5P4NDYp9sDLcqbtfep4TdV87RNDHkxOlpRvG3kq-BhQYjm5zbq-FZCYMDb3qyxRRDg2HqReBLok1XoBfHdIPz9abC2XPSfZCN97gPnyslo0KDGMUbEnJnnm4QW4C0rWoMH1BZRSGogQXGz1ohSxYOy_fmVsfPeIDip58HZMXPPKpSSKcYCG5QS9Vc6daCEGy-x2z7hc2gqchiWgAfks_HuyLXHkProisg7Zci_jfeFptQcQYRelKW4cMuJM8rL4F1XMWNzqD-q8vAswrz-4rRe1Jb6g1SqHB4-hppPTMr7ydRHF_tLzAfK1aqjXPVbMh-ewB5OL-mC3tdt3j6jbwFIxmQRQC7Y040-NXd7AB2K3sEc3m9i_WF_jxuLNsaRYfVRYwwAQ-NLi28bqJfK6Tj_NLgR4hguaVl9eRWajYwSIstg-wWwSkDslaIHRg1fdUl4GqGjGH447J7VS_kgnKoNi2cWQO78AkANaEfrIiP5yx_y7C32zS0nlM-MC9f2-fnxQnByK6YqyKoR7imv2vBVXlOZqIk9niinpapCZja7TXuC_NFQQrea_--nGdEQtnvOTj6rKAKHcMpkEwa9EcO8569Yz7xHQKUcP6J07c4o6OCsSF1pXqL1O6ni36r-H90FYINzusKXWGBpCkCMOtUbRty7f80QpRvlV5beB-JgTKo4HRWtomGyrXxMvG9MVVAS6RByMIZLAkt3ZjJfuKLvWY2AW0BsU5TzC80m2wz4iDuhaIgW8YqkM-o0xQjtRKbeYFgoky68Im1CdNAST2kuCqMCo9AuAsVYmhM81lR9wWFzpMqJUomLFluUl8hiOKjdpjlNcg4j8uDqEVoQWGe97lXwSFm_IhcJNmfhX4lwG4lym-iwQhX8cvpi_VBE59wx3DMMkAbevsjqHQEjgJbjr-8igdmAg-Jk0x91YM_rW7LQq66geDg4ep00LToLSOy6gT_QkoRk-ifnFUOqCedckSsn2cUeW0AhrW2V3dbZTfQuTywmu82-D2u1VCnY4CH7J42BjGwFy7mS-DtL_GKUwNl7Vh_CT9eB2KGGTqAnla9IAXZl4_32boKb7A-O8uskvRGssK0XNXWnoCH4avewyTv_0gQUjcvGvCsZWWBjzoZL3YRpDMn1yjknejyzFzFGlcccWqq6AaimnNndd0B1ZgvBCayXNZype19KgcD_d-VN53gys1HXzjvANrMS-EI1cvyhsMHJIzGpPxK7ZjE35AnolE2XtD-hjuUh1Kc49Cs4pMTVLv-pUbxJUIaXA4B-IgbbTLILiahHUPZRKDR_IVsr_QrHO0UvtneDnjR0VBl134h-Ge2b32BgsPx6nt5Cu3ehu0eOEhosgkAm8LsE7lmPX5ToMpI24-b_DCphI7I4MMqIqMljtRyos9AZ67uThvCU8kfcfPLl9QKoP0mntuFHSO4gYP92bq8kj7y_S-h5VvdrfXhogtPHkn23DwFUac4XzVWBS8ZWDTEaI3OBNKnFu2ySBwWtMGJVnWOkdtsj7lCDtWNil9aI6PecOdYhcnj4S9aKPtvVEYZpmQUt9upP3sQQD5atqRgcawZf1i8z_M7n9glg_qwYb9wJ8EPouHH4_bOriigjibtYExXBOP4vwTz_EZcfiqIIpQa0f1zxnFsweoxBzrXZBjd1W9QKdFkQZCnOoG9uLpKgJJ8rNt8bEvzxiAcGqnPDT4kNSrCsPFUyXIsoGUwOc0AoAe0bgOCEH_H42_0QEWYptX1LawLNSz_FYKshfCJBM27f2Phc-R1DlHLjOLGYchRqDnWDaK8eX6gX2uNOp9sFPNGNWJvNICkzY_zkywNqguzO_eCbR1JwR5KI7XicWMCbDnjTOJKO6_0B0a1Ns8ELsOdX4Jr2hDeC78DgrfwJl_nnbK8QMLDeA2zVf0g5P7AGi2dAL75EpcfmLfNP-GwUxExdKLZe-sgcyjX6Ku2ZBfNEkgJtEKHgY_-6cynSfU1tX1JSeuxO_YBDdeGTffU6XJwGxQRv2b9atkMYaGX5mXGAP4eyGvHuT733Ic_vYHSoY9DVocW5D0MCLCrhI3d8JtAcbWeRMz0BEZDoYyQGPzCx9FiGihQBf5xnSLhQa4bCnXpt3sczbYLXp8AgvPQH6n2IB85tR1JoEgZ4JABkKfR4pWdBtOwwrdw9Tnx6DpA_iidSRtaiTzQ_7WRTz9DuqJ-3FjQV23TKBn5PzcDADyRlJYLKGrqtSnAzUFjgJe5vrUnBxVaMRDxdX94hsnsZ8dswx3xSTxQxyxnPWUcaiXOxzSyV22-xUQVL_bFNIy3YCsBGSQmtgX3-0REHV9WqeYn4tXFeNrqZHYvuODXEbkj4rV0OiMIjrtXUBH9PGcB4SIaU1wlul-zvxgCVz6vVNAUX7mdbMr5gyA4wzOlzmhgwj8Xke1ppI9ErqKvikQOdNZUSu_WucctgXOwvIKy9eQOBmwiADpcY1gPtBQ_cvyxURG5X-ekOQtu8K9MlgzdLCCQdIAnAYIra5GIx4T49JPjRQhzCA2JA5E4eEIzKk5G7AL0aRYJEoHUrMCtpEVv_qyrzHFS6PLXP92pVo4SIiO7EHEZav4Ibpf_4VDaz7Qk-C5HOIQfMt-8kF-0d94-Wc3g6NRciP-PLvNhuqemFr8MCZ2tCbQiqcVbeFBrsXx_UUuwgiScn8VYWLVWdRDnV5OAcvWU-XVnUrgKlUZKOv7hh0W18-wzxX19krC_Qtcy8BwCIvjoCB2fW1EDjKlEGwJxAVjjZ0_b46pPAE4NuKTTt6vp5AGCWMAeAR5G8-W54x6eqxJ65R_o-0Boieg9KVcNZeUCpb5BMNQBv5BV01zIgxVy2DR8teIQHOWrrBlaDNjje_0IfM03ujwqUfCX-ljp2gpC7uD4cI_rgy_P3Rwchsm1lAERMIg6MrGuJs6tkZUBkIpA4VullFKnPhA-a1w94cvCan3aw4YP4RKIc3IwFichnXnHpyAb86nSy827_XFusTLpfocFwJp04SSv9eHX9BwngDAMLN26Z0AQf8-2r7xr76WnwRaHXkcBtmrOisgB1S8kyOCEQla2QpumDMLYW_PNYFIDX0nDlZDfGNO10OYgQc-7jsVCuNtLBpgJ3vvNXEoPzkIj-CEkjvVlqH4BIiqQsVy4YmKpCL3p2ongnPgnEZ-IbORV3Z3bw8TVMD8pFPp80vnj9hkSSf_Rulp035TJHP-erW2OXEbKCaiC6pAwAr74ZPuZCq7xcPa8qBpI_Mug&cid=CAQSKQBygQiD8G9ZERdI3gx4sTb61D2vxgcxIggHpiioKdnGVIwq8AK46cCDGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ds=l&xdt=1&iif=1&cor=636309029302438300&adk=72288713&idt=135&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:20:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2604
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 5499578052516643378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:20:19 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/ Frame C4B6 29 KB
11 KB 18ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6977ce9520f2f65449534c21693dc8ffe2b30b3237f2eef6838d6dfc38187e31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:23:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11383
x-xss-protection: 0
server: cafe
etag: 11247298741758554759
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:23:27 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C4B6 41 KB
15 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97868
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 13:52:35 GMT

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 7ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_8_8/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:43 GMT
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 369629
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-fra-eddf8230110-FRA
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1687367024.732152,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits: 22293

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.2.8/ 446 KB
84 KB 11ms
10ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.2.8/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_8_8/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 47e46aa045a0a89ae2d14c00d36ceff6b48f57d7cb97a2d2cf3c8a5104ecd3c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-meta-mtime: 1687270929
date: Wed, 21 Jun 2023 17:03:43 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: SYQEZNHBECM6DZ2W
age: 96027
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1687270945
x-amz-meta-mode: 33188
content-length: 85240
x-amz-id-2: /AAcUqM8ITuEzkkSF02nRT2kztgrl5OS/zSYfbXDEtYYgA9oCATHGv28x+Q0SRuPfX7jdfmnp1U=
x-served-by: cache-fra-eddf8230110-FRA
last-modified: Tue, 20 Jun 2023 14:22:26 GMT
server: AmazonS3-br
x-timer: S1687367024.743949,VS0,VE0
etag: "50ad89b6adf92ddb2420b70717dc4b38"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 112841

GET
H2 200 sync Show response
am-match.taboola.com/ Frame F5B3 439 B
524 B 16ms
15ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8vj0CLAa0TgBLA97b2RNonQCWBry3sy8AAABgYGDnAMk4Jg7HaDlbKwcjh1s0XM3Wwt3G4la5Zi7bYrdwjIzDISAZx8ThGC1na-Vg5HCLhqvZWrjbWNwq18xlW-wWjpFxOAUOU3aaXJaDWiBrmlx-NwhB0-nwue71ut_vrvFbLi-n3-Q3_G1_u8bvtkssfzkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIoDw7nu1pfd6HB9XnZ_AAAAAAABAAAAQAKAIH69BMBIZ9eJ__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIgm5tTKw5Rw6Rgt0ijAAAAACU6OjgH5mkE1Qsqvz___dbAbgCABCA6J0OZ59Fd1DiLQwAAADAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCRGZmaYJYAADU_AICAKz5BQQAYDNuAADeCMAJOgStGAxWByEWu9lgsVnMDgAAAMCd____fz0g41ytJrbBxrJyDGcm53Kw8qx2y5HJY5stNrvNYHtM_8uqs0WdRfs4TNlpclkOaoGsaXL57WfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVogCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5fJuRceRwCxeW2Vq0mwzWyuVo5tYNV5PZbOPwuIaDtej1MV2MG4tl5fEiwQCRvUieFulENXE4XIPRyLTcmDyzlWthGSxmw4lt45wYFxPHbiKWaE4W6UR22Xecq9XENthYVo7hzORcDlae1W45Mnlss8VmtxnsWw7fZmQcOdzChWW2Fu0mg7VyOZq5dcPVZDbbODyu4WAten1MF-PGYll5_I3ZcLeZ7QaTwb4xG-42s91gMth3mEzP1OdsVF92Io9MNxpuLjub06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7n8iu-LbbV9e9ZOYgNBkUsEVykE43fcnk5_Sa_4W_7W8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf8Rw-zmquFcNZxLRsNVAgAAAAAAAACwBNNMNwEAAABwMpjJaLBbrdOBbDajwWi1XAAR8c26fqjFt1h_tFN2wWZjQOtx6WYVa-yxhvFbLi-n3-Q3_G1_KwOQ4KtnttlnBLFWq2UNAABAABsAAEAAN914ExBmxf3___-PAwAAICOHHgAAwM4-oKuZmZmZmZl_ACrEWq1WtxtrtVo!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_8_8/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 7973970cd66842aded3eea6392f3aad4178f1c2981d7bb482f3a92b4ebed8f4e

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Wed, 21 Jun 2023 17:03:43 GMT
machineid: 3401
server: nginx

GET
H2 200 loading2.png
vidstat.taboola.com/assets/ 24 KB
24 KB 9ms
8ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/loading2.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-meta-mtime: 1498646328
date: Wed, 21 Jun 2023 17:03:43 GMT
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: FRA60-P1
age: 889827
x-cache: Hit from cloudfront, HIT
x-amz-meta-mode: 33188
content-length: 24300
x-served-by: cache-fra-eddf8230110-FRA
last-modified: Sun, 02 Jul 2017 14:25:04 GMT
server: AmazonS3
x-timer: S1687367024.763406,VS0,VE0
etag: "ead84d746b6ee07ee78dc4243d7349c8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: vbnBTgjpYmQuFPbzfD0-yAvJTbOfGQqRDnsQq1mhb0dufrsnA57vrw==
x-cache-hits: 11112

GET
H2 200 replay-button.svg
vidstat.taboola.com/assets/ 1 KB
911 B 9ms
7ms Image
image/svg+xml 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/replay-button.svg
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:43 GMT
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 2533244
x-cache: Hit from cloudfront, HIT
content-length: 701
x-served-by: cache-fra-eddf8230110-FRA
last-modified: Wed, 13 Feb 2019 09:30:13 GMT
server: AmazonS3
x-timer: S1687367024.763406,VS0,VE0
etag: "e871e80b457ead7801d3bbe63b25c4fb"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: pOmHu0PFPRvpPmq7tI9R0y12gAe4yDWEJtp3kgIGYE4CJp3GgKOJBg==
x-cache-hits: 11451

GET
H2 200 replay-button-hover.svg
vidstat.taboola.com/assets/ 1 KB
1 KB 8ms
7ms Image
image/svg+xml 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/replay-button-hover.svg
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:43 GMT
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 889828
x-cache: Hit from cloudfront, HIT
content-length: 709
x-served-by: cache-fra-eddf8230110-FRA
last-modified: Wed, 13 Feb 2019 09:30:13 GMT
server: AmazonS3
x-timer: S1687367024.763377,VS0,VE0
etag: "ae0344bce724db935e4f7ba6573ee516"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 1JYTooIZAFe6ntub9Ov709Ze_00RnxQMFAEINZGQE7UG23mzWRv8JQ==
x-cache-hits: 11633

GET
H2 200 learn-more-button.svg
vidstat.taboola.com/assets/ 2 KB
900 B 9ms
9ms Image
image/svg+xml 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/learn-more-button.svg
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:43 GMT
via: 1.1 91c2aa7e3369a817b01aa672c72e5ba0.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: JNB50-C1
age: 669203
x-cache: Miss from cloudfront, HIT
content-length: 634
x-served-by: cache-fra-eddf8230110-FRA
last-modified: Wed, 13 Feb 2019 09:30:12 GMT
server: AmazonS3
x-timer: S1687367024.763845,VS0,VE0
etag: "3132e8c3bdd274efa7ce1531ec89580d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: tpkfj6s5WrpGRgaAkTGoH-mIoyNBawru-OLVieZi3MqT1lfvXLde4Q==
x-cache-hits: 11318

GET
H2 200 learn-more-button-hover.svg
vidstat.taboola.com/assets/ 2 KB
1 KB 9ms
8ms Image
image/svg+xml 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/learn-more-button-hover.svg
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:43 GMT
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 889829
x-cache: Hit from cloudfront, HIT
content-length: 660
x-served-by: cache-fra-eddf8230110-FRA
last-modified: Wed, 13 Feb 2019 09:30:11 GMT
server: AmazonS3
x-timer: S1687367024.763554,VS0,VE0
etag: "b14888c73642ebc29c1451727eb1eb8a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: I4m3s9qwBZQrMRzXUnUyXvb86UZf0Q_oDkRPYEUdpbQyHdU81eXaEw==
x-cache-hits: 11348

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8vj0CLAa0TgBLA97b2RNonQCWBry3sy8AAABgYGDnAMk4Jg7HaDlbKwcjh1s0XM3Wwt3G4la5Zi7bYrdwjIzDISAZx8ThGC1na-Vg5HCLhqvZWrjbWNwq18xlW-wWjpFxOAUOU3aaXJaDWiBrmlx-NwhB0-nwue71ut_vrvFbLi-n3-Q3_G1_u8bvtkssfzkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIoDw7nu1pfd6HB9XnZ_AAAAAAABAAAAQAKAIH69BMBIZ9eJ__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIgm5tTKw5Rw6Rgt0ijAAAAACU6OjgH5mkE1Qsqvz___dbAbgCABCA6J0OZ59Fd1DiLQwAAADAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCRGZmaYJYAADU_AICAKz5BQQAYDNuAADeCMAJOgStGAxWByEWu9lgsVnMDgAAAMCd____fz0g41ytJrbBxrJyDGcm53Kw8qx2y5HJY5stNrvNYHtM_8uqs0WdRfs4TNlpclkOaoGsaXL57WfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVogCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5fJuRceRwCxeW2Vq0mwzWyuVo5tYNV5PZbOPwuIaDtej1MV2MG4tl5fEiwQCRvUieFulENXE4XIPRyLTcmDyzlWthGSxmw4lt45wYFxPHbiKWaE4W6UR22Xecq9XENthYVo7hzORcDlae1W45Mnlss8VmtxnsWw7fZmQcOdzChWW2Fu0mg7VyOZq5dcPVZDbbODyu4WAten1MF-PGYll5_I3ZcLeZ7QaTwb4xG-42s91gMth3mEzP1OdsVF92Io9MNxpuLjub06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7n8iu-LbbV9e9ZOYgNBkUsEVykE43fcnk5_Sa_4W_7W8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf8Rw-zmquFcNZxLRsNVAgAAAAAAAACwBNNMNwEAAABwMpjJaLBbrdOBbDajwWi1XAAR8c26fqjFt1h_tFN2wWZjQOtx6WYVa-yxhvFbLi-n3-Q3_G1_KwOQ4KtnttlnBLFWq2UNAABAABsAAEAAN914ExBmxf3___-PAwAAICOHHgAAwM4-oKuZmZmZmZl_ACrEWq1WtxtrtVo!&cmcv=&pix=31579697&cb=1687367023755&uv=3288&tms=1687367023755&su=&abt=206725b_vA!nonrv_vA!srcol_vA!srcol_vA&ft=0&unm=SLIDER_INSTREAM&
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:43 GMT
content-length: 0
server: nginx

GET
H2 200 c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
cdn.taboola.com/static/c5/ 3 KB
2 KB 8ms
7ms Image
image/svg+xml 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/c5/c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 3GoWmPpnzFDs5CP3.ebHbCmhALWQMuvH
content-encoding: gzip
via: 1.1 varnish
date: Wed, 21 Jun 2023 17:03:43 GMT
x-amz-request-id: 41T87VQBM485K9ZZ
age: 108
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1502
x-amz-id-2: ndKofreHY+DbyJsLd0gh+7P/+pMxzJkS5Wugtomj6Vj1iREtrRSoDG1RLIr9flqgswnG3SUhoXA=
x-served-by: cache-fra-eddf8230110-FRA
last-modified: Sun, 10 Jun 2018 13:23:55 GMT
server: AmazonS3
x-timer: S1687367024.764879,VS0,VE0
etag: "11d8569a7da0739259e3ac0b0d666e94"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 1
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 30

GET
H/1.1 200
OK viewability Show response
hal900014.redintelligence.net/ Frame 773C 0
150 B 36ms
13ms Script
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/viewability?s=14047100088712104444978012362014&a=98bae9e5&vb=m
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=14047100088712104444978012362014&a=915b2bc3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/request_content.php?s=14047100088712104444978012362014&a=915b2bc3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:43 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 99C3 1 KB
643 B 8ms
7ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13473
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Thu, 22 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2EA9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7ef4122ede36edd7be87b56ba3db970e3c0cb051a4563423bbfdab2bc696c3a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1666 22 KB
8 KB 14ms
13ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 97836
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 13:53:07 GMT
expires: Wed, 19 Jun 2024 13:53:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5886 22 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 97836
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 13:53:07 GMT
expires: Wed, 19 Jun 2024 13:53:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request.php Show response
hal900012.redintelligence.net/ Frame 8F72 2 KB
1 KB 120ms
80ms Script
application/x-javascript 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=5c88e03abc&subid=&uid=b0c5d076b7c61a33&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLZNTbS2TZJS9H9zJ7_UPyqKDsAim5b2gab2TnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAs2exV2lU7I-qAMBqgSbAk_QXrdcytEbzF1JY2M1xHmiJBUL8ReBmVoFMlYtc8vcL3EruFPunlOYKjW0ybnB_iHpsikda33m8_rqDsM2YpSm7RtllDoB6vSfUKl9fuCNzS6bMbPBKhJv8pDaqvBC4pFncU_QdF8M4VqzsOEcb17zZVEkNcwtfTEGOfLy2SKrra_zyKHypzifa8wgiIRyjUNyzmmKm1VBhrSEI4uRNJHu6Kmwn8O1juKLVs9B2I8zumti6x8rSV4L-kmWy9XMiT_91MIf85LHReb99s-tWdc_qPM2NE9S3mXDRbWuMyEx_IlI4d7NcoIPJFsLUQufDRY5nbH2yB7I755OPRwBddhxETB6SgXN5vkRhKs5tRTDF35g7WVmueOBcM_ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE%26sig%3DAOD64_0XKIYe8XAz4PvqqvFZ93Re-R4QIQ%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-DYSjJr_VaRDYPZSSDJOGgKi_S6wQkFkvChGvmWJ-3cQYzb50qC_dvkzonFxQoXe98wnwsTtJC_VD9CSQhEg30tEz1BPGWupWWOCVNT8LwxVkSIy46awAFjF23walTWcY4fywy-KsBY4AgH0fxEv5_8yjrPHjAOG2LvuL3EG0hK7pqf2Lg%26cry%3D1%26dbm_d%3DAKAmf-D3ToacVBzmNWqwKi9XdgZJrH4y8Qujsh-tDBn4IYC6hASKydz6IA3DaAPrrd98nvNQRqM5sSMPIFs7Sl_88hleuz9evLJauExLQiCFDdUYz-4fYP_r8C9Z3YpsRENCgTMUUGyhUKfVB3yNZpXJcc8zOCDDJAB-mnX5NAQC0Cr7OlqpM_mBvO9i-Uddc4LwAywjJYRjRRgaRIPaD7dmr4WFQ8XbCc1jTh84Vy5--rTcpTwMELNaUXJDnZVeQClDmX4lGSv4ym1X1DZkuVPWUSJ4BdcthylRxEbz7JTTJivqFQXzwr7Su318zf0wKmUNi0GTbVu0MUKB0autEwiD_OSX7bC_XX1U2WW2Y9QBsiETCAe6wBn9EBjCbEHkaiSRC3FjrRNDy_S2IRMbzN0QJnS_dZMM7NEtuypw5-zM30W4sDF5wSnxyJiB12KyPwtRHgpf3I_plbVnoqI0DXfSrsQVIVLB_oFQtZT9ZiCrINwSonqPLw6rNtfCwMCOMraDX6N2XQlcSvvhG5XkBZB1WswOrX2Ckqa-m2OkEUWVWknxAFlhHkrIRBSP2Rrkfk26Vk0gtFUa%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=5694091995880&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1687367021515732&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLZNTbS2TZJS9H9zJ7_UPyqKDsAim5b2gab2TnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAs2exV2lU7I-qAMBqgSbAk_QXrdcytEbzF1JY2M1xHmiJBUL8ReBmVoFMlYtc8vcL3EruFPunlOYKjW0ybnB_iHpsikda33m8_rqDsM2YpSm7RtllDoB6vSfUKl9fuCNzS6bMbPBKhJv8pDaqvBC4pFncU_QdF8M4VqzsOEcb17zZVEkNcwtfTEGOfLy2SKrra_zyKHypzifa8wgiIRyjUNyzmmKm1VBhrSEI4uRNJHu6Kmwn8O1juKLVs9B2I8zumti6x8rSV4L-kmWy9XMiT_91MIf85LHReb99s-tWdc_qPM2NE9S3mXDRbWuMyEx_IlI4d7NcoIPJFsLUQufDRY5nbH2yB7I755OPRwBddhxETB6SgXN5vkRhKs5tRTDF35g7WVmueOBcM_ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE%26sig%3DAOD64_0XKIYe8XAz4PvqqvFZ93Re-R4QIQ%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-DYSjJr_VaRDYPZSSDJOGgKi_S6wQkFkvChGvmWJ-3cQYzb50qC_dvkzonFxQoXe98wnwsTtJC_VD9CSQhEg30tEz1BPGWupWWOCVNT8LwxVkSIy46awAFjF23walTWcY4fywy-KsBY4AgH0fxEv5_8yjrPHjAOG2LvuL3EG0hK7pqf2Lg%26cry%3D1%26dbm_d%3DAKAmf-D3ToacVBzmNWqwKi9XdgZJrH4y8Qujsh-tDBn4IYC6hASKydz6IA3DaAPrrd98nvNQRqM5sSMPIFs7Sl_88hleuz9evLJauExLQiCFDdUYz-4fYP_r8C9Z3YpsRENCgTMUUGyhUKfVB3yNZpXJcc8zOCDDJAB-mnX5NAQC0Cr7OlqpM_mBvO9i-Uddc4LwAywjJYRjRRgaRIPaD7dmr4WFQ8XbCc1jTh84Vy5--rTcpTwMELNaUXJDnZVeQClDmX4lGSv4ym1X1DZkuVPWUSJ4BdcthylRxEbz7JTTJivqFQXzwr7Su318zf0wKmUNi0GTbVu0MUKB0autEwiD_OSX7bC_XX1U2WW2Y9QBsiETCAe6wBn9EBjCbEHkaiSRC3FjrRNDy_S2IRMbzN0QJnS_dZMM7NEtuypw5-zM30W4sDF5wSnxyJiB12KyPwtRHgpf3I_plbVnoqI0DXfSrsQVIVLB_oFQtZT9ZiCrINwSonqPLw6rNtfCwMCOMraDX6N2XQlcSvvhG5XkBZB1WswOrX2Ckqa-m2OkEUWVWknxAFlhHkrIRBSP2Rrkfk26Vk0gtFUa%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: 2baff115945cf8cfd43baf60a4f4008c917fc5ab6113a2111d02faada372775d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:43 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 83788000101226904444994012362012
Connection: close
Content-Length: 803
Expires: Wed, 21 Jun 2023 18:03:43 +0200

GET
H/1.1 200
OK request.php Show response
hal90006.redintelligence.net/ Frame C65C 2 KB
1 KB 129ms
80ms Script
application/x-javascript 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=06357347ec&subid=&uid=eb3cf338b9c0a825&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsAeFbS2TZJa9H9zJ7_UPyqKDsAim5b2gab2TnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAs2exV2lU7I-qAMBqgSbAk_Qgd_tEGKFlctgRsfqNLXaTUl_vj2z6zNYR8Zkkaj1GxBQ072qf64yOkWFZQ243VmzzRiarACnr7AuyMdfEQ4-IgLOmSwSBtpp43WiVu-y6Hj8cWWyZjkL8m2UNmqaBGj-pds1W42wKcn-KqR-pRwS5KR80Xhdk1GEGqr4x_17HoyIMxKM2ROMZefXhKq6q0s3mpmtGj0-ykd01Md_ZGeZ6blxdcEquPeXjrXju-YQu-ZCoXz6pr1PXhcQGRSkrY7AK65izpPorVGGaCS3B20QDpcpuVQ7gOoDkNxl93T8ZOn1WwUSySUIQuutqYv0e_d8YnP_9NVhQlQdfADiVorWQavkFZZLcnW-iW84vtINc57H_OxGsWcbKYzABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE%26sig%3DAOD64_1aclOOU8yXsXGRpaec5BnRfFapBA%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-BGJa8VXM_HhIjbAfJp_-UIGMdw9dfYCFTDlhVM2sSO0M5jVMqTb-aBQiQ5OjEW75G7GsvJosv9RgmLxMgv4hp12SOxpH70gBiYsEKwYufmTESC3YDMDZHgegc9LmHJFocdNMu-sDrozaBLBHwJdmjVKAVozhb_5TuX1esfStoq8Iho-x0%26cry%3D1%26dbm_d%3DAKAmf-BIgVhcRWQeEYgDPXPrHtx5M0dESQK8OxXAYnIeDJdGJ7CyruzajZOITfutAQSWBiuOuTGRk4WnbB3o2ta89b19frgkU34T08vzROejSeDbeS0PPG8AHfIOVKK7HAzcmv7ICXG0RwzaPKyXlSsbuK-5MkewPSI2SbepKeKEI0ZuOBSJxSorxVsEZ6Wq8tiapbbMFiObBleFPMbfRdMC2Cy-oMkz5NiSQN2pN0XBlHCb0buR5QrxcxCInUEka3iJxR54HdSHVdQ8SNxjaBnlOKv8MuYFjj2e1vqbKToxAeaVaawWAbHuWlejwRtqxSx882YQxuWaOXCwIoenhb_sxFNL2l5_ZSHsVIoVH125ChtyyibuFNvs5YlbvZRGAX49fnr5byMLmuo3QJPkQ9kcOd2TzSXfxCh4pLhEEuBuGNjsdj2XyAOHpZ3bVrpO5IagtyJaPN9NA12r3BzlTiYoBx7ZnkQTFoFOgp8HW63Qxy8nwkYS9LOq_U1GRCkk4ezlZ9WLtNqHEoN_GawQ-dAGXTIGofZSpSRkMamQXL0y089QwYdjyyOTTdWEJbYN569gwRCBYhlG%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=6779669363022&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1687367021515734&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsAeFbS2TZJa9H9zJ7_UPyqKDsAim5b2gab2TnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAs2exV2lU7I-qAMBqgSbAk_Qgd_tEGKFlctgRsfqNLXaTUl_vj2z6zNYR8Zkkaj1GxBQ072qf64yOkWFZQ243VmzzRiarACnr7AuyMdfEQ4-IgLOmSwSBtpp43WiVu-y6Hj8cWWyZjkL8m2UNmqaBGj-pds1W42wKcn-KqR-pRwS5KR80Xhdk1GEGqr4x_17HoyIMxKM2ROMZefXhKq6q0s3mpmtGj0-ykd01Md_ZGeZ6blxdcEquPeXjrXju-YQu-ZCoXz6pr1PXhcQGRSkrY7AK65izpPorVGGaCS3B20QDpcpuVQ7gOoDkNxl93T8ZOn1WwUSySUIQuutqYv0e_d8YnP_9NVhQlQdfADiVorWQavkFZZLcnW-iW84vtINc57H_OxGsWcbKYzABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE%26sig%3DAOD64_1aclOOU8yXsXGRpaec5BnRfFapBA%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-BGJa8VXM_HhIjbAfJp_-UIGMdw9dfYCFTDlhVM2sSO0M5jVMqTb-aBQiQ5OjEW75G7GsvJosv9RgmLxMgv4hp12SOxpH70gBiYsEKwYufmTESC3YDMDZHgegc9LmHJFocdNMu-sDrozaBLBHwJdmjVKAVozhb_5TuX1esfStoq8Iho-x0%26cry%3D1%26dbm_d%3DAKAmf-BIgVhcRWQeEYgDPXPrHtx5M0dESQK8OxXAYnIeDJdGJ7CyruzajZOITfutAQSWBiuOuTGRk4WnbB3o2ta89b19frgkU34T08vzROejSeDbeS0PPG8AHfIOVKK7HAzcmv7ICXG0RwzaPKyXlSsbuK-5MkewPSI2SbepKeKEI0ZuOBSJxSorxVsEZ6Wq8tiapbbMFiObBleFPMbfRdMC2Cy-oMkz5NiSQN2pN0XBlHCb0buR5QrxcxCInUEka3iJxR54HdSHVdQ8SNxjaBnlOKv8MuYFjj2e1vqbKToxAeaVaawWAbHuWlejwRtqxSx882YQxuWaOXCwIoenhb_sxFNL2l5_ZSHsVIoVH125ChtyyibuFNvs5YlbvZRGAX49fnr5byMLmuo3QJPkQ9kcOd2TzSXfxCh4pLhEEuBuGNjsdj2XyAOHpZ3bVrpO5IagtyJaPN9NA12r3BzlTiYoBx7ZnkQTFoFOgp8HW63Qxy8nwkYS9LOq_U1GRCkk4ezlZ9WLtNqHEoN_GawQ-dAGXTIGofZSpSRkMamQXL0y089QwYdjyyOTTdWEJbYN569gwRCBYhlG%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 23ad2826d08e47ac97b52fd6668c204603bbb78ff4da83fd0173d4ef08ee8524

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:43 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 12995600088354504444994012362006
Connection: close
Content-Length: 805
Expires: Wed, 21 Jun 2023 18:03:43 +0200

GET
H/1.1 200
OK request.php Show response
hal900013.redintelligence.net/ Frame 5AEE 2 KB
1 KB 120ms
83ms Script
application/x-javascript 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=ee35dceec3&subid=&uid=69c2140d3d6b1e59&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9kjqbS2TZJe9H9zJ7_UPyqKDsAim5b2gab2TnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAs2exV2lU7I-qAMBqgSbAk_Qg-WyXmMaSfRguCzqXLL7udFKGCNkBwzL1jfl7k7NqP43_I6QT45ZSY-RBQKU1xukMkLl74VYN-V0WuLhTzYFd_wJR2UZtsXPsfH5NqeBNyNfMTdrCN99rhXbj2EXqhe-5EgX5LJLP3HICpuCiet0rohX7Aagh0Tgg80-gx9Frr9Kle-LAZcKhr6UqCvV747Sfwmq5LutvaagoBh-gFTtNuO218aQzS2uCwVnY2Qf13dNd7HGQit42J_rBaGv8aL14t0g8Qdt6_oHzmGLGwiMelJBdlVkadLhY4y4bAh0W3QoAbABIa76iXeonGG_N0l0M_78B7Tv4EW7wAmXknxcpCw_z8Gde3UQQf0tZbEPz-3XX_p_hI76i0_ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE%26sig%3DAOD64_0rGe1bPMRkpeoKoVth5Wfbkgy96A%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-BJ5oTs_Nn0DIXDt7g1VA9oaNPKRwHCjGBZNyq7Ddoq-l-gt03vm5l7RAk9EbDBGGzSUuQIOxv2a5eRctz6eU0TCBhzfY1EU9zvswKZypqKHrYrrtjGmcTQSYHsiFAiQ9_iKUp0j2WxW32px-Pk7lAVWw2dS2-vdHRqUXIYpLc8ysvfryk%26cry%3D1%26dbm_d%3DAKAmf-BaJXltT9SJ5wwioxd9fw4Z-tHUsE9B3Oz1E3Y_FWeZzXpxMdOLxiZtm2i-YLpp3Pky0v2scc9aIkt03CQYYCRgMCvGUt4aEe1y8cv3ZPtC1vmJzJW_zpSmfW_Mq-5KZuC78E0Yve0hRuxOl8kBKLLo44TACh4IrVYiN-BZ907rJMgGz77Yb4f20MKL4gDn-jzaW9c-ZzauUdexFXyatkluTp3Sapb74LnEHfhkTgxayDrFv330RtFKt4sJpn3fytcfY6kJPYn4AYoNzYrNok3_-xZxTEDbXivEHAbxxbVFHjfZ4F38MdOIq9Ggxs3dh3VBkqXb6YE99ZrIW1-mmOnclkc34Q38Io5X0Ua1GmIvENdPVJMDXTExIeZWztUcrRPHdqQm23eDaZnKE2xz8znfP3-ofuh887r3zYbImBEMM_Vs2OEZikot1RHjjR6D2NvCHfKgYtIu1-kSI-a51nGbezrOBigNuYpDOuRgGvWOtx_HtwX4LAlggIVj9sSvJ10wBiyn93pk3_TRJ_MMTHE233684JA24Qli25dIBCFM9yHwjQu5uQGZ8bw-YN7e55uq7Pin%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=788158010167&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1687367021515735&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9kjqbS2TZJe9H9zJ7_UPyqKDsAim5b2gab2TnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAs2exV2lU7I-qAMBqgSbAk_Qg-WyXmMaSfRguCzqXLL7udFKGCNkBwzL1jfl7k7NqP43_I6QT45ZSY-RBQKU1xukMkLl74VYN-V0WuLhTzYFd_wJR2UZtsXPsfH5NqeBNyNfMTdrCN99rhXbj2EXqhe-5EgX5LJLP3HICpuCiet0rohX7Aagh0Tgg80-gx9Frr9Kle-LAZcKhr6UqCvV747Sfwmq5LutvaagoBh-gFTtNuO218aQzS2uCwVnY2Qf13dNd7HGQit42J_rBaGv8aL14t0g8Qdt6_oHzmGLGwiMelJBdlVkadLhY4y4bAh0W3QoAbABIa76iXeonGG_N0l0M_78B7Tv4EW7wAmXknxcpCw_z8Gde3UQQf0tZbEPz-3XX_p_hI76i0_ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE%26sig%3DAOD64_0rGe1bPMRkpeoKoVth5Wfbkgy96A%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-BJ5oTs_Nn0DIXDt7g1VA9oaNPKRwHCjGBZNyq7Ddoq-l-gt03vm5l7RAk9EbDBGGzSUuQIOxv2a5eRctz6eU0TCBhzfY1EU9zvswKZypqKHrYrrtjGmcTQSYHsiFAiQ9_iKUp0j2WxW32px-Pk7lAVWw2dS2-vdHRqUXIYpLc8ysvfryk%26cry%3D1%26dbm_d%3DAKAmf-BaJXltT9SJ5wwioxd9fw4Z-tHUsE9B3Oz1E3Y_FWeZzXpxMdOLxiZtm2i-YLpp3Pky0v2scc9aIkt03CQYYCRgMCvGUt4aEe1y8cv3ZPtC1vmJzJW_zpSmfW_Mq-5KZuC78E0Yve0hRuxOl8kBKLLo44TACh4IrVYiN-BZ907rJMgGz77Yb4f20MKL4gDn-jzaW9c-ZzauUdexFXyatkluTp3Sapb74LnEHfhkTgxayDrFv330RtFKt4sJpn3fytcfY6kJPYn4AYoNzYrNok3_-xZxTEDbXivEHAbxxbVFHjfZ4F38MdOIq9Ggxs3dh3VBkqXb6YE99ZrIW1-mmOnclkc34Q38Io5X0Ua1GmIvENdPVJMDXTExIeZWztUcrRPHdqQm23eDaZnKE2xz8znfP3-ofuh887r3zYbImBEMM_Vs2OEZikot1RHjjR6D2NvCHfKgYtIu1-kSI-a51nGbezrOBigNuYpDOuRgGvWOtx_HtwX4LAlggIVj9sSvJ10wBiyn93pk3_TRJ_MMTHE233684JA24Qli25dIBCFM9yHwjQu5uQGZ8bw-YN7e55uq7Pin%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 60f3a44d824e32d32acca30d7cd600f6e81abd775d6dffba33eaa89330344785

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:43 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 53618800118183104444994012362013
Connection: close
Content-Length: 805
Expires: Wed, 21 Jun 2023 18:03:43 +0200

GET
H/1.1 200
OK request.php Show response
hal90003.redintelligence.net/ Frame 1ABD 2 KB
1 KB 119ms
79ms Script
application/x-javascript 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=5103db1922&subid=&uid=9f5e1d029d3ec3e3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_wY0bS2TZJW9H9zJ7_UPyqKDsAim5b2gab2TnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAs2exV2lU7I-qAMBqgSbAk_QzG2bVJfT8_fLKNFIWWz7McQKH-xhYDNrV5Z6yxjP65UFiBGYYaaXgCmNG91_ZEsg48YBx6MepEaVPjgvPOc_173_ydQicuguDRGSlxwLIh2r-w0_xkwRXPhV-kWtVPfvkl4BMWt7xFDfQhIPgTNNL-MSuVn1XdHgOb_qctjJzPclvkKSoPrVxKw473Wk7A8f6hBbwZRKV7rDfMi7uODQfhYPSYzQ-H1KLhIAS3wxJzap_nnHUHsUcI7DWaCnN8WEgNF8KBlMti_KUvn6dE-ifL95CNgmBZ1NDOLdGRR8SMaX4412-RAFJm-eBvVC8i5tD4csUDQo5RSVIMNnBGTH3eQjn_Er2QjTm0ajNwhQ5KhiAKTGykgUfTPABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE%26sig%3DAOD64_1NLGiTc6Pj9hv-upLqet1bVd5srA%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-BZMvKOeaaP2wCJvcB9ZadZLKUVvbsNA_rTwZdfMrJoI7qQ-Pgdy48gi7uVIae47ySsSusldujGlmFjsOQNPByKUPjma7oPMW0p9TL45SBxjFfDhiOyYtjFP8FyiLu53qrepeamP-kv3mvJan5NM6Xw1-o5jSm0XLmpO2LputSklfQZaIU%26cry%3D1%26dbm_d%3DAKAmf-BNOSIm8HA07v0QxtSYOAsIkyMoQQBYXWCCYPDH9yPnvlXN2nJQHpLeig3rBO57dwpHqFXq5lH6kvOgXlNnprRDg_Cd4m8oVG0gK4FuoKAU3-K-7smSoILJZx_bptXgvgN4YCJBb_7bCXWKioZpOfoaeEE7YznQ1aKg4SbNPDeCItyNvctlatasEIzeWk8pPLRfbmVSPiEE41oi0owrKG7ZkH9iaoyBcf6ZXhnTjBAxAos1OMy0AY81k7T_gocICBYx-FMzwxqx76CLlgO6ZBJT9HssfM5DlKXVDTT4GsH9DnDzidpX3WXZACe7v27lQH2MYk-e_tz2CdKUIS7NgoxHXPY-vbh2fqEMAK6gbKyjxL7-sdQyshAgIfDqFHbMZkJBFRldiNOlPdK7mgqZO3Rfl5dJp1lsFYWklezIHKPVxNSyxdKY34zXnOuIYKDgX3PDYgosKSWjbUQnrQor5Xk4aBq29JthWjk4_wL4cLO9KvxomPhSMDDPRsdKvGTpTnd3RoUfdtB0LZtzZUOCl22SDKFb0olLMzQsMt8Oy8IOD8kkFV1qcxc8Pl1EsVY6CbUwGUHe%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=1206522911147&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1687367021515733&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_wY0bS2TZJW9H9zJ7_UPyqKDsAim5b2gab2TnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAs2exV2lU7I-qAMBqgSbAk_QzG2bVJfT8_fLKNFIWWz7McQKH-xhYDNrV5Z6yxjP65UFiBGYYaaXgCmNG91_ZEsg48YBx6MepEaVPjgvPOc_173_ydQicuguDRGSlxwLIh2r-w0_xkwRXPhV-kWtVPfvkl4BMWt7xFDfQhIPgTNNL-MSuVn1XdHgOb_qctjJzPclvkKSoPrVxKw473Wk7A8f6hBbwZRKV7rDfMi7uODQfhYPSYzQ-H1KLhIAS3wxJzap_nnHUHsUcI7DWaCnN8WEgNF8KBlMti_KUvn6dE-ifL95CNgmBZ1NDOLdGRR8SMaX4412-RAFJm-eBvVC8i5tD4csUDQo5RSVIMNnBGTH3eQjn_Er2QjTm0ajNwhQ5KhiAKTGykgUfTPABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE%26sig%3DAOD64_1NLGiTc6Pj9hv-upLqet1bVd5srA%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-BZMvKOeaaP2wCJvcB9ZadZLKUVvbsNA_rTwZdfMrJoI7qQ-Pgdy48gi7uVIae47ySsSusldujGlmFjsOQNPByKUPjma7oPMW0p9TL45SBxjFfDhiOyYtjFP8FyiLu53qrepeamP-kv3mvJan5NM6Xw1-o5jSm0XLmpO2LputSklfQZaIU%26cry%3D1%26dbm_d%3DAKAmf-BNOSIm8HA07v0QxtSYOAsIkyMoQQBYXWCCYPDH9yPnvlXN2nJQHpLeig3rBO57dwpHqFXq5lH6kvOgXlNnprRDg_Cd4m8oVG0gK4FuoKAU3-K-7smSoILJZx_bptXgvgN4YCJBb_7bCXWKioZpOfoaeEE7YznQ1aKg4SbNPDeCItyNvctlatasEIzeWk8pPLRfbmVSPiEE41oi0owrKG7ZkH9iaoyBcf6ZXhnTjBAxAos1OMy0AY81k7T_gocICBYx-FMzwxqx76CLlgO6ZBJT9HssfM5DlKXVDTT4GsH9DnDzidpX3WXZACe7v27lQH2MYk-e_tz2CdKUIS7NgoxHXPY-vbh2fqEMAK6gbKyjxL7-sdQyshAgIfDqFHbMZkJBFRldiNOlPdK7mgqZO3Rfl5dJp1lsFYWklezIHKPVxNSyxdKY34zXnOuIYKDgX3PDYgosKSWjbUQnrQor5Xk4aBq29JthWjk4_wL4cLO9KvxomPhSMDDPRsdKvGTpTnd3RoUfdtB0LZtzZUOCl22SDKFb0olLMzQsMt8Oy8IOD8kkFV1qcxc8Pl1EsVY6CbUwGUHe%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 14253c696f701bab73c8a9515a303bfca761284ee7c89ba828bd6a3d697ab74d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:43 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 36092100092016204444994012362003
Connection: close
Content-Length: 803
Expires: Wed, 21 Jun 2023 18:03:43 +0200

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
11 KB 385ms
384ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=227302566722832&correlator=3619032242439894&eid=31074824&output=ldjh&gdfp_req=1&vrg=202306140101&ptt=17&impl=fifs&iu_parts=21715141650%3A1840275%2Cdesktop_horizontal&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C970x250%7C728x180&ifi=19&adks=994353144&sfv=1-0-40&prev_scp=dk_refresh%3Dtrue%26index%3D2%26hostname%3Dwww%2Ccorreiodopovo%2Ccom%2Cbr%2Cwww.correiodopovo.com.br%26pathname%3D%252F%26placement_name%3Dhorizontal%26secom%3D1%26tier%3D1%26requested%3Dtrue&eri=1&sc=1&cookie=ID%3D24374c29096ff7d2%3AT%3D1687367020%3ART%3D1687367020%3AS%3DALNI_MZatcUSJN77lwWveC52MzCRo6eHAA&gpic=UID%3D00000c326f282931%3AT%3D1687367020%3ART%3D1687367020%3AS%3DALNI_MZDvftnhDeWWJVkCY6Fap_3iNVKIw&abxe=1&dt=1687367023848&lmt=1687367023&dlt=1687367019376&idt=1063&adxs=315&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=16&ucis=i&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=246229871.1687367020&ga_sid=1687367020&ga_hid=792804722&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1015b9c836089217f1a78686809d9445372477223e6c1703d143b71cbaaa10f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11661
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4DF5 22 KB
8 KB 11ms
8ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 97836
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 13:53:07 GMT
expires: Wed, 19 Jun 2024 13:53:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C280 22 KB
8 KB 10ms
9ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 97836
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 13:53:07 GMT
expires: Wed, 19 Jun 2024 13:53:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1703 1 KB
643 B 8ms
8ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13473
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Thu, 22 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6B9E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 843e871d9460dfabc82da88aefab24171a4526fdaa9f34f0fcf6eb670b3ac288

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9429 1 KB
643 B 8ms
7ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13473
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Thu, 22 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C4B6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25652460cd649583f820f9e09bf68e81ef4fd5a696f1639cfb62351629dae4a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame CEAF 85 KB
31 KB 52ms
8ms Script
text/javascript 18.66.147.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=14047100088712104444978012362014&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-120.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 07:54:53 GMT
content-encoding: gzip
via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 32931
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: TdcW_xkQze1bwhFXJ3JwlVVUHSdnRjE-k2IkFpTlKK4PpbyRY7fOLw==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame CEAF 85 B
438 B 74ms
17ms Image
image/gif 18.155.129.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1687367323&Signature=WI6Jnbez8M-KnDXMQd2AZ2PbEjiNp-WUcQGmqDUA8UZldHbaFE3dgx57~pSGS1W547i7yRy3muMij5hGWRllSW2MnapN76d4~Lh6-Lgd~lkG225uj8FhSsUxA4xVmvq90nuez7gda0r7lO3twnXlWyaNV9cxq6MD0N6FSOPR1duHt3vO3XTOmZDWh3l8O7VL~fmDLJr4BxvBm8yhNUEh1Dnsu7PDXkfYnGzVXz-uRwyp9DiODpyoTULyW3Q8F6mRpqs8aO42xoMBEw8fLtVzfMbzGW3OTQXXkjupyryJR9MdQpmL16BwAw6h9pdz4xv6jI9cQMixmo-rd36HrAy9gw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-96.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 21 Jun 2023 02:39:18 GMT
via: 1.1 cae331f931db08913da8ffb683cc6f68.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 52342
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: 9kkkksihvVkGL624FvoikZW_HnVGx3k99ZbLRg5dm4Czj6vepJg3FA==

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7A8E 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 97836
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 13:53:07 GMT
expires: Wed, 19 Jun 2024 13:53:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 8ms
7ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.correiodopovo.com.br/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Wed, 21 Jun 2023 17:03:43 GMT
via: 1.1 8f6bdaf52990daaab8fe7162027bdec4.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: VIE50-C2
age: 314316
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-fra-eddf8230110-FRA
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1687367024.941367,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: KeRHC3LKLO0XQKojJBbD0tHrBXvvLrHwZKSWav-ATh5HE9Ep3r-cOw==
x-cache-hits: 87941

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame F5B3 70 B
264 B 33ms
33ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8vj0CLAa0TgBLA97b2RNonQCWBry3sy8AAABgYGDnAMk4Jg7HaDlbKwcjh1s0XM3Wwt3G4la5Zi7bYrdwjIzDISAZx8ThGC1na-Vg5HCLhqvZWrjbWNwq18xlW-wWjpFxOAUOU3aaXJaDWiBrmlx-NwhB0-nwue71ut_vrvFbLi-n3-Q3_G1_u8bvtkssfzkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIoDw7nu1pfd6HB9XnZ_AAAAAAABAAAAQAKAIH69BMBIZ9eJ__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIgm5tTKw5Rw6Rgt0ijAAAAACU6OjgH5mkE1Qsqvz___dbAbgCABCA6J0OZ59Fd1DiLQwAAADAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCRGZmaYJYAADU_AICAKz5BQQAYDNuAADeCMAJOgStGAxWByEWu9lgsVnMDgAAAMCd____fz0g41ytJrbBxrJyDGcm53Kw8qx2y5HJY5stNrvNYHtM_8uqs0WdRfs4TNlpclkOaoGsaXL57WfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVogCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5fJuRceRwCxeW2Vq0mwzWyuVo5tYNV5PZbOPwuIaDtej1MV2MG4tl5fEiwQCRvUieFulENXE4XIPRyLTcmDyzlWthGSxmw4lt45wYFxPHbiKWaE4W6UR22Xecq9XENthYVo7hzORcDlae1W45Mnlss8VmtxnsWw7fZmQcOdzChWW2Fu0mg7VyOZq5dcPVZDbbODyu4WAten1MF-PGYll5_I3ZcLeZ7QaTwb4xG-42s91gMth3mEzP1OdsVF92Io9MNxpuLjub06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7n8iu-LbbV9e9ZOYgNBkUsEVykE43fcnk5_Sa_4W_7W8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf8Rw-zmquFcNZxLRsNVAgAAAAAAAACwBNNMNwEAAABwMpjJaLBbrdOBbDajwWi1XAAR8c26fqjFt1h_tFN2wWZjQOtx6WYVa-yxhvFbLi-n3-Q3_G1_KwOQ4KtnttlnBLFWq2UNAABAABsAAEAAN914ExBmxf3___-PAwAAICOHHgAAwM4-oKuZmZmZmZl_ACrEWq1WtxtrtVo!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:43 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 ea73d8da-8a26-4720-994f-785266cac580-tuctb8cb2ec
pr-bh.ybp.yahoo.com/sync/taboola/ Frame F5B3 0
530 B 33ms
33ms Image
text/plain 2a05:d018:d29:3605:6ce8:f044:1eeb:8f7f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/ea73d8da-8a26-4720-994f-785266cac580-tuctb8cb2ec?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:6ce8:f044:1eeb:8f7f Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:43 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-length: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame F5B3 0
38 B 9ms
9ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame B6F1 0
515 B 22ms
21ms Image
image/gif 95.101.148.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=3368&src=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&browserUrl=undefined&ref=&utmz=&n=Correio%20do%20Povo&md=&mk=&il=0&limit_drop=&userid=a3d22294-814c-48bd-a8b0-b47a487952db&idx=&fullVersionList=&platform=&_rlid=a3d22294-814c-48bd-a8b0-b47a487952db
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-148-198.deploy.static.akamaitechnologies.com
Software: MT3 933 7933424 master cdg-pixel-x32 config_version:"1438" /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.retargetly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:43 GMT
Server: MT3 933 7933424 master cdg-pixel-x32 config_version:"1438"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Wed, 21 Jun 2023 17:03:42 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame BA5B 984 B
851 B 50ms
9ms XHR
application/xml 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367022781,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_3bc8d9fc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2aabf798514f82b3cea662c76192b068af43f7d501b2d7a336495d9f809c949c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
content-encoding: gzip
server: Apache
etag: "23da-5f762218eccb9-gzip"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 609
expires: Wed, 21 Jun 2023 17:03:44 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/114/ Frame 05B0 51 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/114/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184de53a881ec8e4e218974c548e2fc8e0da4b8ddaff2e7bdc6267c6e70a8636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 20:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15225
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 15:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 21 Jun 2023 20:38:32 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 864C 42 B
64 B 60ms
44ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstp3Yu8IaZJQW81d0oA4xgYbm9zDWpqyAAhBIU3QANMW1IIVy-5KNlL4GkCpA6JkOnvFWf1d8pG8KP2MpAkRdJnNTIJadJs8nMoaiXiSmpUbmWRCY-yYgo5bYDQPVfA4E-IkQdTHdNagw9a&sai=AMfl-YT5bFxEVNfSddrT6OA1Cw1iLlSjso4BrRr3j945Sw732OEfzUDqXp9BPmb1MJMQtX9_Ja67rRPV3QEOs0Z2d-TtgeH3oG8VuTr7oKPsG3KztNmQi-uvX2sTLXnXiIVnsVNMOn6G3lRy5Hf9&sig=Cg0ArKJSzKsbLxlc914QEAE&cid=CAQSSwBygQiDUUsI_XlylbNWRyB-nvWzRDD_HiGvIH2wXVANcQSw-x9a8twin3CckjFRzt9pTntbRAvr6GMfU3rFlML81GIaDXH-n9546xgB&id=lidar2&mcvt=1098&p=230,315,480,1285&mtos=1098,1098,1098,1098,1098&tos=1098,0,0,0,0&v=20230620&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=412799113&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687367021403&rpt=1499&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 773C 14 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900014.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 18:52:01 GMT
x-content-type-options: nosniff
age: 166303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jun 2024 18:52:01 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 773C 15 KB
15 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900014.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 18:52:01 GMT
x-content-type-options: nosniff
age: 166303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jun 2024 18:52:01 GMT

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/7574746098446268149/media/ Frame 7D5D 1 KB
642 B 8ms
7ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7574746098446268149/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7574746098446268149/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7574746098446268149/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 01:06:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57449
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 15:49:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jun 2024 01:06:15 GMT

GET
H3 200 56c18fc0b1b6cdb8b1ba6050c0ff1ddf.png
s0.2mdn.net/sadbundle/7574746098446268149/media/ Frame 7D5D 25 KB
25 KB 10ms
8ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7574746098446268149/media/56c18fc0b1b6cdb8b1ba6050c0ff1ddf.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7574746098446268149/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30c63a3eb07f8c29ab598f3d33bc7ba6f9bce3acdb6d7ed5ccba8ad70b23a303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7574746098446268149/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 21:34:40 GMT
x-content-type-options: nosniff
age: 70144
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25635
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 15:49:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Jun 2024 21:34:40 GMT

GET
H3 200 3a0575295b288f57a221726ffa156d57.jpg
s0.2mdn.net/sadbundle/7574746098446268149/media/ Frame 7D5D 9 KB
9 KB 10ms
8ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7574746098446268149/media/3a0575295b288f57a221726ffa156d57.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7574746098446268149/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6861003bc1657baf57bfb25afe3d7c5199bd5fb9f35db55344008eb4abebb90b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7574746098446268149/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 08:10:32 GMT
x-content-type-options: nosniff
age: 31992
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8839
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 15:49:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jun 2024 08:10:32 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/7574746098446268149/media/ Frame 7D5D 5 KB
3 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7574746098446268149/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7574746098446268149/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7574746098446268149/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 05:42:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40846
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 15:49:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jun 2024 05:42:58 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5358810056708269933/ Frame 58A2 15 KB
2 KB 16ms
16ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=y1rcCyjlwO&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e00636ae85753830f398b2024f479648576821eb66d1d5dc0955b120e60cf2c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2269
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:44 GMT
expires: Thu, 20 Jun 2024 17:03:44 GMT
last-modified: Thu, 16 Feb 2023 16:32:29 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2EA9 0
0 54ms
54ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0t9m5_weuoROZi-qU7roLXIA3jMpELPv_nGobxREn_cTg1rIorMlxU1yBotRecHBveKt6jnDr-AiTPVJ-ZwwhUZvQ4Gr-UU6lnCCcgvbPMQAjQZNwGCuCRuatVHvqdh3G2k0elsgyZX-Tl8Zps0LpieDXMoHeaC8WXywEw5SKbgwAM-9LIBStcEuTn-_gx7GLyVrLkFrKsjJhLATydvT0F-QkTf_aipIOfeuBad01--HYcjWP3qEYfdXphEMX0d8j0mvxBEmc7uxSFgpeqinAEI5HjfIFmZykidI8IXhseen7RAM8PSAAP41lrufjf-XjQ2y9CVMAvccR_LulhsdhSHEvBaVvJfvwBcix98SSDzvCbFAz7xyYcJ82v1RQnhUtxP6IZA9xQh2x_OvTalFQ8qDLFsKb3NAESQLFCYtTJ0zLEUM96AdDjIVJsX6JvFHVN010NEDEiePnpzTqCSpYZxILhqo7e7v63q4ArM9Ay5aB_Vf6rG3js7HP0IN0aZJ-DPSu2-OP_cYyuncI6gqZtg26Qle6ByyqHGXAZjfsojUGk4xXX-f1RmdduFMoKcavfzusW0wS1zTz0zuUjeiNXhB9i696_IY4oMOYjRuQcjL6BvGIu1nNlFk7tohXi_AhzXtgqgrKu85IVRQ_x9FvCL9aQ4vKDg748Ym9oBQr_7Fwxh-59D6DQH5pxdKKgcyl95fXWMVUxvJFOCtUzoOpuKKF8LvyWO5-Pqk18PA02ttMiQtVQWXDwKbHJcYdX-ofDHQ721ru2TTBHjrEJ9sMP2KvlKHRJLXCCTDJ9GUlt-TKJ27m5QjlKRKGOJPi0ieaVCj3oCTI6qpbpofsE5m5oJf_ceBCGHJ34IVnPzVCZadViE5PhAp9HKmrx8LzaJSWHFyt7q94OYZQgeTCVdWS2j9HCERvTGy17OB_qnbYW48bHNyoyxeN5UCoA4NtgXD3jMFbOzJIYIgV8qvMDzgSANzm1ihZFcsSBj4dnQDSbWsnLH7k2GVdCfjp5gruZJRHT4-HwsZnU5b0zuRdssD7nWMCFrE7za8NAPNEiZSweLDfjcoz5sUoOKk4prI-SEqZ0cuOeQ-fHtJTZp8yK4RUQWECMPGoNZuO2fS_CWV1Ckm2-JX6m4K_rAgsFSXeEE1uk1xAM8pQpfknVQlBFuaGhQlW1a_Q313vAS0OtxaWvzSRQtVhbl3dYuty4Ne97QrUUGa6ZvlwlXFxxVbjldPjoWdDYgp1IB3JZrYXC6UJbXlab38i2U482AbjppgJHfNT-OVNPe-BPgEVRa3Y7RbGFSCkmsluTI2NlwZYZKqqth1ehVtnVC2eKmBXXCN8r4xWBcAWD1AcojJfP3QtZDU73kE8Wjav3CY_9PJREQmZqKXaj12xhjI-jRaYck02-oc-5BlTcLxBWrM4addsGZ6z-OYYlvxni1J6IgpbBfCeJuo4v6U4QrBPjuCglMU&sai=AMfl-YTVPP9lggPXEJ5GKIv26AjfHEXVh4LWOKg9bduLCY5h4OLnNwTLIxxo9sh5AXnjUXLXUctCe4qi6s91vtSz0ytGbz92b934ksQoPvT1UDnDk4v4swj7ZqYig_TKm0ZgscPPr9pwkC-l68AcfvNCcmQk2fMFZCRfRNtFonVh2kNnI7EXoBXds7nonL9oFGV8uHlmw49WQ-3a&sig=Cg0ArKJSzLJzuCIzPdfwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=528&cbvp=1&cstd=522&cisv=r20230615.47078&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Jun 2023 17:03:44 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:44 GMT

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame F6F4 5 KB
5 KB 11ms
11ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2806776007
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 53F8 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 11:36:49 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5358810056708269933/ Frame A6A2 15 KB
2 KB 17ms
16ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=QO2mJ3msF6&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e00636ae85753830f398b2024f479648576821eb66d1d5dc0955b120e60cf2c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2269
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:44 GMT
expires: Thu, 20 Jun 2024 17:03:44 GMT
last-modified: Thu, 16 Feb 2023 16:32:29 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6B9E 0
0 54ms
53ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvdUPjfU63KbKE6H6mA49BrnRuIDj25qFZYFJOkkTjqdDc6FWDy31-AU5tOyGy6zrQb3-6fIhaFi_AIrIIFOV-qlKqtBi7iB7M6F_oN741rbC1liqLbp9t-tH96jw0cvrjX7mYsK-ERu_RynIK1ArXj2IVDcJLYyJVrtSkF1crpwi0qB1QKP1bnsAG29-Pytn9Zp-fFPiFIIixGquTTAN29-iwVtOX77kmMDoeXjNYim42EtjwtBI4vEZBSpTRItLnckI4M4a374ywds2O0DakfA0ONneaAI5DZiDhgfNGHoCNGsZ6jm-Mw0JbJZbK_2rlNlTfErR_VF8xsoBauL2ASDTH43C6agAZ9NtK6-14H8oVitb6s0M7w4Ry0EyevZYbp5Z1Pt-zgmiwIl7SUKEI8HRxKx3ZovHYNArV5AdHzLJceNGeX2CyHxcdHMhy4skmQz0bE3RTJMZWUsIh5AAcYl21xY85Xho8do0POCQLf59EbMb7dTWRsCWN79e8Wc2lHMG8QFJ-4A8Alq-DIZ-CViO76r0D6eLJS7K2qYJ0pVSvmPbVfvC6lALNok8FPCXd5770I1A8lYJNUMqFJinGbdQJDysIcHMS0GgaxOEchWXbhcm4afdm_tjvSkkGElWCT27byvImuEGfaqYZXGW9ABNTEWs9gYGlff20IFxiOnDQOstwg3cjyC7ZjxTd2u_10EhyWwAAZH9vHTG5Xp7horm2EsxdLMqwigM66ugfZSiSzYHGrOsQ34eoHyF57lkG5TL7tJ3ANw76TVvBofbpiFI6bS8oWmH3CbjulDmH4BQCHuNI8cx1uDb0i_pL1ytAvyB5GVgxFw8UDtMOgSialV50YP03V66QALtqdrIuFRtH8ODJdeMRsAtRUr5fKFvSL4pMbsXyQr0j_8CKIaHEWRmoUKdQsTOWrYSkvpOmUIhVP5P-q31jD1i0VIoz7D8jVEHyxSH1Pqv5FIUy5Sf0fv3cSCiw7g8Ik0U0V5Ip1Ak90ADXoV9DCvHGv5GpbN-5ijGO0cCeYFI569XSrWmaoSJ-CJYlznCp-oqrmoWLTep2sPtrkV1pXnCOh6uG1v-U2FxoRV8KG4Ddym-t5XL4KGYYAbfnkOGvxAx5VJ2uPGD1v3x_bv0R5MVgfnZaG8rlbb1A1ohFCsF7jcqbkAFmu9SH-RieIasJVrpYltY9SjLJ09xLAZRoNt8axM5K5YES4_lwoK6VPijEPxJTFiGDLiUN1L47X4FAXTjUsPkogiJE4DHfAPWQgs7maK1AZuKSvb5TwuZ7cVs1OFtX8Q7TdzuE87WUA8sf9UiOOLSXkxwg_ohr1LXq4QzdiTQyvsBRJy6a1Zu5jY7xzL3d5Fw4_PgwPGflW0IPXhOirMRK-61C-L6YDaiDwhyfxtxNEx_dNDpVg80cbplNJha02Cy3io6NBCiW7TxIhAoXHhGLEklG1JQCCwQK85Jcu4HBn38Xn&sai=AMfl-YRuP1YFdfI5u7ktyeeWb9xENbohnAatxefmdJ1eu_ATrelCbpeBuVfHhb5K7epR1JaTmzAqHlymL-Tw7fq-2CqIwBRchEuuL_2owpAvcqx3x4b17Aktc7h50X7zsLP16gXDa3caRSrtz_oyC7hPpO_9srl6GUtdfmHoL3sr1BF9knK6owZMY7KSoNJ69F50jLZhPQrhduCX&sig=Cg0ArKJSzFYmEWH22N6MEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=467&cbvp=1&cstd=461&cisv=r20230615.79512&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Jun 2023 17:03:44 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:44 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5358810056708269933/ Frame 5632 15 KB
2 KB 16ms
16ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=98lqtTCVOC&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e00636ae85753830f398b2024f479648576821eb66d1d5dc0955b120e60cf2c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2269
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:44 GMT
expires: Thu, 20 Jun 2024 17:03:44 GMT
last-modified: Thu, 16 Feb 2023 16:32:29 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C4B6 0
0 53ms
53ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssJVrDH6rkVb8ZHkB1-9I8xMckKn5fRdEgomcdfF2iG_R204Ed2sIF8tbU6c3ICVksnufngRspYnd4bz76416PsXWpxoqpVhiLQ5ZnDpsm_qGY6hD_WqyUP4KazR5ASV9AAnFyPd0ZHEr8CygjXQVCvSIP8thPfME9rVQ-MHKuMQcDAoGVz5bW7JBWFpBKfeW2nR-Zfkv-4IaiGbxxuI2IRArYPE0Wj-OHc0lSrtlyM311y9XNHSbGfl-RU2Xsy_jaLQTyHqg1sZWfTDqWSAXqiaUJexI8vvJiR_IVt8ZtkEg8PojeCP5o7fsdXX2qurbzrwv-i40zxfEvjcGWiQMfemU8EysY2IvHnmECxLMe17iu_CFMMnl-2uJpjldVyQS43Y6Q_h5IPs8e5C8GKjuCUI095AuWoNG6bWgeyYuYJbCvaeO1utIfnK475ZHuDT-3NJJmE0c1BUmVz6_mjgW1ZAx55oOE7xI9or6eU4Pb_RG7UBZTtGJh74YBGE5peePiB1E_ST82Yy9fLWokiQeGc6Ct9X_UUNvQoZ7aGxYFVVi8H1TBvtsfJGgsL2ohh89MgInOlqBXvNENb19P8r95b_GTzfwEBR21slvQZwK6U_TWYo5yj3G-DUK5L_kILNEB6d8Wb_u-4gn-ut_RQLcfPIfOwxF6xj2tGEXThL3ZHbJX9GYvMyKTQqsZ6YQqv5j67W7u9M1HC4T27P_ku8Opw-5go_Fx7xjXLZkZC1zu-oTBYEWrnOSOmO5F_ZKtLh5KEFZ0BFNjCRmKHQUr88tVkPgd1fwEdU8swu9ag0sKODnM67G-Yluv9uFvrpLPMdsvRmu3ZWlWAA3u4Q7UDQZhKyYwF1DvGmcdjhUW02iJQEkmIUpyuHSq1cfJnJE0LsRVuJeESp4FBT8KLDgxHRL0gO29eHvOa0Kku6zZUasjSyEnPBhsN79WnjJv56p-42p7Jv4KcYY7rIn2DexKCCevNOLIFsUlDeNI5opo45GrZ0KNrIvx1K9PqnZfVaCv9SXBTyGzYBURsTOEe66x6fjrSPpOYMYnaZjq30tNLVzie7bStWFOces_bki_tZbB0RZKJ5CFH11LLw-5aKU0vsn_8H7cqjMyUomH04vrr8dWEE37e_3r_2Tz0NXM_mltKybeLxzHUBfxhuJJ9cHn2Ym2s4dXNLtSvldFLqttU_bTfKUXCmN9R89HbSSCII6Hf5TJMBVzDH1LHx7W5eMaFgTVPtpCVJhldWtlrtzR8nkt9hA3j1gmCPrU_IjFMYMTUzCtpyeWnhl7FQEC0Vmb9UVmT4wNVAAtLKCmIrAQv_6AtF1s-5si0Gv1zEL6B3qhIL4eRewT0jgVnMOxwR7rHUWcWtjXerl5WAdDcIRXaHdfjqFuWeKYVbLwCJmSoUX8pnbD2u7RQcqVYScIPtOWaNpz0W4SXqcQ0b57iALX7R4JAyOB77UyYg1FKhNz3u3pok4qD&sai=AMfl-YQG0Zz2_vf-saL_CVN1Vqm_48Vm_D0qrFWmVParC946Q1bzPvXL8N5c3qEJUat2mahx7P3r5-Je3SmyPcDpK3jbYEOEPdBu9iVioQoSTWO23TKXJ7L4EvkLff_mID2qUdrS-f7uPEVJnqmFdAlf-q9j2rOd5deaX9uAtnL6jkiE7esrMv9sjNJ0XfJRu7If8iENuP4HcK-2&sig=Cg0ArKJSzCIeTxzk5LEMEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=476&cbvp=1&cstd=470&cisv=r20230615.01955&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Jun 2023 17:03:44 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:44 GMT

GET
H2

200

ht.html Show response
www.more-and-more.de/alvine/tools/track/ Frame EE89
Redirect Chain

https://www.awin1.com/cshow.php?s=3004312&v=11842&q=424689&r=296283&pref1=83788000101226904444994012362012&pv=1
https://www.more-and-more.de/alvine/tools/track/ht.html?sxx_partner=zanox_de

2 KB
1 KB

25ms
25ms

Document
text/html

194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.more-and-more.de/alvine/tools/track/ht.html?sxx_partner=zanox_de
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=5c88e03abc&subid=&uid=b0c5d076b7c61a33&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLZNTbS2TZJS9H9zJ7_UPyqKDsAim5b2gab2TnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAs2exV2lU7I-qAMBqgSbAk_QXrdcytEbzF1JY2M1xHmiJBUL8ReBmVoFMlYtc8vcL3EruFPunlOYKjW0ybnB_iHpsikda33m8_rqDsM2YpSm7RtllDoB6vSfUKl9fuCNzS6bMbPBKhJv8pDaqvBC4pFncU_QdF8M4VqzsOEcb17zZVEkNcwtfTEGOfLy2SKrra_zyKHypzifa8wgiIRyjUNyzmmKm1VBhrSEI4uRNJHu6Kmwn8O1juKLVs9B2I8zumti6x8rSV4L-kmWy9XMiT_91MIf85LHReb99s-tWdc_qPM2NE9S3mXDRbWuMyEx_IlI4d7NcoIPJFsLUQufDRY5nbH2yB7I755OPRwBddhxETB6SgXN5vkRhKs5tRTDF35g7WVmueOBcM_ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE%26sig%3DAOD64_0XKIYe8XAz4PvqqvFZ93Re-R4QIQ%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-DYSjJr_VaRDYPZSSDJOGgKi_S6wQkFkvChGvmWJ-3cQYzb50qC_dvkzonFxQoXe98wnwsTtJC_VD9CSQhEg30tEz1BPGWupWWOCVNT8LwxVkSIy46awAFjF23walTWcY4fywy-KsBY4AgH0fxEv5_8yjrPHjAOG2LvuL3EG0hK7pqf2Lg%26cry%3D1%26dbm_d%3DAKAmf-D3ToacVBzmNWqwKi9XdgZJrH4y8Qujsh-tDBn4IYC6hASKydz6IA3DaAPrrd98nvNQRqM5sSMPIFs7Sl_88hleuz9evLJauExLQiCFDdUYz-4fYP_r8C9Z3YpsRENCgTMUUGyhUKfVB3yNZpXJcc8zOCDDJAB-mnX5NAQC0Cr7OlqpM_mBvO9i-Uddc4LwAywjJYRjRRgaRIPaD7dmr4WFQ8XbCc1jTh84Vy5--rTcpTwMELNaUXJDnZVeQClDmX4lGSv4ym1X1DZkuVPWUSJ4BdcthylRxEbz7JTTJivqFQXzwr7Su318zf0wKmUNi0GTbVu0MUKB0autEwiD_OSX7bC_XX1U2WW2Y9QBsiETCAe6wBn9EBjCbEHkaiSRC3FjrRNDy_S2IRMbzN0QJnS_dZMM7NEtuypw5-zM30W4sDF5wSnxyJiB12KyPwtRHgpf3I_plbVnoqI0DXfSrsQVIVLB_oFQtZT9ZiCrINwSonqPLw6rNtfCwMCOMraDX6N2XQlcSvvhG5XkBZB1WswOrX2Ckqa-m2OkEUWVWknxAFlhHkrIRBSP2Rrkfk26Vk0gtFUa%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=5694091995880&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Coburg, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: 014bdd8933f62e8a78fb2b79c514bf540092e441a6f1c0ab21c29c552a43df22

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: private
content-encoding: gzip
content-length: 993
content-type: text/html
date: Wed, 21 Jun 2023 17:03:44 GMT
last-modified: Thu, 15 Jun 2023 11:22:39 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0
Date: Wed, 21 Jun 2023 17:03:44 GMT
Location: https://www.more-and-more.de/alvine/tools/track/ht.html?sxx_partner=zanox_de
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Strict-Transport-Security: max-age=86400

GET
H/1.1 200
OK request_content.php Show response
hal900012.redintelligence.net/ Frame 5097 7 KB
2 KB 37ms
13ms Document
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/request_content.php?s=83788000101226904444994012362012&a=f017dcc3
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=5c88e03abc&subid=&uid=b0c5d076b7c61a33&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLZNTbS2TZJS9H9zJ7_UPyqKDsAim5b2gab2TnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAs2exV2lU7I-qAMBqgSbAk_QXrdcytEbzF1JY2M1xHmiJBUL8ReBmVoFMlYtc8vcL3EruFPunlOYKjW0ybnB_iHpsikda33m8_rqDsM2YpSm7RtllDoB6vSfUKl9fuCNzS6bMbPBKhJv8pDaqvBC4pFncU_QdF8M4VqzsOEcb17zZVEkNcwtfTEGOfLy2SKrra_zyKHypzifa8wgiIRyjUNyzmmKm1VBhrSEI4uRNJHu6Kmwn8O1juKLVs9B2I8zumti6x8rSV4L-kmWy9XMiT_91MIf85LHReb99s-tWdc_qPM2NE9S3mXDRbWuMyEx_IlI4d7NcoIPJFsLUQufDRY5nbH2yB7I755OPRwBddhxETB6SgXN5vkRhKs5tRTDF35g7WVmueOBcM_ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE%26sig%3DAOD64_0XKIYe8XAz4PvqqvFZ93Re-R4QIQ%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-DYSjJr_VaRDYPZSSDJOGgKi_S6wQkFkvChGvmWJ-3cQYzb50qC_dvkzonFxQoXe98wnwsTtJC_VD9CSQhEg30tEz1BPGWupWWOCVNT8LwxVkSIy46awAFjF23walTWcY4fywy-KsBY4AgH0fxEv5_8yjrPHjAOG2LvuL3EG0hK7pqf2Lg%26cry%3D1%26dbm_d%3DAKAmf-D3ToacVBzmNWqwKi9XdgZJrH4y8Qujsh-tDBn4IYC6hASKydz6IA3DaAPrrd98nvNQRqM5sSMPIFs7Sl_88hleuz9evLJauExLQiCFDdUYz-4fYP_r8C9Z3YpsRENCgTMUUGyhUKfVB3yNZpXJcc8zOCDDJAB-mnX5NAQC0Cr7OlqpM_mBvO9i-Uddc4LwAywjJYRjRRgaRIPaD7dmr4WFQ8XbCc1jTh84Vy5--rTcpTwMELNaUXJDnZVeQClDmX4lGSv4ym1X1DZkuVPWUSJ4BdcthylRxEbz7JTTJivqFQXzwr7Su318zf0wKmUNi0GTbVu0MUKB0autEwiD_OSX7bC_XX1U2WW2Y9QBsiETCAe6wBn9EBjCbEHkaiSRC3FjrRNDy_S2IRMbzN0QJnS_dZMM7NEtuypw5-zM30W4sDF5wSnxyJiB12KyPwtRHgpf3I_plbVnoqI0DXfSrsQVIVLB_oFQtZT9ZiCrINwSonqPLw6rNtfCwMCOMraDX6N2XQlcSvvhG5XkBZB1WswOrX2Ckqa-m2OkEUWVWknxAFlhHkrIRBSP2Rrkfk26Vk0gtFUa%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=5694091995880&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: e51ec66132b6fdddc66732cf551f2126732f4712e3a87f69f21cb97d46e1ce12

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2097
Content-Type: text/html; charset=utf-8
Date: Wed, 21 Jun 2023 17:03:44 GMT
Expires: Wed, 21 Jun 2023 18:03:44 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 8F72 43 B
705 B 260ms
210ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=83788000101226904444994012362012&pv=1

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:44 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 8F72 43 B
702 B 113ms
64ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=83788000101226904444994012362012&pv=1

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:44 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2

200

ht.html Show response
www.more-and-more.de/alvine/tools/track/ Frame 5DA1
Redirect Chain

https://www.awin1.com/cshow.php?s=3004312&v=11842&q=424689&r=296283&pref1=53618800118183104444994012362013&pv=1
https://www.more-and-more.de/alvine/tools/track/ht.html?sxx_partner=zanox_de

2 KB
1 KB

78ms
26ms

Document
text/html

194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.more-and-more.de/alvine/tools/track/ht.html?sxx_partner=zanox_de
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=ee35dceec3&subid=&uid=69c2140d3d6b1e59&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9kjqbS2TZJe9H9zJ7_UPyqKDsAim5b2gab2TnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAs2exV2lU7I-qAMBqgSbAk_Qg-WyXmMaSfRguCzqXLL7udFKGCNkBwzL1jfl7k7NqP43_I6QT45ZSY-RBQKU1xukMkLl74VYN-V0WuLhTzYFd_wJR2UZtsXPsfH5NqeBNyNfMTdrCN99rhXbj2EXqhe-5EgX5LJLP3HICpuCiet0rohX7Aagh0Tgg80-gx9Frr9Kle-LAZcKhr6UqCvV747Sfwmq5LutvaagoBh-gFTtNuO218aQzS2uCwVnY2Qf13dNd7HGQit42J_rBaGv8aL14t0g8Qdt6_oHzmGLGwiMelJBdlVkadLhY4y4bAh0W3QoAbABIa76iXeonGG_N0l0M_78B7Tv4EW7wAmXknxcpCw_z8Gde3UQQf0tZbEPz-3XX_p_hI76i0_ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE%26sig%3DAOD64_0rGe1bPMRkpeoKoVth5Wfbkgy96A%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-BJ5oTs_Nn0DIXDt7g1VA9oaNPKRwHCjGBZNyq7Ddoq-l-gt03vm5l7RAk9EbDBGGzSUuQIOxv2a5eRctz6eU0TCBhzfY1EU9zvswKZypqKHrYrrtjGmcTQSYHsiFAiQ9_iKUp0j2WxW32px-Pk7lAVWw2dS2-vdHRqUXIYpLc8ysvfryk%26cry%3D1%26dbm_d%3DAKAmf-BaJXltT9SJ5wwioxd9fw4Z-tHUsE9B3Oz1E3Y_FWeZzXpxMdOLxiZtm2i-YLpp3Pky0v2scc9aIkt03CQYYCRgMCvGUt4aEe1y8cv3ZPtC1vmJzJW_zpSmfW_Mq-5KZuC78E0Yve0hRuxOl8kBKLLo44TACh4IrVYiN-BZ907rJMgGz77Yb4f20MKL4gDn-jzaW9c-ZzauUdexFXyatkluTp3Sapb74LnEHfhkTgxayDrFv330RtFKt4sJpn3fytcfY6kJPYn4AYoNzYrNok3_-xZxTEDbXivEHAbxxbVFHjfZ4F38MdOIq9Ggxs3dh3VBkqXb6YE99ZrIW1-mmOnclkc34Q38Io5X0Ua1GmIvENdPVJMDXTExIeZWztUcrRPHdqQm23eDaZnKE2xz8znfP3-ofuh887r3zYbImBEMM_Vs2OEZikot1RHjjR6D2NvCHfKgYtIu1-kSI-a51nGbezrOBigNuYpDOuRgGvWOtx_HtwX4LAlggIVj9sSvJ10wBiyn93pk3_TRJ_MMTHE233684JA24Qli25dIBCFM9yHwjQu5uQGZ8bw-YN7e55uq7Pin%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=788158010167&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Coburg, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: 014bdd8933f62e8a78fb2b79c514bf540092e441a6f1c0ab21c29c552a43df22

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: private
content-encoding: gzip
content-length: 993
content-type: text/html
date: Wed, 21 Jun 2023 17:03:44 GMT
last-modified: Thu, 15 Jun 2023 11:22:39 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0
Date: Wed, 21 Jun 2023 17:03:44 GMT
Location: https://www.more-and-more.de/alvine/tools/track/ht.html?sxx_partner=zanox_de
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Strict-Transport-Security: max-age=86400

GET
H/1.1 200
OK request_content.php Show response
hal900013.redintelligence.net/ Frame 39BB 7 KB
2 KB 37ms
14ms Document
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/request_content.php?s=53618800118183104444994012362013&a=73b206d3
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=ee35dceec3&subid=&uid=69c2140d3d6b1e59&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9kjqbS2TZJe9H9zJ7_UPyqKDsAim5b2gab2TnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAs2exV2lU7I-qAMBqgSbAk_Qg-WyXmMaSfRguCzqXLL7udFKGCNkBwzL1jfl7k7NqP43_I6QT45ZSY-RBQKU1xukMkLl74VYN-V0WuLhTzYFd_wJR2UZtsXPsfH5NqeBNyNfMTdrCN99rhXbj2EXqhe-5EgX5LJLP3HICpuCiet0rohX7Aagh0Tgg80-gx9Frr9Kle-LAZcKhr6UqCvV747Sfwmq5LutvaagoBh-gFTtNuO218aQzS2uCwVnY2Qf13dNd7HGQit42J_rBaGv8aL14t0g8Qdt6_oHzmGLGwiMelJBdlVkadLhY4y4bAh0W3QoAbABIa76iXeonGG_N0l0M_78B7Tv4EW7wAmXknxcpCw_z8Gde3UQQf0tZbEPz-3XX_p_hI76i0_ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE%26sig%3DAOD64_0rGe1bPMRkpeoKoVth5Wfbkgy96A%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-BJ5oTs_Nn0DIXDt7g1VA9oaNPKRwHCjGBZNyq7Ddoq-l-gt03vm5l7RAk9EbDBGGzSUuQIOxv2a5eRctz6eU0TCBhzfY1EU9zvswKZypqKHrYrrtjGmcTQSYHsiFAiQ9_iKUp0j2WxW32px-Pk7lAVWw2dS2-vdHRqUXIYpLc8ysvfryk%26cry%3D1%26dbm_d%3DAKAmf-BaJXltT9SJ5wwioxd9fw4Z-tHUsE9B3Oz1E3Y_FWeZzXpxMdOLxiZtm2i-YLpp3Pky0v2scc9aIkt03CQYYCRgMCvGUt4aEe1y8cv3ZPtC1vmJzJW_zpSmfW_Mq-5KZuC78E0Yve0hRuxOl8kBKLLo44TACh4IrVYiN-BZ907rJMgGz77Yb4f20MKL4gDn-jzaW9c-ZzauUdexFXyatkluTp3Sapb74LnEHfhkTgxayDrFv330RtFKt4sJpn3fytcfY6kJPYn4AYoNzYrNok3_-xZxTEDbXivEHAbxxbVFHjfZ4F38MdOIq9Ggxs3dh3VBkqXb6YE99ZrIW1-mmOnclkc34Q38Io5X0Ua1GmIvENdPVJMDXTExIeZWztUcrRPHdqQm23eDaZnKE2xz8znfP3-ofuh887r3zYbImBEMM_Vs2OEZikot1RHjjR6D2NvCHfKgYtIu1-kSI-a51nGbezrOBigNuYpDOuRgGvWOtx_HtwX4LAlggIVj9sSvJ10wBiyn93pk3_TRJ_MMTHE233684JA24Qli25dIBCFM9yHwjQu5uQGZ8bw-YN7e55uq7Pin%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=788158010167&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 6367e199afd61398c215442211ae2b2f73f26c27c72af45695a7202bc06e179e

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2088
Content-Type: text/html; charset=utf-8
Date: Wed, 21 Jun 2023 17:03:44 GMT
Expires: Wed, 21 Jun 2023 18:03:44 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 5AEE 43 B
705 B 160ms
74ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=53618800118183104444994012362013&pv=1

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:44 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 5AEE 43 B
702 B 178ms
71ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=53618800118183104444994012362013&pv=1

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:44 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET google
fksnk.com/cs/ Frame 99C3 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 99C3
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEH6DJYED9B5d3kM4IryLjOc&google_cver=1&google_push=ATf1kGNOzdfslZ228jwsGhIAygNABPT-ijXv6I5lSq79tsjSczz89uCxcmy1nJijOloCMdtfFAYpDUnFCRUaIQ9G...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=21KZk-CXQs6GxOMF9_oKHg2&google_push=ATf1kGNOzdfslZ228jwsGhIAygNABPT-ijXv6I5lSq79tsjSczz89uCxcmy1nJijOloCMdtfFAYpDUnFCRUaIQ9GLdFJ5liffFTt

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=21KZk-CXQs6GxOMF9_oKHg2&google_push=ATf1kGNOzdfslZ228jwsGhIAygNABPT-ijXv6I5lSq79tsjSczz89uCxcmy1nJijOloCMdtfFAYpDUnFCRUaIQ9GLdFJ5liffFTt

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 21 Jun 2023 17:03:44 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=21KZk-CXQs6GxOMF9_oKHg2&google_push=ATf1kGNOzdfslZ228jwsGhIAygNABPT-ijXv6I5lSq79tsjSczz89uCxcmy1nJijOloCMdtfFAYpDUnFCRUaIQ9GLdFJ5liffFTt
x-host: tde-deliveryengine-production-6885dfccb4-958jn
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 99C3
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESEHekmP274nZhZSwWtKH1n9Q&google_cver=1&google_push=ATf1kGN90NhVVUuv43jMzE1kS-91nkQ3YGSuaynmhvlZU4BRHd8B1MpFEMg2jaIWbodY8_F-UBrn1zBGtii15AuUwYFZ_FrhEmGD
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MUQtekpmTzBCamV5M2RqM2NTMlRaQQ%3D%3D&google_push=ATf1kGN90NhVVUuv43jMzE1kS-91nkQ3YGSuaynmhvlZU4BRHd8B1MpFEMg2jaIWbodY8_F-UBrn1zBGtii15...

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MUQtekpmTzBCamV5M2RqM2NTMlRaQQ%3D%3D&google_push=ATf1kGN90NhVVUuv43jMzE1kS-91nkQ3YGSuaynmhvlZU4BRHd8B1MpFEMg2jaIWbodY8_F-UBrn1zBGtii15AuUwYFZ_FrhEmGD

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 21 Jun 2023 17:03:45 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MUQtekpmTzBCamV5M2RqM2NTMlRaQQ%3D%3D&google_push=ATf1kGN90NhVVUuv43jMzE1kS-91nkQ3YGSuaynmhvlZU4BRHd8B1MpFEMg2jaIWbodY8_F-UBrn1zBGtii15AuUwYFZ_FrhEmGD
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 243

GET
H2 200 adx
pr-bh.ybp.yahoo.com/sync/ Frame 99C3 0
530 B 38ms
34ms Image
text/plain 2a05:d018:d29:3605:6ce8:f044:1eeb:8f7f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENtjo3f_p9XsSqAtg2NpVBk&google_cver=1&google_push=ATf1kGPQXNH4XWkTi5SAr3S3IQIuX6TLPZXRhQaFopY2MKa4_xP0FuJgTb4qvMB2m0QreNnbdeHHTOTlJJkwMyCgw2ulIMiT-OuJ

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:6ce8:f044:1eeb:8f7f Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-length: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 99C3 0
498 B 410ms
102ms Image
text/plain 69.166.1.12
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DATf1kGNyYLTpAYfXWtIMSgmj111HvWnYDsEl4r_D-GG6h_g8NtRbfGexNx2QrRdgJlUVOuUDuog-ZhFsonf8_WtSkyqCfWdsd8M%26google_hm%3D%5BUID%5D&google_gid=CAESEOOvXDibeQQEzjm4o_d4Yl8&google_cver=1

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:44 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-67
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200

0.gif
id5-sync.com/i/495/ Frame 99C3
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESELe2LRHkkXunNwRyCUGBvYU&google_cver=1&google_push=ATf1kGPySnCiRgA_yy6rps9U1hoRdIyO0w2H_elSm9U3WRW4WZ9109C8oahKsUG_Qrem0pHc8MYqZ1y7N0oZ1gMpRag5ZzyDGqfj
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGPySnCiRgA_yy6rps9U1hoRdIyO0w2H_elSm9U3WRW4...

43 B
1 KB

94ms
18ms

Image
image/gif

141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGPySnCiRgA_yy6rps9U1hoRdIyO0w2H_elSm9U3WRW4WZ9109C8oahKsUG_Qrem0pHc8MYqZ1y7N0oZ1gMpRag5ZzyDGqfj

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Wed, 21 Jun 2023 17:03:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

date: Wed, 21 Jun 2023 17:03:44 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGPySnCiRgA_yy6rps9U1hoRdIyO0w2H_elSm9U3WRW4WZ9109C8oahKsUG_Qrem0pHc8MYqZ1y7N0oZ1gMpRag5ZzyDGqfj
x-download-options: noopen
vary: Accept
content-length: 271
x-xss-protection: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 99C3
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPlMEPAVebI4qulMK2jJbOU&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGPSA2Pz-TVOIKskacdAtk2vfPqgqyQA7ZKLb8g6Sjj26gpu_usjzH5iIqY0w1ouvLttyXVOZmehfCYUXDsdgDCTDOwCuwgiZA
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

36ms
36ms

Image
image/gif

104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Wed, 21 Jun 2023 17:03:44 GMT
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 99C3 0
12 B 17ms
15ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I3qP1_rSEF5daQU6ZFodIg4Vz1q43Y46mXJNh6l3j5mC1RrxZ3i2GWQzqFK-uwPwvnFaQLlnU

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

ht.html Show response
www.more-and-more.de/alvine/tools/track/ Frame 3BEA
Redirect Chain

https://www.awin1.com/cshow.php?s=3004312&v=11842&q=424689&r=296283&pref1=36092100092016204444994012362003&pv=1
https://www.more-and-more.de/alvine/tools/track/ht.html?sxx_partner=zanox_de

2 KB
1 KB

26ms
26ms

Document
text/html

194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.more-and-more.de/alvine/tools/track/ht.html?sxx_partner=zanox_de
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=5103db1922&subid=&uid=9f5e1d029d3ec3e3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_wY0bS2TZJW9H9zJ7_UPyqKDsAim5b2gab2TnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAs2exV2lU7I-qAMBqgSbAk_QzG2bVJfT8_fLKNFIWWz7McQKH-xhYDNrV5Z6yxjP65UFiBGYYaaXgCmNG91_ZEsg48YBx6MepEaVPjgvPOc_173_ydQicuguDRGSlxwLIh2r-w0_xkwRXPhV-kWtVPfvkl4BMWt7xFDfQhIPgTNNL-MSuVn1XdHgOb_qctjJzPclvkKSoPrVxKw473Wk7A8f6hBbwZRKV7rDfMi7uODQfhYPSYzQ-H1KLhIAS3wxJzap_nnHUHsUcI7DWaCnN8WEgNF8KBlMti_KUvn6dE-ifL95CNgmBZ1NDOLdGRR8SMaX4412-RAFJm-eBvVC8i5tD4csUDQo5RSVIMNnBGTH3eQjn_Er2QjTm0ajNwhQ5KhiAKTGykgUfTPABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE%26sig%3DAOD64_1NLGiTc6Pj9hv-upLqet1bVd5srA%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-BZMvKOeaaP2wCJvcB9ZadZLKUVvbsNA_rTwZdfMrJoI7qQ-Pgdy48gi7uVIae47ySsSusldujGlmFjsOQNPByKUPjma7oPMW0p9TL45SBxjFfDhiOyYtjFP8FyiLu53qrepeamP-kv3mvJan5NM6Xw1-o5jSm0XLmpO2LputSklfQZaIU%26cry%3D1%26dbm_d%3DAKAmf-BNOSIm8HA07v0QxtSYOAsIkyMoQQBYXWCCYPDH9yPnvlXN2nJQHpLeig3rBO57dwpHqFXq5lH6kvOgXlNnprRDg_Cd4m8oVG0gK4FuoKAU3-K-7smSoILJZx_bptXgvgN4YCJBb_7bCXWKioZpOfoaeEE7YznQ1aKg4SbNPDeCItyNvctlatasEIzeWk8pPLRfbmVSPiEE41oi0owrKG7ZkH9iaoyBcf6ZXhnTjBAxAos1OMy0AY81k7T_gocICBYx-FMzwxqx76CLlgO6ZBJT9HssfM5DlKXVDTT4GsH9DnDzidpX3WXZACe7v27lQH2MYk-e_tz2CdKUIS7NgoxHXPY-vbh2fqEMAK6gbKyjxL7-sdQyshAgIfDqFHbMZkJBFRldiNOlPdK7mgqZO3Rfl5dJp1lsFYWklezIHKPVxNSyxdKY34zXnOuIYKDgX3PDYgosKSWjbUQnrQor5Xk4aBq29JthWjk4_wL4cLO9KvxomPhSMDDPRsdKvGTpTnd3RoUfdtB0LZtzZUOCl22SDKFb0olLMzQsMt8Oy8IOD8kkFV1qcxc8Pl1EsVY6CbUwGUHe%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=1206522911147&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Coburg, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: 014bdd8933f62e8a78fb2b79c514bf540092e441a6f1c0ab21c29c552a43df22

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: private
content-encoding: gzip
content-length: 993
content-type: text/html
date: Wed, 21 Jun 2023 17:03:44 GMT
last-modified: Thu, 15 Jun 2023 11:22:39 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0
Date: Wed, 21 Jun 2023 17:03:44 GMT
Location: https://www.more-and-more.de/alvine/tools/track/ht.html?sxx_partner=zanox_de
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Strict-Transport-Security: max-age=86400

GET
H/1.1 200
OK request_content.php Show response
hal90003.redintelligence.net/ Frame 5760 7 KB
2 KB 37ms
12ms Document
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/request_content.php?s=36092100092016204444994012362003&a=b2329615
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=5103db1922&subid=&uid=9f5e1d029d3ec3e3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC_wY0bS2TZJW9H9zJ7_UPyqKDsAim5b2gab2TnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAs2exV2lU7I-qAMBqgSbAk_QzG2bVJfT8_fLKNFIWWz7McQKH-xhYDNrV5Z6yxjP65UFiBGYYaaXgCmNG91_ZEsg48YBx6MepEaVPjgvPOc_173_ydQicuguDRGSlxwLIh2r-w0_xkwRXPhV-kWtVPfvkl4BMWt7xFDfQhIPgTNNL-MSuVn1XdHgOb_qctjJzPclvkKSoPrVxKw473Wk7A8f6hBbwZRKV7rDfMi7uODQfhYPSYzQ-H1KLhIAS3wxJzap_nnHUHsUcI7DWaCnN8WEgNF8KBlMti_KUvn6dE-ifL95CNgmBZ1NDOLdGRR8SMaX4412-RAFJm-eBvVC8i5tD4csUDQo5RSVIMNnBGTH3eQjn_Er2QjTm0ajNwhQ5KhiAKTGykgUfTPABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE%26sig%3DAOD64_1NLGiTc6Pj9hv-upLqet1bVd5srA%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-BZMvKOeaaP2wCJvcB9ZadZLKUVvbsNA_rTwZdfMrJoI7qQ-Pgdy48gi7uVIae47ySsSusldujGlmFjsOQNPByKUPjma7oPMW0p9TL45SBxjFfDhiOyYtjFP8FyiLu53qrepeamP-kv3mvJan5NM6Xw1-o5jSm0XLmpO2LputSklfQZaIU%26cry%3D1%26dbm_d%3DAKAmf-BNOSIm8HA07v0QxtSYOAsIkyMoQQBYXWCCYPDH9yPnvlXN2nJQHpLeig3rBO57dwpHqFXq5lH6kvOgXlNnprRDg_Cd4m8oVG0gK4FuoKAU3-K-7smSoILJZx_bptXgvgN4YCJBb_7bCXWKioZpOfoaeEE7YznQ1aKg4SbNPDeCItyNvctlatasEIzeWk8pPLRfbmVSPiEE41oi0owrKG7ZkH9iaoyBcf6ZXhnTjBAxAos1OMy0AY81k7T_gocICBYx-FMzwxqx76CLlgO6ZBJT9HssfM5DlKXVDTT4GsH9DnDzidpX3WXZACe7v27lQH2MYk-e_tz2CdKUIS7NgoxHXPY-vbh2fqEMAK6gbKyjxL7-sdQyshAgIfDqFHbMZkJBFRldiNOlPdK7mgqZO3Rfl5dJp1lsFYWklezIHKPVxNSyxdKY34zXnOuIYKDgX3PDYgosKSWjbUQnrQor5Xk4aBq29JthWjk4_wL4cLO9KvxomPhSMDDPRsdKvGTpTnd3RoUfdtB0LZtzZUOCl22SDKFb0olLMzQsMt8Oy8IOD8kkFV1qcxc8Pl1EsVY6CbUwGUHe%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=1206522911147&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 683d6a9f4a61f98899a2f3dd94da480475a5804148cf4b18ed3a8836736d61e3

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2085
Content-Type: text/html; charset=utf-8
Date: Wed, 21 Jun 2023 17:03:44 GMT
Expires: Wed, 21 Jun 2023 18:03:44 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 1ABD 43 B
705 B 199ms
101ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=36092100092016204444994012362003&pv=1

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:44 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 1ABD 43 B
702 B 212ms
65ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=36092100092016204444994012362003&pv=1

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:44 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2

200

ht.html Show response
www.more-and-more.de/alvine/tools/track/ Frame 88E4
Redirect Chain

https://www.awin1.com/cshow.php?s=3004312&v=11842&q=424689&r=296283&pref1=12995600088354504444994012362006&pv=1
https://www.more-and-more.de/alvine/tools/track/ht.html?sxx_partner=zanox_de

2 KB
1 KB

57ms
27ms

Document
text/html

194.97.158.1
SPACENET SpaceNET AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.more-and-more.de/alvine/tools/track/ht.html?sxx_partner=zanox_de
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=06357347ec&subid=&uid=eb3cf338b9c0a825&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsAeFbS2TZJa9H9zJ7_UPyqKDsAim5b2gab2TnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAs2exV2lU7I-qAMBqgSbAk_Qgd_tEGKFlctgRsfqNLXaTUl_vj2z6zNYR8Zkkaj1GxBQ072qf64yOkWFZQ243VmzzRiarACnr7AuyMdfEQ4-IgLOmSwSBtpp43WiVu-y6Hj8cWWyZjkL8m2UNmqaBGj-pds1W42wKcn-KqR-pRwS5KR80Xhdk1GEGqr4x_17HoyIMxKM2ROMZefXhKq6q0s3mpmtGj0-ykd01Md_ZGeZ6blxdcEquPeXjrXju-YQu-ZCoXz6pr1PXhcQGRSkrY7AK65izpPorVGGaCS3B20QDpcpuVQ7gOoDkNxl93T8ZOn1WwUSySUIQuutqYv0e_d8YnP_9NVhQlQdfADiVorWQavkFZZLcnW-iW84vtINc57H_OxGsWcbKYzABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE%26sig%3DAOD64_1aclOOU8yXsXGRpaec5BnRfFapBA%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-BGJa8VXM_HhIjbAfJp_-UIGMdw9dfYCFTDlhVM2sSO0M5jVMqTb-aBQiQ5OjEW75G7GsvJosv9RgmLxMgv4hp12SOxpH70gBiYsEKwYufmTESC3YDMDZHgegc9LmHJFocdNMu-sDrozaBLBHwJdmjVKAVozhb_5TuX1esfStoq8Iho-x0%26cry%3D1%26dbm_d%3DAKAmf-BIgVhcRWQeEYgDPXPrHtx5M0dESQK8OxXAYnIeDJdGJ7CyruzajZOITfutAQSWBiuOuTGRk4WnbB3o2ta89b19frgkU34T08vzROejSeDbeS0PPG8AHfIOVKK7HAzcmv7ICXG0RwzaPKyXlSsbuK-5MkewPSI2SbepKeKEI0ZuOBSJxSorxVsEZ6Wq8tiapbbMFiObBleFPMbfRdMC2Cy-oMkz5NiSQN2pN0XBlHCb0buR5QrxcxCInUEka3iJxR54HdSHVdQ8SNxjaBnlOKv8MuYFjj2e1vqbKToxAeaVaawWAbHuWlejwRtqxSx882YQxuWaOXCwIoenhb_sxFNL2l5_ZSHsVIoVH125ChtyyibuFNvs5YlbvZRGAX49fnr5byMLmuo3QJPkQ9kcOd2TzSXfxCh4pLhEEuBuGNjsdj2XyAOHpZ3bVrpO5IagtyJaPN9NA12r3BzlTiYoBx7ZnkQTFoFOgp8HW63Qxy8nwkYS9LOq_U1GRCkk4ezlZ9WLtNqHEoN_GawQ-dAGXTIGofZSpSRkMamQXL0y089QwYdjyyOTTdWEJbYN569gwRCBYhlG%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=6779669363022&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.97.158.1 Coburg, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS: sammelfrontend.pl2.spacenet.de
Software: Apache /
Resource Hash: 014bdd8933f62e8a78fb2b79c514bf540092e441a6f1c0ab21c29c552a43df22

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: private
content-encoding: gzip
content-length: 993
content-type: text/html
date: Wed, 21 Jun 2023 17:03:44 GMT
last-modified: Thu, 15 Jun 2023 11:22:39 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0
Date: Wed, 21 Jun 2023 17:03:44 GMT
Location: https://www.more-and-more.de/alvine/tools/track/ht.html?sxx_partner=zanox_de
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Strict-Transport-Security: max-age=86400

GET
H/1.1 200
OK request_content.php Show response
hal90006.redintelligence.net/ Frame 16CD 7 KB
2 KB 37ms
12ms Document
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/request_content.php?s=12995600088354504444994012362006&a=e4ab59f1
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=06357347ec&subid=&uid=eb3cf338b9c0a825&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsAeFbS2TZJa9H9zJ7_UPyqKDsAim5b2gab2TnKfJD_AuEAEgk9PEMmCVgoCAmAfIAQmpAs2exV2lU7I-qAMBqgSbAk_Qgd_tEGKFlctgRsfqNLXaTUl_vj2z6zNYR8Zkkaj1GxBQ072qf64yOkWFZQ243VmzzRiarACnr7AuyMdfEQ4-IgLOmSwSBtpp43WiVu-y6Hj8cWWyZjkL8m2UNmqaBGj-pds1W42wKcn-KqR-pRwS5KR80Xhdk1GEGqr4x_17HoyIMxKM2ROMZefXhKq6q0s3mpmtGj0-ykd01Md_ZGeZ6blxdcEquPeXjrXju-YQu-ZCoXz6pr1PXhcQGRSkrY7AK65izpPorVGGaCS3B20QDpcpuVQ7gOoDkNxl93T8ZOn1WwUSySUIQuutqYv0e_d8YnP_9NVhQlQdfADiVorWQavkFZZLcnW-iW84vtINc57H_OxGsWcbKYzABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwBygQiDkud3LVP4WdxaWTNcHwOHOTfF7hGzXv3iuD068dmj5-o81r8LcGrEJ13_-25LYx6AUbRrPsGNGAE%26sig%3DAOD64_1aclOOU8yXsXGRpaec5BnRfFapBA%26client%3Dca-pub-6379854420851476%26dbm_c%3DAKAmf-BGJa8VXM_HhIjbAfJp_-UIGMdw9dfYCFTDlhVM2sSO0M5jVMqTb-aBQiQ5OjEW75G7GsvJosv9RgmLxMgv4hp12SOxpH70gBiYsEKwYufmTESC3YDMDZHgegc9LmHJFocdNMu-sDrozaBLBHwJdmjVKAVozhb_5TuX1esfStoq8Iho-x0%26cry%3D1%26dbm_d%3DAKAmf-BIgVhcRWQeEYgDPXPrHtx5M0dESQK8OxXAYnIeDJdGJ7CyruzajZOITfutAQSWBiuOuTGRk4WnbB3o2ta89b19frgkU34T08vzROejSeDbeS0PPG8AHfIOVKK7HAzcmv7ICXG0RwzaPKyXlSsbuK-5MkewPSI2SbepKeKEI0ZuOBSJxSorxVsEZ6Wq8tiapbbMFiObBleFPMbfRdMC2Cy-oMkz5NiSQN2pN0XBlHCb0buR5QrxcxCInUEka3iJxR54HdSHVdQ8SNxjaBnlOKv8MuYFjj2e1vqbKToxAeaVaawWAbHuWlejwRtqxSx882YQxuWaOXCwIoenhb_sxFNL2l5_ZSHsVIoVH125ChtyyibuFNvs5YlbvZRGAX49fnr5byMLmuo3QJPkQ9kcOd2TzSXfxCh4pLhEEuBuGNjsdj2XyAOHpZ3bVrpO5IagtyJaPN9NA12r3BzlTiYoBx7ZnkQTFoFOgp8HW63Qxy8nwkYS9LOq_U1GRCkk4ezlZ9WLtNqHEoN_GawQ-dAGXTIGofZSpSRkMamQXL0y089QwYdjyyOTTdWEJbYN569gwRCBYhlG%26adurl%3D&documentReferer=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.correiodopovo.com.br&random=6779669363022&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: acad24eec8f13d878f8bd904a7aeb7b561c18824125f88b3bfe894e1e84afd31

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2086
Content-Type: text/html; charset=utf-8
Date: Wed, 21 Jun 2023 17:03:44 GMT
Expires: Wed, 21 Jun 2023 18:03:44 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame C65C 43 B
705 B 376ms
221ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=12995600088354504444994012362006&pv=1

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:44 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame C65C 43 B
702 B 260ms
96ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=12995600088354504444994012362006&pv=1

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:44 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 ibm_plex_sans_500_normal.ttf
s0.2mdn.net/sadbundle/7574746098446268149/fonts/ Frame 7D5D 173 KB
80 KB 8ms
8ms Font
font/ttf 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7574746098446268149/fonts/ibm_plex_sans_500_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7574746098446268149/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7574746098446268149/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 09:37:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26785
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81411
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 15:49:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jun 2024 09:37:19 GMT

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame CE51 159 KB
38 KB 10ms
10ms Script
application/javascript 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367022781,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
content-encoding: gzip
last-modified: Tue, 21 Mar 2023 05:15:25 GMT
server: Apache
etag: "27bcd-5f762218e8e3a-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 38303

GET
H3 200 ca Show response
tt-9964-3.seg.t.tailtarget.com/ 83 B
118 B 114ms
114ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-9964-3.seg.t.tailtarget.com/ca?tZ=957965202
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 3eafc97a15eed2cf2d735bcc80d4e4ece7aad832779dcfab557a807d4a81e894

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 1676550659977.css
s0.2mdn.net/sadbundle/5358810056708269933/ Frame 58A2 8 KB
2 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=y1rcCyjlwO&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c29d3cfbb333f3612e8d9c53c25176c80cda8c3e3a1767c5e3d2875395fe749c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=y1rcCyjlwO&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343451
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2325
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:32:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 16 Jun 2024 17:39:33 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 58A2 118 KB
40 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=y1rcCyjlwO&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=y1rcCyjlwO&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23243
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 10:36:21 GMT

GET
H3 200 1676550659977.js Show response
s0.2mdn.net/sadbundle/5358810056708269933/ Frame 58A2 20 KB
5 KB 11ms
10ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=y1rcCyjlwO&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=y1rcCyjlwO&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 11:56:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18422
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5491
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:32:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jun 2024 11:56:42 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/5358810056708269933/ Frame 6003 3 KB
1 KB 9ms
9ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5358810056708269933/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f88ad1b185e443ce4a39c76c65fa4b6f199c1521398535cc5452b19304d5f17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 17:20:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85391
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1359
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:32:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Jun 2024 17:20:33 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1703
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBqpr6qa9dHC7gml1TENCWw&google_cver=1&google_push=ATf1kGPFpTJVOuD3PeX7C7D1L7IaZ2brDwIZF9kNeFnJRvKIwwUVmDEMVNwj-rHjtpAjGab6TGb6i2gsSjX...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPFpTJVOuD3PeX7C7D1L7IaZ2brDwIZF9kNeFnJRvKIwwUVmDEMVNwj-rHjtpAjGab6TGb6i2gsSjX641thANy0ZptTbUfB4g&google_hm=MTG0MCRyTKGtqXDWSk...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPFpTJVOuD3PeX7C7D1L7IaZ2brDwIZF9kNeFnJRvKIwwUVmDEMVNwj-rHjtpAjGab6TGb6i2gsSjX641thANy0ZptTbUfB4g&google_hm=MTG0MCRyTKGtqXDWSkMhnPg

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPFpTJVOuD3PeX7C7D1L7IaZ2brDwIZF9kNeFnJRvKIwwUVmDEMVNwj-rHjtpAjGab6TGb6i2gsSjX641thANy0ZptTbUfB4g&google_hm=MTG0MCRyTKGtqXDWSkMhnPg
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1703
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBqpnT9kdfGp_VghZQkqYF8&google_cver=1&google_push=ATf1kGO21vBszDMiGC_mE0fdH2I0py9pu_xiVrLlnVmg7D0vjscuIOFmNOL7CHhsB10r9znwvNBUpc950X0-85...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NzE4NjE4NDQzOTc4OTcxNA%3D%3D&google_push=ATf1kGO21vBszDMiGC_mE0fdH2I0py9pu_xiVrLlnVmg7D0vjscuIOFmNOL7CHhsB10r9znwvNBUpc950X0-85POj9...

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NzE4NjE4NDQzOTc4OTcxNA%3D%3D&google_push=ATf1kGO21vBszDMiGC_mE0fdH2I0py9pu_xiVrLlnVmg7D0vjscuIOFmNOL7CHhsB10r9znwvNBUpc950X0-85POj9cEXgUl1JPjSw

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NzE4NjE4NDQzOTc4OTcxNA%3D%3D&google_push=ATf1kGO21vBszDMiGC_mE0fdH2I0py9pu_xiVrLlnVmg7D0vjscuIOFmNOL7CHhsB10r9znwvNBUpc950X0-85POj9cEXgUl1JPjSw
Date: Wed, 21 Jun 2023 17:03:44 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1703
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEIC4Pr1cAN3qxjTRj8WGP1k&google_cver=1&google_push=ATf1kGNx-di5G1z6RfXqoaX4rUn57UZArrzgoVYFBcjKnP0Rkl0qJFfsm_o8C-9aZ0nKZWhHCnsIIRQdYK61lA65j4yQ1oj...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEIC4Pr1cAN3qxjTRj8WGP1k&google_cver=1&google_push=ATf1kGNx-di5G1z6RfXqoaX4rUn57UZArrzgoVYFBcjKnP0Rkl0qJFfsm_o8C-9aZ0nKZWhHCnsIIRQdYK61lA65j4yQ1...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNx-di5G1z6RfXqoaX4rUn57UZArrzgoVYFBcjKnP0Rkl0qJFfsm_o8C-9aZ0nKZWhHCnsIIRQdYK61lA65j4yQ1ojsnsAcmg

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNx-di5G1z6RfXqoaX4rUn57UZArrzgoVYFBcjKnP0Rkl0qJFfsm_o8C-9aZ0nKZWhHCnsIIRQdYK61lA65j4yQ1ojsnsAcmg

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNx-di5G1z6RfXqoaX4rUn57UZArrzgoVYFBcjKnP0Rkl0qJFfsm_o8C-9aZ0nKZWhHCnsIIRQdYK61lA65j4yQ1ojsnsAcmg
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1703
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESELALkko0qeuSsQhInhBrQe4&google_cver=1&google_push=ATf1kGOqfXFdlPdCRuA_pdBsZ4SI3Bun-EIGyq_E6X3szLKOw7TB1mnl90siIbh8XOdo3EkVlCOJWYlPe0przkz_ogsLaO...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESELALkko0qeuSsQhInhBrQe4&google_cver=1&google_push=ATf1kGOqfXFdlPdCRuA_pdBsZ4SI3Bun-EIGyq_E6X3szLKOw7TB1mnl90siIbh8XOdo3EkVlCOJWYlPe0przkz_...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ZFemrocFR7m3qJt_joICTA&google_push=ATf1kGOqfXFdlPdCRuA_pdBsZ4SI3Bun-EIGyq_E6X3szLKOw7TB1mnl90siIbh8XOdo3EkVlCOJWYlPe0przkz...

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ZFemrocFR7m3qJt_joICTA&google_push=ATf1kGOqfXFdlPdCRuA_pdBsZ4SI3Bun-EIGyq_E6X3szLKOw7TB1mnl90siIbh8XOdo3EkVlCOJWYlPe0przkz_ogsLaOVwzppn

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ZFemrocFR7m3qJt_joICTA&google_push=ATf1kGOqfXFdlPdCRuA_pdBsZ4SI3Bun-EIGyq_E6X3szLKOw7TB1mnl90siIbh8XOdo3EkVlCOJWYlPe0przkz_ogsLaOVwzppn
access-control-allow-origin: *
date: Wed, 21 Jun 2023 17:03:44 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1703
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEKnK0jGKq0mh0_-CdGVFYSg&google_cver=1&google_push=ATf1kGOOB3QbnDfzDG7DcCuaaus7AN8BUVwr6hr9rznjh0DqYEcRB7_XVtlwoqfOosR7jXGMUme_L...
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGOOB3QbnDfzDG7DcCuaaus7AN8BUVwr6hr9rznjh0DqYEcRB7_XVtlwoqfOosR7jXGMUme_LGtYc2Uc-oVXavatK8usLa40lg&google_hm=WkpNdGNNQ...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGOOB3QbnDfzDG7DcCuaaus7AN8BUVwr6hr9rznjh0DqYEcRB7_XVtlwoqfOosR7jXGMUme_LGtYc2Uc-oVXavatK8usLa40lg&google_hm=WkpNdGNNQ281c3dBQUhlTzlHOEFBQUFB

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Wed, 21 Jun 2023 17:03:44 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEKnK0jGKq0mh0_-CdGVFYSg&google_cver=1&google_push=ATf1kGOOB3QbnDfzDG7DcCuaaus7AN8BUVwr6hr9rznjh0DqYEcRB7_XVtlwoqfOosR7jXGMUme_LGtYc2Uc-oVXavatK8usLa40lg","cluster_id":0,"gdpr":false,"ipv4":"37.58.58.248","key":"ZJMtcMCo5swAAHeO9G8AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad144"}
X-SO-Key: ZJMtcMCo5swAAHeO9G8AAAAA
Server: nginx
X-SO-Upstream-ID: m-ad144
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGOOB3QbnDfzDG7DcCuaaus7AN8BUVwr6hr9rznjh0DqYEcRB7_XVtlwoqfOosR7jXGMUme_LGtYc2Uc-oVXavatK8usLa40lg&google_hm=WkpNdGNNQ281c3dBQUhlTzlHOEFBQUFB
Cache-Control: private
X-SO-HostName: m-ad144.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 2
Content-Length: 0
X-SO-LB-Hostname: a-tgng40008.dc2p.scaleout.jp
X-SO-IP: 37.58.58.248

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 1703 0
44 B 750ms
263ms Image
text/plain 54.238.123.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESECc60t9vVJCR8Xwz8lWbLw8&google_cver=1&google_push=ATf1kGNKNJoPz74T7J-fmmovJRDUPzZAG1k1bRP83-1xkD_XUpFOuY7P4J-iSEMqc4MgPDpQj0oEDOWbhHG5_tCTnd9Z4mQwKGK8aw
Requested by: Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.123.169 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-123-169.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
server: awselb/2.0

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame 1703 0
359 B 68ms
8ms Image
text/plain 35.157.246.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEJf4M70oRBL-qBZUOhrRUzM&google_cver=1&google_push=ATf1kGOwc6TH6yHWu7_io6Q0FhvD17ORLDrhENG7GdyYYK60ZWq0Y9leG1BtZTNLH0EOU9BwMNJbqcm67NAInpnlQqqjh_c4ZSL92g
Requested by: Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.246.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-107.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1703 0
12 B 18ms
17ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KDI7w6QYxh3Jkja9jzgiGE71SAPzvtijWvcjnNq-jHoyAbNdfcLrtGKIm3QP8dscN8MniH9A

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 9429
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESELXZVmsRu4mj52D_ui3BVVc&google_cver=1&google_push=ATf1kGMTYakWO02CFtHHI2wkDj8xo4Y2926fBE2-IIr8C49lIh3iMbDMc3zWUJD2p0X_YcbJSclfd8KA_R-CXILvbe9fjwMrdDI&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELXZVmsRu4mj52D_ui3BVVc&google_cver=1&google_push=ATf1kGMTYakWO02CFtHHI2wkDj8xo4Y2926fBE2-IIr8C49lIh3iMbDMc3zWUJD2p0X_YcbJSclfd8KA_R-CXILvbe9fjwMrdDI...

43 B
437 B

199ms
172ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELXZVmsRu4mj52D_ui3BVVc&google_cver=1&google_push=ATf1kGMTYakWO02CFtHHI2wkDj8xo4Y2926fBE2-IIr8C49lIh3iMbDMc3zWUJD2p0X_YcbJSclfd8KA_R-CXILvbe9fjwMrdDI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMTYakWO02CFtHHI2wkDj8xo4Y2926fBE2-IIr8C49lIh3iMbDMc3zWUJD2p0X_YcbJSclfd8KA_R-CXILvbe9fjwMrdDI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7dadd3a15b529b40-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 85
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELXZVmsRu4mj52D_ui3BVVc&google_cver=1&google_push=ATf1kGMTYakWO02CFtHHI2wkDj8xo4Y2926fBE2-IIr8C49lIh3iMbDMc3zWUJD2p0X_YcbJSclfd8KA_R-CXILvbe9fjwMrdDI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMTYakWO02CFtHHI2wkDj8xo4Y2926fBE2-IIr8C49lIh3iMbDMc3zWUJD2p0X_YcbJSclfd8KA_R-CXILvbe9fjwMrdDI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7dadd39dbf519b40-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9429
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEOPJVZNKUgxY6vwwMQDF9xs&google_cver=1&google_push=ATf1kGMgmI47u72onxAO_w83khW14LMBbI7P2pfyLexGE8gBSbnbOzpmN1xgD-OFdqcry3EzVLt_0wfQtBI...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGMgmI47u72onxAO_w83khW14LMBbI7P2pfyLexGE8gBSbnbOzpmN1xgD-OFdqcry3EzVLt_0wfQtBIJG1Cn_bPN0tbxyQbV

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGMgmI47u72onxAO_w83khW14LMBbI7P2pfyLexGE8gBSbnbOzpmN1xgD-OFdqcry3EzVLt_0wfQtBIJG1Cn_bPN0tbxyQbV

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGMgmI47u72onxAO_w83khW14LMBbI7P2pfyLexGE8gBSbnbOzpmN1xgD-OFdqcry3EzVLt_0wfQtBIJG1Cn_bPN0tbxyQbV
Date: Wed, 21 Jun 2023 17:03:44 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9429
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESEHekmP274nZhZSwWtKH1n9Q&google_cver=1&google_push=ATf1kGMWTqpOVvMlZYdfCYNVWuLIYp4PWrYskmtCqYgV1kf8fhlT4nwcjnAzVMiTJiXDXvOYlKyJ3jxJv2dJVh39NT3XSLgDctsn
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ODBheEZVS2dBM2U0WTVIRWNTMlRaQQ%3D%3D&google_push=ATf1kGMWTqpOVvMlZYdfCYNVWuLIYp4PWrYskmtCqYgV1kf8fhlT4nwcjnAzVMiTJiXDXvOYlKyJ3jxJv2dJV...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ODBheEZVS2dBM2U0WTVIRWNTMlRaQQ%3D%3D&google_push=ATf1kGMWTqpOVvMlZYdfCYNVWuLIYp4PWrYskmtCqYgV1kf8fhlT4nwcjnAzVMiTJiXDXvOYlKyJ3jxJv2dJVh39NT3XSLgDctsn

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 21 Jun 2023 17:03:45 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ODBheEZVS2dBM2U0WTVIRWNTMlRaQQ%3D%3D&google_push=ATf1kGMWTqpOVvMlZYdfCYNVWuLIYp4PWrYskmtCqYgV1kf8fhlT4nwcjnAzVMiTJiXDXvOYlKyJ3jxJv2dJVh39NT3XSLgDctsn
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 243

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 9429 0
500 B 379ms
96ms Image
text/plain 69.166.1.12
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DATf1kGMuo5e5jH4j-zJoyDKhDV6YsuqKlLb3GkpyeFwXfUrtOL_k8dbKSr3NPdfeIgVwRjLbBRh-XGTvkHlXkvjciD9ZpVZMFZyc%26google_hm%3D%5BUID%5D&google_gid=CAESEOOvXDibeQQEzjm4o_d4Yl8&google_cver=1

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:44 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-198
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET pub
cs.chocolateplatform.com/ Frame 9429 0
0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 9429 0
43 B 738ms
263ms Image
text/plain 54.238.123.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESECc60t9vVJCR8Xwz8lWbLw8&google_cver=1&google_push=ATf1kGMjg160YlkVErQGBz3J6gjgfpiCjsEsH6T_h_fSJ9Z13hVkzwEKG87kfN73VYFRnrxiY6WErCU9reJd8WvkeLcsgIF88BIu
Requested by: Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.123.169 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-123-169.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
server: awselb/2.0

GET
H/1.1 200
OK sync
rtb2-useast.e-volution.ai/ Frame 9429 42 B
233 B 288ms
88ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEDyerq0T5xb0tUOjaohz-xw&google_cver=1&google_push=ATf1kGOvD_D00ba73ki8mL26y8a0UMDZmh4r8sOq3FPNKYCf2623OuX0p4qU1uDUruwdAbIaDyLmcjvSgensDQdh9yY2y6PvOfeEhQ
Requested by: Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:44 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9429 0
12 B 16ms
16ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KWCm43v4-xhHxVzJVUAaXmWKRSLXNAMf_EaxhXixOK4dOdRP5wl809a8EDoU7VQOcWRJYGsA

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 1676550659977.css
s0.2mdn.net/sadbundle/5358810056708269933/ Frame A6A2 8 KB
2 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=QO2mJ3msF6&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c29d3cfbb333f3612e8d9c53c25176c80cda8c3e3a1767c5e3d2875395fe749c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=QO2mJ3msF6&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343451
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2325
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:32:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 16 Jun 2024 17:39:33 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame A6A2 118 KB
40 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=QO2mJ3msF6&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=QO2mJ3msF6&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23243
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 10:36:21 GMT

GET
H3 200 1676550659977.js Show response
s0.2mdn.net/sadbundle/5358810056708269933/ Frame A6A2 20 KB
5 KB 15ms
15ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=QO2mJ3msF6&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=QO2mJ3msF6&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 11:56:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18422
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5491
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:32:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jun 2024 11:56:42 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 05B0 28 B
56 B 23ms
23ms XHR
application/json 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
X-Goog-Request-Time: 1687367024244
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/q-mqyVPJxlA?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
X-YouTube-Client-Version: 1.20230613.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtYUWcyaGpBa285OCjs2sykBg%3D%3D
X-YouTube-Ad-Signals: dt=1687367021825&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C640%2C350&vis=1&wgl=true&ca_type=image&bid=ANyPxKq596y2Ch5fJE3KvprALp6V_cob7QmyHD2q_uT3qyr4FQ1LrxOh-JXGFjy5JLVu1Eb3kDgXXAyj0FP0zcjLAtPrP6xktg

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Wed, 21 Jun 2023 17:03:44 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E08E 1 KB
643 B 15ms
7ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13474
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Thu, 22 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8F72 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5421abebf1ea61ab4e1813ff86644f7f737864d06c61049a14c1239fbdb57d7e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E17F 1 KB
643 B 8ms
8ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13474
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Thu, 22 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5AEE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d032e1a4d0eb7fd845634e0e5084138defda69daef9aaba446aba289e14da921

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3543 22 KB
8 KB 9ms
9ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 97837
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 13:53:07 GMT
expires: Wed, 19 Jun 2024 13:53:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1676550659977.css
s0.2mdn.net/sadbundle/5358810056708269933/ Frame 5632 8 KB
2 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=98lqtTCVOC&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c29d3cfbb333f3612e8d9c53c25176c80cda8c3e3a1767c5e3d2875395fe749c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=98lqtTCVOC&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343451
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2325
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:32:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 16 Jun 2024 17:39:33 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 5632 118 KB
40 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=98lqtTCVOC&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=98lqtTCVOC&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23243
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 10:36:21 GMT

GET
H3 200 1676550659977.js Show response
s0.2mdn.net/sadbundle/5358810056708269933/ Frame 5632 20 KB
5 KB 11ms
10ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=98lqtTCVOC&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=98lqtTCVOC&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 11:56:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18422
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5491
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:32:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jun 2024 11:56:42 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4FA4 1 KB
643 B 9ms
7ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13474
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Thu, 22 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1ABD 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f941ad006dd8a430228d6941f5e44c9de2f756d7526350172ed138bdc1290e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B864 1 KB
643 B 8ms
7ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13474
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Thu, 22 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C65C 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb6230434956416a3e8aa6e98dbf5a287e7a221d22ef5c52c8e2bd37f56b1243

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 5097 5 KB
682 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=83788000101226904444994012362012&a=f017dcc3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Jun 2023 17:03:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 15:43:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Jun 2023 17:03:44 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 5097 15 KB
15 KB 142ms
118ms Image
image/png 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/14477/creativesup/1200x627-Couple.jpg
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=83788000101226904444994012362012&a=f017dcc3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 7c957ee188059b207e4061701b709a9891d24321f6ad477b1671b10078cbc869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:44 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 14771
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 5097 17 KB
17 KB 36ms
13ms Image
image/png 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=83788000101226904444994012362012&a=f017dcc3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 4098e37d609132da2c85b7f9e1858c03b1705dfda087a0e81de54ac187b7f7fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:44 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16841
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 5097 17 KB
17 KB 36ms
12ms Image
image/png 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=83788000101226904444994012362012&a=f017dcc3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 8d3214caeed12988dbd8280a99f7e718dd38ac9bc432b0652a92062018231d4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:44 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16798
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 39BB 5 KB
682 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=53618800118183104444994012362013&a=73b206d3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Jun 2023 17:03:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 15:36:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Jun 2023 17:03:44 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 39BB 10 KB
10 KB 138ms
114ms Image
image/png 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/14477/creativesup/1200x627-Single.jpg
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=53618800118183104444994012362013&a=73b206d3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 0e5547d6050a97862284186a7f60dc1be4d24e7b219a63058aee2c0c9af5d296

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:44 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 10094
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 39BB 17 KB
17 KB 36ms
13ms Image
image/png 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=53618800118183104444994012362013&a=73b206d3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 4098e37d609132da2c85b7f9e1858c03b1705dfda087a0e81de54ac187b7f7fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:44 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16841
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 39BB 17 KB
17 KB 43ms
13ms Image
image/png 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=53618800118183104444994012362013&a=73b206d3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 8d3214caeed12988dbd8280a99f7e718dd38ac9bc432b0652a92062018231d4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:44 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16798
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 864C 0
0 46ms
46ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuzWgbVgHtSnn7AzD6P_1udOsFxrC3KfFtPhKhR3Yyeat87J5vKjnPXnTIyOrjwdoBv_b6kZzrZJBWk5bzXqtfaqLxOw34jUw_qH0oQpyzwJ9Lfhegia3A9p_T7ksMeDgWasTN_PIDt-KB-evT_VCK-mRCWbKXhSD01kKATTWhilgxxmioDNW-Lt8T0U7TCHmvvTuQ0eoBFyy-A2y7ovvQYXBumlfmNacdRyEDSbtCAjqshWBBI_wx5MN5mtOrGJ0wKBg9OOxJ5q1a2nyKPWl0ItI_PFhmBpoZWANOAWvIGyv5dXbRDBnY6fItItLKQnTW0pleqNhv5vK6bokWGTNKJlTol6Wtr98N4eMrVQLcAX-AVhucM7f5ACmbuFZBVp99zaXvXZqZpGOHKgUsr1RomWcYv9lab1TWxB02EIa2dLD5m-3vVZJeeTG-j1SN4zwbeRqB7a0yEjT_c7n8Xhh53nESZog96yMAJ6AmhT__7X4lScVYzImCTp-Bs7heHizXd_IJqMrew5R29r7Hz7CyTjCbrLsFpOx6LeSmbhXemXxSyr7CTzwfg8sx-7N556ODC2saxwLYi7M8x8BQDzX-y_Ki5BYYS6S_wK_QWMSwiYLbzfHhOJL4uy-iAa7agilUzmlNNYjS18MNsG71IVL5RTjiIqbpGhMNFb4EylrK-ilbQ3I7mifhpoPowk1bt6Mfr9WmE4uV9ywvulBBONA3HLIaGGwjiCtw57n_-cBw9ACgReBnsZZNwH6gi4ASZXZdWO9P1-6iHGdg_5UlXXa92AsKrI35CjMY3wbPt0CuGsM94GOHqLAD9ok_j53b_7Lq_UPl_tPJS4iLcXyWvD7oihSNlrWuagTuHkM2zh5OJBlgBOIO37JCi233n0oKMZQ_u7iQn-orLTDD2hEVMsBHpQ2169-qS3_5X0q21_dYJdyqANak91rod4P6mt9nZrsKK7IhoBcI8yrxSOGebOduoK_Mjqj4JteWnyWInVtuLUKlo9jgcoKI_WfmdjBOGkfUgBu0RNsK96BF7C4Mo6V0mT2DZ492vR6TRltTzEIsASaxQRvBqZ3AQCnQd5jm9F9traX06JtFJayuAVdAATgW-LqRVDVrAi0xaajzpzbdRT_cVP0YWAU0FQhjlpRWFPAQqDtUQUPEpY7964yFmVO2k_8cepDwvqGJt-iB2qWFuuJbWdg1xKGjyN_eGGnQRn3VbtNRCgdpVPpko7VrgE1As5iQ_B-9nPR1rcoHFuRGdhuO8_k0TzNGIoikf3GKt6Gto7hmeP9mVVFC5c_C9P1rGELUcAe2gXRIXL7e9nE6FlO7raJj3JMQW7UuwsUYNEjOL7I__6En-9EMJNU3-a5OQEVJiOXM1wt6zh0tggg&sai=AMfl-YTOadRpPAZKwRZ6LaOXbjS6OWrHKnJ1nr-f24UEuCrS5forYw-PM4sfzyhayndB179dKvaQLDvKCJgfYosLw7eweKKvqypodeENaCpZoir1jRM7JHWSRfcVgNUO6ahGqS8hySxPlBAJq14bYR1Ua4OTdRce3I8Abgb5bYvEJ2rXvBP2TGmOrKm07HWaSqlqRWqGuqSaYQZ2zcYzJQ2m2MZ7NNqkJJK0XXnLsDUvvtJjwi9dh8N0pxQ5qRaXVT2_sgvEZcmX85HbgRvc663_jSKYO5qrxFGSIKUxlX-h7uMpYLcWjO5aD4I&sig=Cg0ArKJSzKv1Ogpj1dmbEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1721&vt=11&dtpt=1249&dett=3&cstd=469&cisv=r20230615.70629&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Jun 2023 17:03:44 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5760 5 KB
682 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=36092100092016204444994012362003&a=b2329615

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Jun 2023 17:03:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 15:36:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Jun 2023 17:03:44 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 5760 10 KB
10 KB 115ms
92ms Image
image/png 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/14477/creativesup/1200x627-Single.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=36092100092016204444994012362003&a=b2329615
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 0e5547d6050a97862284186a7f60dc1be4d24e7b219a63058aee2c0c9af5d296

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:44 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 10094
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 5760 17 KB
17 KB 45ms
13ms Image
image/png 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=36092100092016204444994012362003&a=b2329615
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 4098e37d609132da2c85b7f9e1858c03b1705dfda087a0e81de54ac187b7f7fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:44 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16841
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 5760 17 KB
17 KB 53ms
13ms Image
image/png 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=36092100092016204444994012362003&a=b2329615
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 8d3214caeed12988dbd8280a99f7e718dd38ac9bc432b0652a92062018231d4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:44 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16798
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 16CD 5 KB
682 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=12995600088354504444994012362006&a=e4ab59f1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90006.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Jun 2023 17:03:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 15:36:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Jun 2023 17:03:44 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 16CD 10 KB
10 KB 138ms
114ms Image
image/png 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/14477/creativesup/1200x627-Single.jpg
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=12995600088354504444994012362006&a=e4ab59f1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 0e5547d6050a97862284186a7f60dc1be4d24e7b219a63058aee2c0c9af5d296

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90006.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:44 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 10094
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 16CD 17 KB
17 KB 90ms
17ms Image
image/png 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=12995600088354504444994012362006&a=e4ab59f1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 4098e37d609132da2c85b7f9e1858c03b1705dfda087a0e81de54ac187b7f7fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90006.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:44 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16841
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 16CD 17 KB
17 KB 91ms
18ms Image
image/png 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=12995600088354504444994012362006&a=e4ab59f1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 8d3214caeed12988dbd8280a99f7e718dd38ac9bc432b0652a92062018231d4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90006.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:44 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16798
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 / Show response
pips.taboola.com/ 4 B
128 B 7ms
7ms XHR
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230087-FRA
date: Wed, 21 Jun 2023 17:03:44 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 1666 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 11:36:49 GMT

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 5886 37 KB
14 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 11:36:49 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5052 22 KB
8 KB 13ms
8ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 97837
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 13:53:07 GMT
expires: Wed, 19 Jun 2024 13:53:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 4DF5 37 KB
14 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 11:36:49 GMT

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame C280 37 KB
14 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 11:36:49 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D449 0
0 46ms
46ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuWXM13kU2WV1Qkybxw4GtyVrDOlJDYuehKalC5EiGbF16zMTVMQj2dz2t-ng48BzFy0q9K8FQlhPyOeX5HGZ7ksduqJip6yYAKgiAD3S-N3EaZjNx5MR-_slSanFpjhjXETBMqpyxF2naLN2AgCZ7SvZbb8GDOng_ZveeXyvDZosaa-nijBylN85mOnxFTOnqeHe9Mu6QKdwaPw_Bl7YVDblmRTOfj7DND3xVnW5DSqE6wr6h5kwZrr8i9aH6gkKY_ZYm--ggGlXslvVGpNwFXNxR9J_OMCvtjYu2caNz6NYwNcMMYC_1iVVBCqgjSHfiwOb1hXtV2DQTL1R0POaTlOcDTxRPivlZiJobn-u8zBymG0nBni8drv9eAczHh4Yqwnjoaios60lXNF2djocsYK9-WvhWw85xooLKGAjWViLguMiH2Dwqw6v7SXYHFhx7dBNVHPoITk9X78iZvlrKo84NEnasqoueuEv_qd5Z-39JKn3Wb9SiW3qUo17gZC3bn9j2qduZ8uZnMFakRmpC3B3yS3QEKFXT0SbZlR84YbBh60cvyiWIyNvmPFpMDbOI7U_GKzeYgYysWdOmtFS48LCAQFkXBLS14xUJD1bfWDWO8KMAbYSJlkyzfKSvjLuYuhKanDR3hGB4Baq4OvRVjXfJowxHHTcw7hApGYZSY9EgWwDrJBFkYQsqkvWILeJnJvc0agT_nG60tCSXZWJUsTt-mo5k-dsQoBGbBBVSjIBgDz75LHGERYwEi4m8wFysgA3j4Hl3ZazPEj6WQrjL84heTfx5zGPp2bEgXL81T2Qg3yad0pcIxLp12DEu8ewJADxRIgdoTqNQX7L7ftDgy1So5rNlUbaOxB5uZByOGcNZ_3Y9CEgsKq-VuwEdA1B-ge9UzxzioJrB3CoHJNWXENNdtAIBGpyxt-kDxZ5wk23vETB2nzSDHNGB-9JFT0UzT-dIYoe1nkiZ0DvcVx1cbve5DyhEOjShEotbj-X_s9RU08c2VEk54kUamVNyEbPZ1YoM0m9ghrUJ3CW1du5icSW1tEj2OI9_RP4qhdk7axtBSdCztbj51vjhLnt8l4IcFpA-m_yA_ULkVcam272FSxbPrrutIdtr7p6XPbiokdeK9pjFBk9L2Gx46baDQJ_-Mcagtq_N2Q2d4_4nC_D0JUmjkLxa8C4nOrcjXIs_PPwy2KYEiLtI7laYJ_loc1s-aalJGClCeEbxCJn8loIzMh-XAPrd_gI9DQi1tz8wt9WKvNs612qPhjTbJNLI16ByVSv65Qr2CKO4hC5V26LoryYz0apR9LGcOfnOAzO-d5nlAk0QHs0pa_Wj6QvmFsZFtIOq8MTw7yPGEeKBOGCSZNKdLofHgTYIf0qz3aoHXQPJqMvFrPpLphg&sai=AMfl-YQoFu9wHjjapwfHwVYZ2Dl4zNdnMDp9_mJYz4pm703a_jBRjZJe9aM7qIlkRDK8G2M4ljQPxFIlWC1vroWeyJtJDFsh7b3_vEOxNnWk0f2doY16iEuzF8O9gEXKYu5FmtNHEzli-UBz6xEc8JsaRmI4-DBNNpdfwViR8tnOkq4yXkoGAtDoGW2CayKz8c-LzXZnczat1pMKNupShnATaSSweTKhB_yBSq9B-L5zmBUiNxy2dsTV2H6rKSaBaNDvHIGcph7abHrlobFyayTl-7uAcc9mSg5S&sig=Cg0ArKJSzH98g-zaMrt2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1475&vt=11&dtpt=1118&dett=3&cstd=348&cisv=r20230615.82797&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Jun 2023 17:03:44 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B646 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 97837
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 13:53:07 GMT
expires: Wed, 19 Jun 2024 13:53:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 api.gif
tags.denakop.com/ 0
208 B 413ms
412ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1687367024473&cb=0.9413370566361101&aa=horizontal

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7dadd39eff5a9128-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 container.html Show response
0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A9D7 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:40 GMT
expires: Thu, 20 Jun 2024 17:03:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 7A8E 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 11:36:49 GMT

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/7574746098446268149/media/ Frame 7D5D 1 KB
642 B 7ms
7ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7574746098446268149/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7574746098446268149/0222c204667789ce9432cf06f1e011de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7574746098446268149/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 01:06:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57449
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 15:49:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jun 2024 01:06:15 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/7574746098446268149/media/ Frame 7D5D 5 KB
3 KB 8ms
8ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7574746098446268149/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7574746098446268149/0222c204667789ce9432cf06f1e011de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7574746098446268149/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 05:42:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40846
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 15:49:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jun 2024 05:42:58 GMT

GET
H3 200 0d5eac5857e5c31690ec313613a50dc9.png
s0.2mdn.net/sadbundle/7574746098446268149/media/ Frame 7D5D 7 KB
7 KB 9ms
9ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7574746098446268149/media/0d5eac5857e5c31690ec313613a50dc9.png

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96e51785834f5f8d7725e321a0b023b9f27e02e5ddc397f94cabfe0ffac4a641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7574746098446268149/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 15:33:21 GMT
x-content-type-options: nosniff
age: 5423
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7374
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 15:49:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jun 2024 15:33:21 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 6003 13 KB
5 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 01:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jun 2024 01:39:52 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6003 7 KB
6 KB 50ms
49ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e285b99cc5eaac789ead9d531f0517c2cc86df8d19767d5c9996e4c69f567590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5617
x-xss-protection: 0

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 390ms
123ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=ea73d8da-8a26-4720-994f-785266cac580-tuctb8cb2ec&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 17:03:44 GMT
cache-control: no-store
server: nginx

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
382 B 17ms
16ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&domain=www.correiodopovo.com.br&cw=1&lsw=1

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 188624
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 44ms
15ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&domain=www.correiodopovo.com.br&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.correiodopovo.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 21 Jun 2023 17:03:44 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 219331
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B420 52 KB
17 KB 47ms
11ms Document
text/html 23.32.184.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-180.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 21 Jun 2023 17:03:44 GMT
ETag: "623de86a-cf34"
Expires: Thu, 22 Jun 2023 17:03:46 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 808B 52 KB
17 KB 46ms
11ms Document
text/html 23.32.184.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-180.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 21 Jun 2023 17:03:44 GMT
ETag: "623de86a-cf34"
Expires: Thu, 22 Jun 2023 17:03:46 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame AFB4 52 KB
17 KB 45ms
10ms Document
text/html 23.32.184.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-180.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 21 Jun 2023 17:03:44 GMT
ETag: "623de86a-cf34"
Expires: Thu, 22 Jun 2023 17:03:46 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 298D 52 KB
17 KB 43ms
9ms Document
text/html 23.32.184.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-180.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 21 Jun 2023 17:03:44 GMT
ETag: "623de86a-cf34"
Expires: Thu, 22 Jun 2023 17:03:46 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 5FAC 281 B
554 B 123ms
73ms Document
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 21 Jun 2023 17:03:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 6349 52 KB
17 KB 42ms
10ms Document
text/html 23.32.184.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-180.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 21 Jun 2023 17:03:44 GMT
ETag: "623de86a-cf34"
Expires: Thu, 22 Jun 2023 17:03:46 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H3 200 api.gif
tags.denakop.com/ 0
208 B 108ms
108ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=v&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1687367024561&cb=0.7732260353263847&aa=scroll

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7dadd39f88529128-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
208 B 129ms
129ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=v2&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1687367024562&cb=0.771462078542692&aa=scroll

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7dadd39f88539128-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
208 B 128ms
128ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=v2&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1687367024563&cb=0.6317081010114614&aa=scroll

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7dadd39f88549128-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 56c18fc0b1b6cdb8b1ba6050c0ff1ddf.png
s0.2mdn.net/sadbundle/7574746098446268149/media/ Frame 7D5D 25 KB
25 KB 8ms
7ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7574746098446268149/media/56c18fc0b1b6cdb8b1ba6050c0ff1ddf.png

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30c63a3eb07f8c29ab598f3d33bc7ba6f9bce3acdb6d7ed5ccba8ad70b23a303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7574746098446268149/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 21:34:40 GMT
x-content-type-options: nosniff
age: 70144
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25635
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 15:49:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Jun 2024 21:34:40 GMT

GET
H3 200 3a0575295b288f57a221726ffa156d57.jpg
s0.2mdn.net/sadbundle/7574746098446268149/media/ Frame 7D5D 9 KB
9 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7574746098446268149/media/3a0575295b288f57a221726ffa156d57.jpg

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6861003bc1657baf57bfb25afe3d7c5199bd5fb9f35db55344008eb4abebb90b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7574746098446268149/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 08:10:32 GMT
x-content-type-options: nosniff
age: 31992
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8839
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 15:49:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jun 2024 08:10:32 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame F91A 39 KB
14 KB 18ms
10ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367022781,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=109382
content-encoding: gzip
content-length: 14445
content-type: text/html
date: Wed, 21 Jun 2023 17:03:44 GMT
expires: Thu, 22 Jun 2023 23:26:46 GMT
last-modified: Tue, 21 Mar 2023 06:09:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame CE51 39 KB
14 KB 16ms
8ms Script
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367022781,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
content-encoding: gzip
last-modified: Tue, 21 Mar 2023 06:09:28 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=109382
accept-ranges: bytes
content-length: 14445
expires: Thu, 22 Jun 2023 23:26:46 GMT

GET
H/1.1 200
OK viewability Show response
hal900012.redintelligence.net/ Frame 5097 0
150 B 40ms
16ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/viewability?s=83788000101226904444994012362012&a=b03bc561&vb=m
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=83788000101226904444994012362012&a=f017dcc3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/request_content.php?s=83788000101226904444994012362012&a=f017dcc3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:44 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
hal900013.redintelligence.net/ Frame 39BB 0
150 B 39ms
12ms Script
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/viewability?s=53618800118183104444994012362013&a=0e8771be&vb=m
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=53618800118183104444994012362013&a=73b206d3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/request_content.php?s=53618800118183104444994012362013&a=73b206d3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:44 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
hal90003.redintelligence.net/ Frame 5760 0
150 B 38ms
13ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/viewability?s=36092100092016204444994012362003&a=56391117&vb=m
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=36092100092016204444994012362003&a=b2329615
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/request_content.php?s=36092100092016204444994012362003&a=b2329615
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:44 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
hal90006.redintelligence.net/ Frame 16CD 0
150 B 36ms
12ms Script
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/viewability?s=12995600088354504444994012362006&a=fac29527&vb=m
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=12995600088354504444994012362006&a=e4ab59f1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90006.redintelligence.net/request_content.php?s=12995600088354504444994012362006&a=e4ab59f1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:44 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0BE2 0
16 B 54ms
51ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNWUwx-BUGpAsBqVjQNJ8XIXVB00kgh0F-CKypWbxduioiQbgQMU_LePZZ-0qekCWNkmH6xuTLWOFJJ-MVlzbheZnYaR4ESKOrsWf7ZX6PhQr8q1UInxIV6Z6p2AIpgjRzjnY7wL53xEULPxc_RljuVl2mLGvptk2G0TmcLOSvFI3A2k4mQ6EL5c628BAT9gjlnrcOHs-EjFGtRHp5FAfvlHr9BLjQ

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A9D7 78 KB
27 KB 168ms
168ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:44 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A9D7 42 B
63 B 49ms
46ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AyeH0Z9ydkskLnF3_HKXysOXP8u0YiCvA6WRNKlc2KSHgbTr9aIoShVJgCpryD5n6bhhVzceJoTEYMgESBXvhTFc5xx7SP8hElgxDdf_bDfShT9Qs

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A9D7 0
20 B 49ms
47ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10987406926177438158&x=1&ct=76

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame A9D7 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 12:33:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 12:33:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/ Frame A9D7 19 KB
8 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30dd4d046ee0a560951014c2c3f71fb0b620af27279bd7c5ff8b4ac877214291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:15:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2894
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8121
x-xss-protection: 0
server: cafe
etag: 8940155340736220798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:15:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A9D7 0
0 18ms
15ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRb1Fs6pkMmV9d7QQNjQIHYi993LDO29DIiJLxhCzDGFsbmjb0x6SXr6sUuKbo4iSuQwT9twrZqf6t5TRMSzcxSdpTCtA
Requested by: Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A9D7 178 KB
56 KB 180ms
178ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:44 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame E08E 35 B
363 B 12ms
9ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEES__0ygsqX7D0VuV-JDITo&google_cver=1&google_push=ATf1kGOl-SklktA_MtMZEun2sBjIPyKQgYjL0dqZMnj8uob8ytOD3QbZW0H7gzq0vD_t3mnoXfO-4Dk9xtU57E-cVA3Do1W9iiI4

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E08E
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMb1NcJIYREwfFoYEmulgvQ&google_cver=1&google_push=ATf1kGNGaNCGugLHHrAbqctW1-47-sNWRgJgn805Bf7X73oBk4foleIaX96rY_BU_Yc4xWQxMrdx3HReFrsw_krKAmB9YL6Xlyy0
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FBC647AAD2E84C508E580F0671B5C4DE&google_push=ATf1kGNGaNCGugLHHrAbqctW1-47-sNWRgJgn805Bf7X73oBk4foleIaX96rY_BU_Yc4xWQxMrdx3HReFrsw_kr...

170 B
188 B

23ms
22ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FBC647AAD2E84C508E580F0671B5C4DE&google_push=ATf1kGNGaNCGugLHHrAbqctW1-47-sNWRgJgn805Bf7X73oBk4foleIaX96rY_BU_Yc4xWQxMrdx3HReFrsw_krKAmB9YL6Xlyy0

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 21 Jun 2023 17:03:44 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FBC647AAD2E84C508E580F0671B5C4DE&google_push=ATf1kGNGaNCGugLHHrAbqctW1-47-sNWRgJgn805Bf7X73oBk4foleIaX96rY_BU_Yc4xWQxMrdx3HReFrsw_krKAmB9YL6Xlyy0
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 20 Jun 2023 17:03:44 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E08E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJbg3PmMW_ktoHb_s_jbvR8&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJbg3PmMW_ktoHb_s_jbvR8&google_hm=ZJMtbayDHAyZOxDyXo45vQAADKIAAAAB&google_nid=index&google_push=ATf1kGPurfZW3KIoflZvHjjNDkZJK1JIdgpWY...

170 B
188 B

24ms
23ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJbg3PmMW_ktoHb_s_jbvR8&google_hm=ZJMtbayDHAyZOxDyXo45vQAADKIAAAAB&google_nid=index&google_push=ATf1kGPurfZW3KIoflZvHjjNDkZJK1JIdgpWY-I8kQkoWN4nadsu7-gQ-S3UElCzu1tAY-CW1qtaAdybADrmpsHgfv6NQfDVuH8

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:44 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJbg3PmMW_ktoHb_s_jbvR8&google_hm=ZJMtbayDHAyZOxDyXo45vQAADKIAAAAB&google_nid=index&google_push=ATf1kGPurfZW3KIoflZvHjjNDkZJK1JIdgpWY-I8kQkoWN4nadsu7-gQ-S3UElCzu1tAY-CW1qtaAdybADrmpsHgfv6NQfDVuH8
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E08E
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJSglx82KMpXnxf6iUzMhWA&google_cver=1&google_push=ATf1kGMQFYGQQAQHbTuIIjz-9dAMtAIK62hfshhlhqm2FErV9J3f3cBzNMOLSjhgctLB1nvV4L-clyghQtBS37FK...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMQFYGQQAQHbTuIIjz-9dAMtAIK62hfshhlhqm2FErV9J3f3cBzNMOLSjhgctLB1nvV4L-clyghQtBS37FKZxdDezeBDwtV

170 B
188 B

28ms
27ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMQFYGQQAQHbTuIIjz-9dAMtAIK62hfshhlhqm2FErV9J3f3cBzNMOLSjhgctLB1nvV4L-clyghQtBS37FKZxdDezeBDwtV

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 21 Jun 2023 17:03:44 GMT
via: 1.1 dc18e61b7558d5d9f4d1852820b02a16.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: CDG50-P4
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMQFYGQQAQHbTuIIjz-9dAMtAIK62hfshhlhqm2FErV9J3f3cBzNMOLSjhgctLB1nvV4L-clyghQtBS37FKZxdDezeBDwtV
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: rzlOTMmJGY07NqTPYxwnb_9HAhMtz0d-bFmOTjYVjvE0FvlKxBFr4w==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E08E
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESELALkko0qeuSsQhInhBrQe4&google_cver=1&google_push=ATf1kGM1YawnPw1UZZ-1MadT5wsNbEqPP7LxegvGF6mB4lRqzwp_tVx1foDM0xxTj16M0wrTzkdhAYh0ZIjuAupNb5y2Vp...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ZFemrocFR7m3qJt_joICTA&google_push=ATf1kGM1YawnPw1UZZ-1MadT5wsNbEqPP7LxegvGF6mB4lRqzwp_tVx1foDM0xxTj16M0wrTzkdhAYh0ZIjuAup...

170 B
188 B

20ms
20ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ZFemrocFR7m3qJt_joICTA&google_push=ATf1kGM1YawnPw1UZZ-1MadT5wsNbEqPP7LxegvGF6mB4lRqzwp_tVx1foDM0xxTj16M0wrTzkdhAYh0ZIjuAupNb5y2VppDyB8S

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ZFemrocFR7m3qJt_joICTA&google_push=ATf1kGM1YawnPw1UZZ-1MadT5wsNbEqPP7LxegvGF6mB4lRqzwp_tVx1foDM0xxTj16M0wrTzkdhAYh0ZIjuAupNb5y2VppDyB8S
access-control-allow-origin: *
date: Wed, 21 Jun 2023 17:03:44 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E08E
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEN...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGN01jHznuaVJgxpcN2LEoMg3wVAh_8VkAO9c9DvwFHsFvgugXtmKLQ21wZ2kpKlnI0HCgyWH5Vq3LzovH6KCYn1NM6BqowR&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-ec8a09f1-09fe-47dc-8deb-60a9efac3cb2-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGN01jHznuaVJgxpcN2LE...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGN01jHznuaVJgxpcN2LEoMg3wVAh_8VkAO9c9DvwFHsFvgugXtmKLQ21wZ2kpKlnI0HCgyWH5Vq3LzovH6KCYn1NM6BqowR&google_hm=A-yKCfEJ_kfcjetgqe-sPLI

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGN01jHznuaVJgxpcN2LEoMg3wVAh_8VkAO9c9DvwFHsFvgugXtmKLQ21wZ2kpKlnI0HCgyWH5Vq3LzovH6KCYn1NM6BqowR&google_hm=A-yKCfEJ_kfcjetgqe-sPLI

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGN01jHznuaVJgxpcN2LEoMg3wVAh_8VkAO9c9DvwFHsFvgugXtmKLQ21wZ2kpKlnI0HCgyWH5Vq3LzovH6KCYn1NM6BqowR&google_hm=A-yKCfEJ_kfcjetgqe-sPLI
date: Wed, 21 Jun 2023 17:03:45 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXec8a09f109fe47dc8deb60a9efac3cb2003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E08E
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEn8oan7ntSl4Bx-hTuM5TI&google_cver=1&google_push=ATf1kGNRRxIOHUVF_FsbJbwwPuQ4TAMuERLJ3h9MPJn5mCHBTDgx1vfT_z0bGNiMU1bfg4OKdnqNoBnpQcyJPs2Tqrv65dL7ivKn
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGNRRxIOHUVF_FsbJbwwPuQ4TAMuERLJ3h9MPJn5mCHBTDgx1vfT_z0bGNiMU1bfg4OKdnqNoBnpQcyJPs2Tqrv65dL7ivK...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzcwMjA0MDE2MzMyNjIzMTg2NjU1NA%3D%3D&google_push=ATf1kGNRRxIOHUVF_FsbJbwwPuQ4TAMuERLJ3h9MPJn5mCHBTDgx1vfT...

170 B
188 B

18ms
16ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzcwMjA0MDE2MzMyNjIzMTg2NjU1NA%3D%3D&google_push=ATf1kGNRRxIOHUVF_FsbJbwwPuQ4TAMuERLJ3h9MPJn5mCHBTDgx1vfT_z0bGNiMU1bfg4OKdnqNoBnpQcyJPs2Tqrv65dL7ivKn

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzcwMjA0MDE2MzMyNjIzMTg2NjU1NA%3D%3D&google_push=ATf1kGNRRxIOHUVF_FsbJbwwPuQ4TAMuERLJ3h9MPJn5mCHBTDgx1vfT_z0bGNiMU1bfg4OKdnqNoBnpQcyJPs2Tqrv65dL7ivKn
date: Wed, 21 Jun 2023 17:03:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E08E 0
12 B 19ms
18ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J8Zcr9C4QaFgyXfjbRBmlFg1KypsY8yX49smIjVtIv7QzYzMBhBpDtaGCHu8-bDr6UJYrW

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 15ms
15ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 18:33:58 GMT
content-encoding: gzip
age: 80986
x-guploader-uploadid: ADPycdvxu7iCSJJU2AcH91Brz9c6f8GNuWxjjxe8EFv8ee5H8_PiuC4WkPhPDEbN1swDqJTEKRw9Lfe8spjqeY429IKlIEHjrA3T
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6114
last-modified: Mon, 19 Sep 2022 18:20:35 GMT
server: UploadServer
etag: "1f6a2c178b385e908b632664e93aed26"
x-goog-hash: crc32c=vQZHMA==, md5=H2osF4s4XpCLYyZk6TrtJg==
x-goog-generation: 1663611635525811
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6114
accept-ranges: bytes
expires: Wed, 21 Jun 2023 18:33:58 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-931232517

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa8c315a3b679b533985404a3dc8fc45074947ff69d1dade73b3f978a9b539cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69991
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 16:44:10 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jun 2023 17:03:44 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
74 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-814785950

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

01d79204ede2b768d9062f837127163fe01977114de227204dac8302520f0468

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75721
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 16:09:52 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jun 2023 17:03:44 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/ 3 KB
1 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/?random=1687367024759&cv=11&fst=1687367024759&bg=ffffff&guid=ON&async=1&gtm=45be36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Correio%20do%20Povo&auid=1286260787.1687367022&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-814785950

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af205ab1bd00c28578f5a8358060f943210379041d1b4973d5b9cc4547a48d04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1319
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
74 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801247112

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

389957fc7a6964eecce57b9744f86c39f176ddb960622a6b436636c7833bd5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75824
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 16:09:52 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jun 2023 17:03:44 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/ 3 KB
1 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/?random=1687367024770&cv=11&fst=1687367024770&bg=ffffff&guid=ON&async=1&gtm=45be36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Correio%20do%20Povo&auid=1286260787.1687367022&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801247112

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

baaf1755cef4f723bbb9a937995c514586986cb21c2de4e1e21ee33d141732ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/ 3 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/?random=1687367024790&cv=11&fst=1687367024790&bg=ffffff&guid=ON&async=1&gtm=45be36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Correio%20do%20Povo&auid=1286260787.1687367022&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-AW-931232517&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d864997c280fd4e975c2bc544311f41261a0e937978263bb4987c82a7d0af33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tr
www.facebook.com/ 0
15 B 26ms
26ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1992888384353851&ev=Tail&cd[custom_audience]=CA15771

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 21 Jun 2023 17:03:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2

200

doubleclick
cm.t.tailtarget.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEDPyC1olhkAlZvXAepsPGqI&google_cver=1&google_ula=862479430,0

70 B
373 B

151ms
112ms

Image
image/png

34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEDPyC1olhkAlZvXAepsPGqI&google_cver=1&google_ula=862479430,0
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:45 GMT
via: 1.1 google
server: nginx/1.17.8
content-type: image/png
cache-control: no-cache
content-disposition: inline
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEDPyC1olhkAlZvXAepsPGqI&google_cver=1&google_ula=862479430,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 320
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame E17F
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENPLbp-Ai3cDDAfHiDgysKY&google_cver=1&google_push=ATf1kGONJ9obPXq7-Qndpqy89ykFPdMcwyac-TirUoR6sgZlsNjAwEhHaXfLEfgQKny9QdrF-KLHdNrgpxGm46E8Ff7BlvCblgWY
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzc5MjAzMjI3MTM0Mzg5MzM2MA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENPLbp-Ai3cDDAfHiDgysKY&google_cver=1

43 B
398 B

14ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENPLbp-Ai3cDDAfHiDgysKY&google_cver=1
Requested by: Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENPLbp-Ai3cDDAfHiDgysKY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame E17F 0
103 B 59ms
32ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENUd55XSLrilu0rX_zUzqFI&google_cver=1&google_push=ATf1kGPDsryUcYCd3mOIFHoOmHXkTtL0fn5Gt2QL9H353Aq5MtUJdZ3BUEE-OzlAfSEHeQT8pAdfwhzA6ZIWy2y3xZBtvAAG_F4
Requested by: Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E17F
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEH6DJYED9B5d3kM4IryLjOc&google_cver=1&google_push=ATf1kGP0CJ271gyyogAWKcJCmw1rSYyRjKcjXZofUSOQwUagxJROE9zHahnsSdWU6kNGMAX0E9220vAcHiZELBF5...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=21KZk-CXQs6GxOMF9_oKHg2&google_push=ATf1kGP0CJ271gyyogAWKcJCmw1rSYyRjKcjXZofUSOQwUagxJROE9zHahnsSdWU6kNGMAX0E9220vAcHiZELBF5ph0GRX3RlZ7u

170 B
188 B

30ms
29ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=21KZk-CXQs6GxOMF9_oKHg2&google_push=ATf1kGP0CJ271gyyogAWKcJCmw1rSYyRjKcjXZofUSOQwUagxJROE9zHahnsSdWU6kNGMAX0E9220vAcHiZELBF5ph0GRX3RlZ7u

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 21 Jun 2023 17:03:44 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=21KZk-CXQs6GxOMF9_oKHg2&google_push=ATf1kGP0CJ271gyyogAWKcJCmw1rSYyRjKcjXZofUSOQwUagxJROE9zHahnsSdWU6kNGMAX0E9220vAcHiZELBF5ph0GRX3RlZ7u
x-host: tde-deliveryengine-production-6885dfccb4-gf9lp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E17F
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDlJncwfx1kaY0QOMPvLAwM&google_cver=1&google_push=ATf1kGOuCG4ysUMzCE_oc3cz8LyKpigY5xUIwczB_AZp4QxUIo2P95YBEFlakX-aOOTN1-mxrScl18x6rf428HuIguPm...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOuCG4ysUMzCE_oc3cz8LyKpigY5xUIwczB_AZp4QxUIo2P95YBEFlakX-aOOTN1-mxrScl18x6rf428HuIguPmpq2vJhsS&google_hm=Gy5DlZm8Q5efJ4WWcj9W4Q==

170 B
188 B

31ms
30ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOuCG4ysUMzCE_oc3cz8LyKpigY5xUIwczB_AZp4QxUIo2P95YBEFlakX-aOOTN1-mxrScl18x6rf428HuIguPmpq2vJhsS&google_hm=Gy5DlZm8Q5efJ4WWcj9W4Q==

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOuCG4ysUMzCE_oc3cz8LyKpigY5xUIwczB_AZp4QxUIo2P95YBEFlakX-aOOTN1-mxrScl18x6rf428HuIguPmpq2vJhsS&google_hm=Gy5DlZm8Q5efJ4WWcj9W4Q==
date: Wed, 21 Jun 2023 17:03:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame E17F 43 B
103 B 417ms
342ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECDFjU-UyHZIomMU-NwFElI&google_cver=1&google_push=ATf1kGPEY6EsBCNW6MAUJbBJMUboLqun04qI0nEEKz9a4CSlTrL4w84pu4G-aUEUra0Cb5K2H4JzxP_uKYbIXhQeLixLsYXZqoel
Requested by: Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E17F
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEn8oan7ntSl4Bx-hTuM5TI&google_cver=1&google_push=ATf1kGMMmg_fZS6DYv7m8N-UqnZe_D0KQfg8RL5hJ-HkMELFDtx8Ej5kPUCoKlz5p5s_Y7qGE2Vq9t61DcKzZJnJO4pDT8gwgXfo
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGMMmg_fZS6DYv7m8N-UqnZe_D0KQfg8RL5hJ-HkMELFDtx8Ej5kPUCoKlz5p5s_Y7qGE2Vq9t61DcKzZJnJO4pDT8gwgXf...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzcwMjA0MDE2MzMyNjIzMTg2NjU1NA%3D%3D&google_push=ATf1kGMMmg_fZS6DYv7m8N-UqnZe_D0KQfg8RL5hJ-HkMELFDtx8Ej5k...

170 B
188 B

26ms
23ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzcwMjA0MDE2MzMyNjIzMTg2NjU1NA%3D%3D&google_push=ATf1kGMMmg_fZS6DYv7m8N-UqnZe_D0KQfg8RL5hJ-HkMELFDtx8Ej5kPUCoKlz5p5s_Y7qGE2Vq9t61DcKzZJnJO4pDT8gwgXfo

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzcwMjA0MDE2MzMyNjIzMTg2NjU1NA%3D%3D&google_push=ATf1kGMMmg_fZS6DYv7m8N-UqnZe_D0KQfg8RL5hJ-HkMELFDtx8Ej5kPUCoKlz5p5s_Y7qGE2Vq9t61DcKzZJnJO4pDT8gwgXfo
date: Wed, 21 Jun 2023 17:03:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame E17F 0
75 B 230ms
30ms Image
text/plain 185.86.138.154
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEK_U1qojmxr1c21jhzSgywY&google_cver=1&google_push=ATf1kGOTLv7Ky2PlndnAH9_3wAb4qHbpeYmF3YhDaMWPL_rf_113Jv7iT9pr2KEpHdGY3c__w9HTgnJrZfmyu8cXiYfuApBdJ0o
Requested by: Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E17F 0
12 B 30ms
27ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IG9EsZG51uAE9omio1ry6iD7Xg9IAFG_XZKZIXf3lQnq-Uxq_VKfKC_SZoFB9ytgpd1ubV

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4FA4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJqtvFtkXYftXDOdm4pmd4o&google_push=ATf1kGPKIIMrT6xlk_Ig8nRT4gN2hv-aKEmaT6wXRQMv4BDgMWu6DxKIj7...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJqtvFtkXYftXDOdm4pmd4o&google_push=ATf1kGPKIIMrT6xlk_Ig8nRT4gN2hv-aKEmaT6wXRQMv4BDgMWu6DxKIj7G6GQZxkSwwoTp17TdDfwuTDTrLapAI64nR2b9wht8l

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230091-FRA
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1687367025.936523,VS0,VE88
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJqtvFtkXYftXDOdm4pmd4o&google_push=ATf1kGPKIIMrT6xlk_Ig8nRT4gN2hv-aKEmaT6wXRQMv4BDgMWu6DxKIj7G6GQZxkSwwoTp17TdDfwuTDTrLapAI64nR2b9wht8l
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4FA4
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDlJncwfx1kaY0QOMPvLAwM&google_cver=1&google_push=ATf1kGOPOgxGGXp9reJ-nuyomQHEhhqdLQYFVcWtE0-wqxh8sGUKnuFOawVfysJYD724kKXrZ05ZHbO0lOT4rw7rMrRE...
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=119&user_id=5108559728343166208&expires=30&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOuCG4ysUMzCE_oc3cz8LyKpigY5xUIwczB_AZp4QxUIo2P95YBEFlakX-aOOTN1-mxrScl18x6rf428HuIguPmpq2vJhsS&google_hm=Gy5DlZm8Q5efJ4WWcj9W4Q==

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOuCG4ysUMzCE_oc3cz8LyKpigY5xUIwczB_AZp4QxUIo2P95YBEFlakX-aOOTN1-mxrScl18x6rf428HuIguPmpq2vJhsS&google_hm=Gy5DlZm8Q5efJ4WWcj9W4Q==

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOuCG4ysUMzCE_oc3cz8LyKpigY5xUIwczB_AZp4QxUIo2P95YBEFlakX-aOOTN1-mxrScl18x6rf428HuIguPmpq2vJhsS&google_hm=Gy5DlZm8Q5efJ4WWcj9W4Q==
date: Wed, 21 Jun 2023 17:03:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 adx
pr-bh.ybp.yahoo.com/sync/ Frame 4FA4 0
530 B 56ms
54ms Image
text/plain 2a05:d018:d29:3605:6ce8:f044:1eeb:8f7f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENtjo3f_p9XsSqAtg2NpVBk&google_cver=1&google_push=ATf1kGN81ycY8bAOJi3L1074j8GfCH0F_FUX6SqIvI4zyrVaxejpE186ZZ6yf-UZp7YyYpwmmkUEGHREzTUJEHuRhXiWDho1dxjF

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:6ce8:f044:1eeb:8f7f Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 4FA4 43 B
245 B 414ms
341ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECDFjU-UyHZIomMU-NwFElI&google_cver=1&google_push=ATf1kGPa1m5b7iycKQTmxvJHbKe9reokXKVjQJOr8qLkUxleWQ6KIGNBjaY3AItm4Co3gVPiGp93Bf2GjYlMvCno318j_1nXtEI
Requested by: Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4FA4
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ylf2rg4ZQya6qY8XlDIWcA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ylf2rg4ZQya6qY8XlDIWcA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMZR_Hp7orAOk6-1Kw0N3D-LnAFKekD_e7LQtm2MRbTnS9BdcY1pXUBX3kE5LoFBd72eYSzWMPgurSdgNvxN2LgIAyAcI2f

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ylf2rg4ZQya6qY8XlDIWcA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMZR_Hp7orAOk6-1Kw0N3D-LnAFKekD_e7LQtm2MRbTnS9BdcY1pXUBX3kE5LoFBd72eYSzWMPgurSdgNvxN2LgIAyAcI2f
date: Wed, 21 Jun 2023 17:03:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4FA4
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJSglx82KMpXnxf6iUzMhWA&google_cver=1&google_push=ATf1kGMAvXwIiB8-5oIhxAF9rSLHi9tW4rMZQig7LkY8rRrnMKEdtaBQQkDA_KogZLiyH-aNHnSkIlTJvoAeK7FK...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMAvXwIiB8-5oIhxAF9rSLHi9tW4rMZQig7LkY8rRrnMKEdtaBQQkDA_KogZLiyH-aNHnSkIlTJvoAeK7FKqjlsrKv8PwvC

170 B
188 B

28ms
27ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMAvXwIiB8-5oIhxAF9rSLHi9tW4rMZQig7LkY8rRrnMKEdtaBQQkDA_KogZLiyH-aNHnSkIlTJvoAeK7FKqjlsrKv8PwvC

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 21 Jun 2023 17:03:44 GMT
via: 1.1 dc18e61b7558d5d9f4d1852820b02a16.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: CDG50-P4
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMAvXwIiB8-5oIhxAF9rSLHi9tW4rMZQig7LkY8rRrnMKEdtaBQQkDA_KogZLiyH-aNHnSkIlTJvoAeK7FKqjlsrKv8PwvC
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 1uzezymw4e80cjgtILJG9Ur3i4AWU48fBLW4_FBRJeRuBIf0sCc0-Q==

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58281/ Frame 4FA4 0
15 B 24ms
23ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEN1WPjsJaBOU0IFVkNDdlas&google_cver=1&google_push=ATf1kGP6r5PDkO1e7Q85hP14CyEPqwCsRRf43NLAsYD5-Q_Rf2I9sWoy_uf2nhpP5ABh8y0-ZOE7ge0lW64zS1L_mtoqwPlCnyG6Lw

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4FA4 0
12 B 31ms
30ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I9fHlR4BqZXgfv22zDt_HM7wVkVramLefBcD7LPjCqB92s436Kjt54R9wVMOlVZ3jM3xN-2A

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B864
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECwmnmQuXSljrph4NUZD9n0&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECwmnmQuXSljrph4NUZD9n0&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WFhVYXNjWE4xUWMxZmE1&google_gid=CAESECwmnmQuXSljrph4NUZD9n0&google_cver=1&google_push=ATf1kGO6n0uLEpMdBj6jT2Wg2k9gAv8Pl9n_i_B70Fl1TTk...

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WFhVYXNjWE4xUWMxZmE1&google_gid=CAESECwmnmQuXSljrph4NUZD9n0&google_cver=1&google_push=ATf1kGO6n0uLEpMdBj6jT2Wg2k9gAv8Pl9n_i_B70Fl1TTkFSfFvGs1cclFKlSYnoVlc0glFtwqWpDQ0JcD_Ht3tSQbsOCnVpyRi

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:44 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-780-gdfb6b2e#rel-ec2-master i-0d5671f9c7f795968@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WFhVYXNjWE4xUWMxZmE1&google_gid=CAESECwmnmQuXSljrph4NUZD9n0&google_cver=1&google_push=ATf1kGO6n0uLEpMdBj6jT2Wg2k9gAv8Pl9n_i_B70Fl1TTkFSfFvGs1cclFKlSYnoVlc0glFtwqWpDQ0JcD_Ht3tSQbsOCnVpyRi
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B864
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFWDtqLD1mDDn8YGGIA4fDs&google_cver=1&google_push=ATf1kGPQyMeApdlUCmIZ3VQanYUUpqPaka0593IbIS8lDnBKeuk83yWtt17wk5iBcwpqZelWVrRO5zJ6kQojdT5b...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=CQJkky1vRAC2Gv_MZHqnOw&google_push=ATf1kGPQyMeApdlUCmIZ3VQanYUUpqPaka0593IbIS8lDnBKeuk83yWtt17wk5iBcwpqZelWVrRO5zJ6kQojdT5bInRtlABb...

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=CQJkky1vRAC2Gv_MZHqnOw&google_push=ATf1kGPQyMeApdlUCmIZ3VQanYUUpqPaka0593IbIS8lDnBKeuk83yWtt17wk5iBcwpqZelWVrRO5zJ6kQojdT5bInRtlABbgZFO

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 21 Jun 2023 17:03:44 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x7 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=CQJkky1vRAC2Gv_MZHqnOw&google_push=ATf1kGPQyMeApdlUCmIZ3VQanYUUpqPaka0593IbIS8lDnBKeuk83yWtt17wk5iBcwpqZelWVrRO5zJ6kQojdT5bInRtlABbgZFO
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 21 Jun 2023 17:03:43 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B864
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMb1NcJIYREwfFoYEmulgvQ&google_cver=1&google_push=ATf1kGOCEC_2WSPwE-MtV1vevDeA4eUIVl4Ha6SYPfo5Yj6-4BjYjAsT_CVpx6tkhL5fMPhkjhRe4_2UMZhdX6HqYbJDQHMBssSM
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D591207245924888BE3C3131620A3141&google_push=ATf1kGOCEC_2WSPwE-MtV1vevDeA4eUIVl4Ha6SYPfo5Yj6-4BjYjAsT_CVpx6tkhL5fMPhkjhRe4_2UMZhdX6H...

170 B
188 B

24ms
23ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D591207245924888BE3C3131620A3141&google_push=ATf1kGOCEC_2WSPwE-MtV1vevDeA4eUIVl4Ha6SYPfo5Yj6-4BjYjAsT_CVpx6tkhL5fMPhkjhRe4_2UMZhdX6HqYbJDQHMBssSM

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 21 Jun 2023 17:03:44 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D591207245924888BE3C3131620A3141&google_push=ATf1kGOCEC_2WSPwE-MtV1vevDeA4eUIVl4Ha6SYPfo5Yj6-4BjYjAsT_CVpx6tkhL5fMPhkjhRe4_2UMZhdX6HqYbJDQHMBssSM
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 20 Jun 2023 17:03:44 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame B864 70 B
264 B 63ms
59ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHDEvikojOJLg2vhmS_pBdY&google_cver=1&google_push=ATf1kGOyATMUrH2oqFq0n4f2Zk-RMjY_FEHzOgMzrFDIWTrkyXuNzGHl31YzlTUj0utcEnM937F6mVEvOE7HBMtfNaXT88yydCFl
Requested by: Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B864
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHHMxPNoYChs4YykgtniO9w&google_cver=1&google_push=ATf1kGOysI9ER3z2KxtLdoeLDyOiTheq0PnnY0QjzR7onr8MLqH5REJcxwCE_vCM1ixv7XR1A2u...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEo1WVJBMU0tMUUtM1BWVA==&google_push=ATf1kGOysI9ER3z2KxtLdoeLDyOiTheq0PnnY0QjzR7onr8MLqH5REJcxwCE_vCM1ixv7XR1A2ubv5N2U_eALMiyAmm_k_2zMpSd

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEo1WVJBMU0tMUUtM1BWVA==&google_push=ATf1kGOysI9ER3z2KxtLdoeLDyOiTheq0PnnY0QjzR7onr8MLqH5REJcxwCE_vCM1ixv7XR1A2ubv5N2U_eALMiyAmm_k_2zMpSd

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEo1WVJBMU0tMUUtM1BWVA==&google_push=ATf1kGOysI9ER3z2KxtLdoeLDyOiTheq0PnnY0QjzR7onr8MLqH5REJcxwCE_vCM1ixv7XR1A2ubv5N2U_eALMiyAmm_k_2zMpSd
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H2

200

report
sync.teads.tv/um/ Frame B864
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPlMEPAVebI4qulMK2jJbOU&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGNwYnIs4XSC72clf34X9zWYGGjCVuoKooaDxn9raVRo1yDs7kLTo-Ew9IHW__lQy9LfYQHcszlYaSZJntkLq8mzOp9okTXC4A
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

56ms
44ms

Image
image/gif

104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Wed, 21 Jun 2023 17:03:45 GMT
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B864
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEEKc6U85Vw0BwX6v6gWg2_g&google_cver=1&google_push=ATf1kGMUnIZbZ3eMb...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTU4OTI2MDc0MjE3MDk1NTc5OA%3D%3D&google_gid=CAESEEKc6U85Vw0BwX6v6gWg2_g&google_cver=1&google_push=ATf1kGMUnIZbZ3eMb2o0wXwBHX3iIpBcKb...

170 B
188 B

25ms
24ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTU4OTI2MDc0MjE3MDk1NTc5OA%3D%3D&google_gid=CAESEEKc6U85Vw0BwX6v6gWg2_g&google_cver=1&google_push=ATf1kGMUnIZbZ3eMb2o0wXwBHX3iIpBcKb34rL1DHj6seTmj2t3eNjX7EvBSoO4r_JJeAT1BL-8fBcJ266JFKOUrqnyt5wR3qSd0ig

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 21 Jun 2023 17:03:44 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 24d38d48-9b7a-43ab-acf5-ae4f19b03328
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTU4OTI2MDc0MjE3MDk1NTc5OA%3D%3D&google_gid=CAESEEKc6U85Vw0BwX6v6gWg2_g&google_cver=1&google_push=ATf1kGMUnIZbZ3eMb2o0wXwBHX3iIpBcKb34rL1DHj6seTmj2t3eNjX7EvBSoO4r_JJeAT1BL-8fBcJ266JFKOUrqnyt5wR3qSd0ig
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B864 0
12 B 42ms
39ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J7c_t_q9NpMx37TYFklXjXjZOZ6L-ilrPMUDQDqcD4RIYMNrt1KBMPYJLLuywZacZ-xtNKVIY

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/5358810056708269933/ Frame 58A2 3 KB
1 KB 38ms
36ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5358810056708269933/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f88ad1b185e443ce4a39c76c65fa4b6f199c1521398535cc5452b19304d5f17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 17:20:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85391
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1359
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:32:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Jun 2024 17:20:33 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5FAC 34 KB
10 KB 53ms
52ms Script
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b78a553f48722fc26fa9f8f3a4906222c3378fc89a2b6f0ed6207d8f95a8d9eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:44 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Jun 2023 19:41:04 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=9410
Connection: keep-alive
Content-Length: 10113
Expires: Wed, 21 Jun 2023 19:40:34 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 298D 0
857 B 44ms
43ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:44 GMT
AN-X-Request-Uuid: dbcc51b6-8bd2-44a0-a414-5ea13ee7fe54
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6349 0
857 B 77ms
77ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:44 GMT
AN-X-Request-Uuid: 65d02658-9e20-46da-a3d4-4075a13b7c34
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame AFB4 0
857 B 46ms
18ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:44 GMT
AN-X-Request-Uuid: 80d528b0-d099-4526-b84d-a678795a96a0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B420 0
857 B 54ms
14ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:44 GMT
AN-X-Request-Uuid: d98f6b2d-c427-476c-be48-54f2407a6b1b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 808B 0
857 B 49ms
16ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:44 GMT
AN-X-Request-Uuid: a5484b16-c117-4de3-b4e1-310f5621446a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/5358810056708269933/ Frame A6A2 3 KB
1 KB 13ms
13ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5358810056708269933/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f88ad1b185e443ce4a39c76c65fa4b6f199c1521398535cc5452b19304d5f17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 17:20:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85391
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1359
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:32:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Jun 2024 17:20:33 GMT

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
299 B 130ms
111ms Image
image/gif 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-9964-3&tE=0&tF=&tI=___de_1687367023626_624573176&tJ=CA15795,CA15771,CA17813&tQ=par-correiodopovo,r7-cas-alimentacaosaudavel,r7-cas-int-em-livros,r7-visao-geral&tU=0100007F6E2D93645B0631970241E403&tX=b.52&tY=1&tZ=296305320
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:45 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 3543 37 KB
14 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 11:36:49 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/5358810056708269933/ Frame 5632 3 KB
1 KB 11ms
11ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5358810056708269933/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f88ad1b185e443ce4a39c76c65fa4b6f199c1521398535cc5452b19304d5f17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 17:20:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85392
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1359
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:32:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Jun 2024 17:20:33 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 5097 14 KB
15 KB 13ms
11ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900012.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 18:52:01 GMT
x-content-type-options: nosniff
age: 166304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jun 2024 18:52:01 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 5097 15 KB
15 KB 15ms
13ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900012.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 18:52:01 GMT
x-content-type-options: nosniff
age: 166304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jun 2024 18:52:01 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 39BB 14 KB
15 KB 16ms
14ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900013.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 18:52:01 GMT
x-content-type-options: nosniff
age: 166304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jun 2024 18:52:01 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 39BB 15 KB
15 KB 18ms
15ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900013.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 18:52:01 GMT
x-content-type-options: nosniff
age: 166304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jun 2024 18:52:01 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6003 17 KB
6 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 17:03:45 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 5760 14 KB
15 KB 20ms
18ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90003.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 18:52:01 GMT
x-content-type-options: nosniff
age: 166304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jun 2024 18:52:01 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 5760 15 KB
15 KB 23ms
21ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90003.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 18:52:01 GMT
x-content-type-options: nosniff
age: 166304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jun 2024 18:52:01 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 16CD 14 KB
15 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90006.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 18:52:01 GMT
x-content-type-options: nosniff
age: 166304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jun 2024 18:52:01 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 16CD 15 KB
15 KB 28ms
27ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90006.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 18:52:01 GMT
x-content-type-options: nosniff
age: 166304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jun 2024 18:52:01 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame F91A 3 KB
3 KB 28ms
27ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=6810331&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 6ae2ea10b0448efd55a52068cbb016caa14e464974bae7f0ebbb72159d210648

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 21 Jun 2023 17:03:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2EA9 0
0 51ms
49ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0t9m5_weuoROZi-qU7roLXIA3jMpELPv_nGobxREn_cTg1rIorMlxU1yBotRecHBveKt6jnDr-AiTPVJ-ZwwhUZvQ4Gr-UU6lnCCcgvbPMQAjQZNwGCuCRuatVHvqdh3G2k0elsgyZX-Tl8Zps0LpieDXMoHeaC8WXywEw5SKbgwAM-9LIBStcEuTn-_gx7GLyVrLkFrKsjJhLATydvT0F-QkTf_aipIOfeuBad01--HYcjWP3qEYfdXphEMX0d8j0mvxBEmc7uxSFgpeqinAEI5HjfIFmZykidI8IXhseen7RAM8PSAAP41lrufjf-XjQ2y9CVMAvccR_LulhsdhSHEvBaVvJfvwBcix98SSDzvCbFAz7xyYcJ82v1RQnhUtxP6IZA9xQh2x_OvTalFQ8qDLFsKb3NAESQLFCYtTJ0zLEUM96AdDjIVJsX6JvFHVN010NEDEiePnpzTqCSpYZxILhqo7e7v63q4ArM9Ay5aB_Vf6rG3js7HP0IN0aZJ-DPSu2-OP_cYyuncI6gqZtg26Qle6ByyqHGXAZjfsojUGk4xXX-f1RmdduFMoKcavfzusW0wS1zTz0zuUjeiNXhB9i696_IY4oMOYjRuQcjL6BvGIu1nNlFk7tohXi_AhzXtgqgrKu85IVRQ_x9FvCL9aQ4vKDg748Ym9oBQr_7Fwxh-59D6DQH5pxdKKgcyl95fXWMVUxvJFOCtUzoOpuKKF8LvyWO5-Pqk18PA02ttMiQtVQWXDwKbHJcYdX-ofDHQ721ru2TTBHjrEJ9sMP2KvlKHRJLXCCTDJ9GUlt-TKJ27m5QjlKRKGOJPi0ieaVCj3oCTI6qpbpofsE5m5oJf_ceBCGHJ34IVnPzVCZadViE5PhAp9HKmrx8LzaJSWHFyt7q94OYZQgeTCVdWS2j9HCERvTGy17OB_qnbYW48bHNyoyxeN5UCoA4NtgXD3jMFbOzJIYIgV8qvMDzgSANzm1ihZFcsSBj4dnQDSbWsnLH7k2GVdCfjp5gruZJRHT4-HwsZnU5b0zuRdssD7nWMCFrE7za8NAPNEiZSweLDfjcoz5sUoOKk4prI-SEqZ0cuOeQ-fHtJTZp8yK4RUQWECMPGoNZuO2fS_CWV1Ckm2-JX6m4K_rAgsFSXeEE1uk1xAM8pQpfknVQlBFuaGhQlW1a_Q313vAS0OtxaWvzSRQtVhbl3dYuty4Ne97QrUUGa6ZvlwlXFxxVbjldPjoWdDYgp1IB3JZrYXC6UJbXlab38i2U482AbjppgJHfNT-OVNPe-BPgEVRa3Y7RbGFSCkmsluTI2NlwZYZKqqth1ehVtnVC2eKmBXXCN8r4xWBcAWD1AcojJfP3QtZDU73kE8Wjav3CY_9PJREQmZqKXaj12xhjI-jRaYck02-oc-5BlTcLxBWrM4addsGZ6z-OYYlvxni1J6IgpbBfCeJuo4v6U4QrBPjuCglMU&sai=AMfl-YTVPP9lggPXEJ5GKIv26AjfHEXVh4LWOKg9bduLCY5h4OLnNwTLIxxo9sh5AXnjUXLXUctCe4qi6s91vtSz0ytGbz92b934ksQoPvT1UDnDk4v4swj7ZqYig_TKm0ZgscPPr9pwkC-l68AcfvNCcmQk2fMFZCRfRNtFonVh2kNnI7EXoBXds7nonL9oFGV8uHlmw49WQ-3a&sig=Cg0ArKJSzLJzuCIzPdfwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1550&vt=11&dtpt=1022&dett=3&cstd=522&cisv=r20230615.47078&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Jun 2023 17:03:45 GMT

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 5052 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 11:36:49 GMT

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame B646 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 11:36:49 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6B9E 0
0 46ms
46ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvdUPjfU63KbKE6H6mA49BrnRuIDj25qFZYFJOkkTjqdDc6FWDy31-AU5tOyGy6zrQb3-6fIhaFi_AIrIIFOV-qlKqtBi7iB7M6F_oN741rbC1liqLbp9t-tH96jw0cvrjX7mYsK-ERu_RynIK1ArXj2IVDcJLYyJVrtSkF1crpwi0qB1QKP1bnsAG29-Pytn9Zp-fFPiFIIixGquTTAN29-iwVtOX77kmMDoeXjNYim42EtjwtBI4vEZBSpTRItLnckI4M4a374ywds2O0DakfA0ONneaAI5DZiDhgfNGHoCNGsZ6jm-Mw0JbJZbK_2rlNlTfErR_VF8xsoBauL2ASDTH43C6agAZ9NtK6-14H8oVitb6s0M7w4Ry0EyevZYbp5Z1Pt-zgmiwIl7SUKEI8HRxKx3ZovHYNArV5AdHzLJceNGeX2CyHxcdHMhy4skmQz0bE3RTJMZWUsIh5AAcYl21xY85Xho8do0POCQLf59EbMb7dTWRsCWN79e8Wc2lHMG8QFJ-4A8Alq-DIZ-CViO76r0D6eLJS7K2qYJ0pVSvmPbVfvC6lALNok8FPCXd5770I1A8lYJNUMqFJinGbdQJDysIcHMS0GgaxOEchWXbhcm4afdm_tjvSkkGElWCT27byvImuEGfaqYZXGW9ABNTEWs9gYGlff20IFxiOnDQOstwg3cjyC7ZjxTd2u_10EhyWwAAZH9vHTG5Xp7horm2EsxdLMqwigM66ugfZSiSzYHGrOsQ34eoHyF57lkG5TL7tJ3ANw76TVvBofbpiFI6bS8oWmH3CbjulDmH4BQCHuNI8cx1uDb0i_pL1ytAvyB5GVgxFw8UDtMOgSialV50YP03V66QALtqdrIuFRtH8ODJdeMRsAtRUr5fKFvSL4pMbsXyQr0j_8CKIaHEWRmoUKdQsTOWrYSkvpOmUIhVP5P-q31jD1i0VIoz7D8jVEHyxSH1Pqv5FIUy5Sf0fv3cSCiw7g8Ik0U0V5Ip1Ak90ADXoV9DCvHGv5GpbN-5ijGO0cCeYFI569XSrWmaoSJ-CJYlznCp-oqrmoWLTep2sPtrkV1pXnCOh6uG1v-U2FxoRV8KG4Ddym-t5XL4KGYYAbfnkOGvxAx5VJ2uPGD1v3x_bv0R5MVgfnZaG8rlbb1A1ohFCsF7jcqbkAFmu9SH-RieIasJVrpYltY9SjLJ09xLAZRoNt8axM5K5YES4_lwoK6VPijEPxJTFiGDLiUN1L47X4FAXTjUsPkogiJE4DHfAPWQgs7maK1AZuKSvb5TwuZ7cVs1OFtX8Q7TdzuE87WUA8sf9UiOOLSXkxwg_ohr1LXq4QzdiTQyvsBRJy6a1Zu5jY7xzL3d5Fw4_PgwPGflW0IPXhOirMRK-61C-L6YDaiDwhyfxtxNEx_dNDpVg80cbplNJha02Cy3io6NBCiW7TxIhAoXHhGLEklG1JQCCwQK85Jcu4HBn38Xn&sai=AMfl-YRuP1YFdfI5u7ktyeeWb9xENbohnAatxefmdJ1eu_ATrelCbpeBuVfHhb5K7epR1JaTmzAqHlymL-Tw7fq-2CqIwBRchEuuL_2owpAvcqx3x4b17Aktc7h50X7zsLP16gXDa3caRSrtz_oyC7hPpO_9srl6GUtdfmHoL3sr1BF9knK6owZMY7KSoNJ69F50jLZhPQrhduCX&sig=Cg0ArKJSzFYmEWH22N6MEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1594&vt=11&dtpt=1127&dett=3&cstd=461&cisv=r20230615.79512&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Jun 2023 17:03:45 GMT

GET
H3 200 congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame 6003 98 KB
98 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:01:39 GMT
x-content-type-options: nosniff
age: 126
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100772
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 09:13:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Jun 2023 17:16:39 GMT

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 6003 57 KB
57 KB 11ms
11ms Font
font/woff 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:52:59 GMT
x-content-type-options: nosniff
age: 646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Jun 2023 17:07:59 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C4B6 0
0 45ms
45ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssJVrDH6rkVb8ZHkB1-9I8xMckKn5fRdEgomcdfF2iG_R204Ed2sIF8tbU6c3ICVksnufngRspYnd4bz76416PsXWpxoqpVhiLQ5ZnDpsm_qGY6hD_WqyUP4KazR5ASV9AAnFyPd0ZHEr8CygjXQVCvSIP8thPfME9rVQ-MHKuMQcDAoGVz5bW7JBWFpBKfeW2nR-Zfkv-4IaiGbxxuI2IRArYPE0Wj-OHc0lSrtlyM311y9XNHSbGfl-RU2Xsy_jaLQTyHqg1sZWfTDqWSAXqiaUJexI8vvJiR_IVt8ZtkEg8PojeCP5o7fsdXX2qurbzrwv-i40zxfEvjcGWiQMfemU8EysY2IvHnmECxLMe17iu_CFMMnl-2uJpjldVyQS43Y6Q_h5IPs8e5C8GKjuCUI095AuWoNG6bWgeyYuYJbCvaeO1utIfnK475ZHuDT-3NJJmE0c1BUmVz6_mjgW1ZAx55oOE7xI9or6eU4Pb_RG7UBZTtGJh74YBGE5peePiB1E_ST82Yy9fLWokiQeGc6Ct9X_UUNvQoZ7aGxYFVVi8H1TBvtsfJGgsL2ohh89MgInOlqBXvNENb19P8r95b_GTzfwEBR21slvQZwK6U_TWYo5yj3G-DUK5L_kILNEB6d8Wb_u-4gn-ut_RQLcfPIfOwxF6xj2tGEXThL3ZHbJX9GYvMyKTQqsZ6YQqv5j67W7u9M1HC4T27P_ku8Opw-5go_Fx7xjXLZkZC1zu-oTBYEWrnOSOmO5F_ZKtLh5KEFZ0BFNjCRmKHQUr88tVkPgd1fwEdU8swu9ag0sKODnM67G-Yluv9uFvrpLPMdsvRmu3ZWlWAA3u4Q7UDQZhKyYwF1DvGmcdjhUW02iJQEkmIUpyuHSq1cfJnJE0LsRVuJeESp4FBT8KLDgxHRL0gO29eHvOa0Kku6zZUasjSyEnPBhsN79WnjJv56p-42p7Jv4KcYY7rIn2DexKCCevNOLIFsUlDeNI5opo45GrZ0KNrIvx1K9PqnZfVaCv9SXBTyGzYBURsTOEe66x6fjrSPpOYMYnaZjq30tNLVzie7bStWFOces_bki_tZbB0RZKJ5CFH11LLw-5aKU0vsn_8H7cqjMyUomH04vrr8dWEE37e_3r_2Tz0NXM_mltKybeLxzHUBfxhuJJ9cHn2Ym2s4dXNLtSvldFLqttU_bTfKUXCmN9R89HbSSCII6Hf5TJMBVzDH1LHx7W5eMaFgTVPtpCVJhldWtlrtzR8nkt9hA3j1gmCPrU_IjFMYMTUzCtpyeWnhl7FQEC0Vmb9UVmT4wNVAAtLKCmIrAQv_6AtF1s-5si0Gv1zEL6B3qhIL4eRewT0jgVnMOxwR7rHUWcWtjXerl5WAdDcIRXaHdfjqFuWeKYVbLwCJmSoUX8pnbD2u7RQcqVYScIPtOWaNpz0W4SXqcQ0b57iALX7R4JAyOB77UyYg1FKhNz3u3pok4qD&sai=AMfl-YQG0Zz2_vf-saL_CVN1Vqm_48Vm_D0qrFWmVParC946Q1bzPvXL8N5c3qEJUat2mahx7P3r5-Je3SmyPcDpK3jbYEOEPdBu9iVioQoSTWO23TKXJ7L4EvkLff_mID2qUdrS-f7uPEVJnqmFdAlf-q9j2rOd5deaX9uAtnL6jkiE7esrMv9sjNJ0XfJRu7If8iENuP4HcK-2&sig=Cg0ArKJSzCIeTxzk5LEMEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1601&vt=11&dtpt=1125&dett=3&cstd=470&cisv=r20230615.01955&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Jun 2023 17:03:45 GMT

GET
H3 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 58A2 13 KB
5 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 01:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jun 2024 01:39:52 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 58A2 7 KB
6 KB 52ms
52ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f22606167cd85d42f36495b550a21c461db75221a0edfaaf9ab9c67edf18c52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5728
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A9D7 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7713214283519&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A9D7 0
20 B 45ms
45ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7713214283519&version=m202301230201&ct=76&x=1&cor=10987406926177438000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A9D7 94 KB
38 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AlqBEPPPFslo7v-eSO0SuVrADmEh27hub97q3YAvdCVMRbN4rGVqDBQ-4yXmoRaIRZxFSurW9l_4MGweqzRtoUC7sOccB_mg_jvEELKyWhavCkeLPHK8HVi79MxhE326j8wkOLGeg9FTtJbBVleA1rkS3J7tV0obyyJHU-QmfeDmba4Sw&dbm_d=AKAmf-ChrfW51StkoHZ-v3xo-ZjwKpKve2-Rep0VRgONfmrDUgGgMOo0KHU_Slw3M2pk6M8F4DW0CoMPWv72B2F8-0_8X_7r2baFCRlyewUSASCx38M1k2QD8_MA0SPXSMQ9_0lrjalXYq8TE8Ok7ydQlao__EoH6PLr4lb6PEQHYTQ0oWyUy0-QtN73IQvnyrwvWlAQ4LygrJ1wjD-yDCZEFxvuix21lHJ8EbFRDVV5mbQ6KX8MHrVXr1GXIixJrSIcianV0lz_k3lgBj4Gb_91GwkAP30JvvFNdFXYiJsJ8XFGv9rq371NdIpnPRT3yN0nf0G1v0TQt_24jDNOxT5HVH_gellCe7pH25PO-SIy_hxfX-SYf49kv4YCYl489JKxBYbbsRwMbtV118hnlLDiQ5lao0szL1REuGEe1VHBPwBoiBJD9aKitYXgwokahmSVH8SNa4POVZGiaZ60Cq-PUH2OOYbmEqbNTYnhndaEieM9zW6cVIeLgxNQGV48sp9JhxsJLsx5COtTO1VUdzot3LOWeo_hnk5YQ29sc9xD23KRFRu4av49RQJIW2SuSdo8lNfQWtm217QAf72rraOcKyMsn5TDptx85gizmio7uC04AhEWKXhpi0pXeHKtivDfED13AQ9C9jU100KRVYVwAgQXdLs6P51LN0087uWQ-zFwINg8h0rEiPv-Uh7d9u1IOJl4UApNcL7MLOSfa_tgrkx4nDoqx0ud7VVNh1riMg_zHrM35g4jAJ5xZp27d98E3G65KXN3Glln32V-2ICxNgcT4TVhQsvJqtAZOvsdjkkNTs2EeuuNz-BD18LSsAvURghJ8tEgjIWEWx-DTN_IvajNhX5nsLIkm2Nlye67VPkNsZJOEWWCvIVMXdjUgG4MpTat9LAK4lwfMBiMNd6MQO1XHrMxMkyWhH--DKfkzC2x6OHok00HtGtOD8SNNSluWDcPRjQ2i_KhghhCJ1kKOHmMJH69GfFUTt7ea28m_MLVd-0hyY-FbQQBHpG-Mw2ES8T_vEoQcHc6H_BVAaYmQwxz8u-zC76kAVb8PusfTD_blMlMaqQNc36VARilV5ETx4F86sf1_DaTUnewuQNwcCDp6M0Fy_K3qr1p0PBUvgk1uhPnXew4Y-ZSMMiwz8-asTGUHgk4w6LF3PT0zh6IpvI6xHF9JY5hS8VIHd7Btrp-8xDw4tMHriXW6Do1fcXXxrz38ngNUUHbkvNi2PyRPGZdQwcZ_vhnWzXvrOYisW10zuu9ltHwN3uYMsgr66_iO6UF-4RDsYUFGFDLNqrb4jmBLafP-QHVw9A_Y8ZMMxIaRDQJB8ha4PuEbyKQG3yUzGlK646mBuHhSutDE-qD_7kxXL3hiWfurMyUzRUlIM-mcS4InxDHlQ1393tcmNVMUssWUxuunilKNy2DEbyV5MNH_9fxy4ZDTFhbZELlw6Bd5YHvTfTNLjM-Xt-jc2auu_qNa_UQsz0085fmrp9xPKgt3cckOfb1eaARnIccpk-eJo7mZbsKKTpxsdAvgDQZgz9IpRJ-PFCm8x_f1ey834hgvix7jugAfdO8RXbogYwZwsTEl-0vrsYiKr0ppg6UwO388uUQFf5-iN89QzrmS5T5f4U7JSq0eoL1VF4hMR8huDX_gZN3mxpKfeflk8IqU3uXZCn99a2sHOgDVsHqTmvwSccj4GXRXZ2eAauVf8UOAUfsqU3nxs6MIpOv6xqD2vmqXYZrEK2e0Hw7mo0hA5egkrf_-uA5obmboK9dtMmuR4RLEd728GWsia6gc3arMXM-qa_JkjVhAKZGjwJ9UEeChzJmcK1oO7RN0MbP-ORgISraHZMhPx6jReHy2SnGwaoOX6w-tqO2ytolmuDVsCmmKdFNFBxO7DNELdak1hMaYDNe11tUIdtZBfFeYKUwp8Yks-FSpDSZ8gC1p59HuxodTOadXszBO_41qPeDMB2Wk7p104y-ZAqfBCyhLmKPkrJ6zeofOTUd_IpMOzpOnXVrwkwET4GdiOOcuC_xuw0wNfkpJN-ajZRonl71TDAVa7OIH0m0T6MrbPsb3tGy1ENR2VxzwMZJB43R20Mw2asfN5S-iwppFe7HX6rMLFrSBg4de8Jsx1SB9yU4ojsmVQ_BOE0mvq9ofrukxXCcUpsyJ5pgZ7ZbbkoK1cw4ZQo1Uq2RVN6xJE9GCMJsAVXzInd6h_XqxI5aV9fd1Qa5VMIP6gOdxfQzym0AjRsoTyR0cVjvt97pGOQX43CCTEYhQYs1_Ae5TTxFSGGhP5MzzDWDTCeKl2cIfK2W2vri1eOUzhSK8xtywKnpy5TXfAVn8DhB7667GNgdgxt80hAEbHqAQ3Ex3adpZ4uP9wDxm9QCTJV2SBTSfwhRWWkewvh0P4WLMYIkmwfo6N0ac_6VNciJMUjJX4nrGcP04a79G3lWo7xpXgbMDz3le5ZonvZwgayXSGOM9Q_DmEOCT4zY5oNnLUnV5UuVXYA27IFck_dB6v_HxNfytDuEPqjZELrUH3ZT5bRBpLuHYBX0Ea-resQjQsA6djoJbE9j5qXksKoC-AnfCaic6A6yTPRef0HNp4kQgjdyzI1MNvN4sx6FYtcejMQTTq_mfmOQo5pvsDEgfCBwlT9wFdpnmeNeahBxsot3HWf3Pz_fHX9MDWXNiRLbQ_PaqjChZ2uai7Ao_TZy3Vkj29mwKuEx3wHPMIBnGEARXEQF3hZsqsgMapH65ldUHb2XyfGF0g3mH1H0ZfvhK69ZTkxjtI5CaQocobqdy7d577VKwoZjG-sh3bfrj5SnNIBjUhvjK-XpLykWDqPFYd75z52DIoERFTXlhWCvuNsYLqKpm3VPtpdV_AUfBMyHzvFY0nF36j6RFTlTcwtzcY0bvVgwM9NZQ3ZDmCLw5FjVM8e52oNVr_xf-M85bmtvWRATXy3uzujlLBzL2rgMntfBGSYn85P-z2JxOCe_X9Sr8IVbQtqeOZLZ0ElfOu5WIhSQwZ8W5Iu3YB-phziSMYktqwVFoWnsz_v0PAGlZ4sVHLSCCcGXPJQ8Iwdl6IRF3nn4O8VHttua6WJ0hR_O7DZOFnRVwrPGF9SP1Wv8-IDy_6qP1ItqHcWo3pJ1lsuxQaDTmuqF45GWNIm1N02SPmv7HLVamw-ZGMVAHDIFWFqjN4M863PdItYK14CcKPUwQIlP3kiqMZ-7DkAIHtt0emfEyyriINJSHSx9Oplx9q6YEoCzWemgN0PgsT4MmQOkSoWHUayHqXx2odEMynGEhDhno8adsKNjeB0jtP13e4mLLtYhrxDa-Lu1OL6J4qV6Sd0f61piYWh_4FlIUaoUMBzT7-NoyJhe56Wcmk-ALwFKOuiVsyoto0S5o-vjnwhPeQ4cSjt5urpoxnsBoNPi6M7rM3FkJbgDNntFu39IZEhlMdn-Wr_FH4TrZhthMr2nXFx64WMnKWrgpryNN0SJ0SDojWfgIdCoJwIf44-UWwaACFl6oORK-siWwxgKQdk6ZdDRTzJ4okgCs7cT6kjydTqpEJSZOQ-vYV88w_vNkwpjyrzoS0Z8efVDNzECJ4vNeytZslnRZ3p4aNBKwq4sy-xC6bfyUpwQRc3bB5IBKfPoR8BNZzCbPNhFha9wuYX-PmtpsLAzVGFbzDvfnZ-M3tMyOmoTuYTV2SbAcFw1rCjUU57p7PHz8gzh4iWU7MMEbI7ReaFYjgCS_MWhZZ_1tXIfTjuNEHHNRQpD7UDxYI5dL-0ppniV-SC4onSxHgE6M3e5bGEnX7l-ZQIP84LOC30aENu3BtUWXYufvpmjiJ_hFqKc6S_cvm_TpOCe_xt0-7h80WlJBcQNlIgCSNAxqa_qjr54BDxR6IRu1pi5ECqZrCNSG3gNVKOw6EUtLzHYrfnlw1J9MInmhnrVKwrQnOv4Oz4v&cid=CAQSOwBygQiD0t3ORJh3Rh-EiSSZbnUFiyetoazrPXywQZ0yIaHhLuM1osKi5EJebQG5hzizklDK_EPAi0k9GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ds=l&xdt=1&iif=1&cor=10987406926177438000&adk=2766597781&idt=175&cac=0&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f9374f2b19469d298314096fde1b84c5a8defbabbe44f5a84ca948d30f874df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38405
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame CE51 27 B
558 B 182ms
110ms XHR
application/xml 198.47.127.206
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367022781,,&us_privacy=&cb=1687367024671&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.correiodopovo.com.br%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.correiodopovo.com.br%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2023-6-21%2017:3:45&ranreq=0.5689331590552937&timezone=0&sua_br=[]&sua_mob=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367022781,,
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.206 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:45 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.correiodopovo.com.br
content-type: application/xml; charset=utf-8
x-vdbg: 1:0/165:-1
access-control-allow-credentials: true
cache-control: no-store, no-cache, private

GET
H3 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame A6A2 13 KB
5 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 01:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jun 2024 01:39:52 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A6A2 7 KB
6 KB 50ms
50ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

867068c46a5addf7c8061a851481ff99575cf72c38e20ad5edaecf3a62b75eaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5650
x-xss-protection: 0

GET
H3 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 5632 13 KB
5 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 01:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jun 2024 01:39:52 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5632 7 KB
6 KB 55ms
55ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a260f3124491308053529db6a764eb5ac31941cc6278c821b7dd630bbf26f04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5653
x-xss-protection: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/801247112/ 42 B
64 B 24ms
22ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/801247112/?random=1687367024770&cv=11&fst=1687366800000&bg=ffffff&guid=ON&async=1&gtm=45be36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&frm=0&tiba=Correio%20do%20Povo&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=68658511&rmt_tld=0&ipr=y

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/801247112/ 42 B
64 B 24ms
22ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/801247112/?random=1687367024770&cv=11&fst=1687366800000&bg=ffffff&guid=ON&async=1&gtm=45be36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&frm=0&tiba=Correio%20do%20Povo&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=68658511&rmt_tld=1&ipr=y

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/AW-931232517/ 42 B
64 B 22ms
21ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/AW-931232517/?random=1687367024790&cv=11&fst=1687366800000&bg=ffffff&guid=ON&async=1&gtm=45be36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&frm=0&tiba=Correio%20do%20Povo&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3561787167&rmt_tld=0&ipr=y

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/AW-931232517/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/AW-931232517/?random=1687367024790&cv=11&fst=1687366800000&bg=ffffff&guid=ON&async=1&gtm=45be36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&frm=0&tiba=Correio%20do%20Povo&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3561787167&rmt_tld=1&ipr=y

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/814785950/ 42 B
64 B 25ms
24ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/814785950/?random=1687367024759&cv=11&fst=1687366800000&bg=ffffff&guid=ON&async=1&gtm=45be36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&frm=0&tiba=Correio%20do%20Povo&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=907342667&rmt_tld=0&ipr=y

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/814785950/ 42 B
64 B 24ms
24ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/814785950/?random=1687367024759&cv=11&fst=1687366800000&bg=ffffff&guid=ON&async=1&gtm=45be36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&frm=0&tiba=Correio%20do%20Povo&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=907342667&rmt_tld=1&ipr=y

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8922 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bw92QbS2TZKj-J4ym9u8PksaH4AkAAAAAOAHgBAI&bg=!HxylHEjNAAaGYqkwpmI7ADkAdvg8WtuY1w58bN1eGblNA6BSEv-LatLacrVN6QAq5DbOEBQrMAgCDiDWDmCXrihlmTPsP3JU0hQCAAAGVlIAAAAGaAEHmQMeJa3sQqVG0SL46MjWf3teABs-QxlGZ_-1uAgMcHutGFXpSD2u66Xxf-adG2fqpqKMepqw0qdnsQsSqMTAyIgRKFi1hnrG_nmnVYaFW2At167Xj7vLwHqPcA1cN25C5PA8chX-brr7x6RobdomItmGY_BYNlOoyMzRe1Y-cSBUvjnqaM8ruPtw_6D3XJ5XuJLw4OdQ3OCHB1yHo9dclzzJZugiBUKdzyYoBlkUERNv4lmRnpwJSCWHl49-TKiYX4GYRfIElQriMMmFwUwIQ-9jWzaY0fayBat3H3ugN7uAxw7USHQ32xDU1Io5IfT_zFhkERHPusj85-zcE3RNB4jr6mLYoulYpd_Bb42d_jda805TaBdi_Xp4z4jJ4_RMr52PQqfU1gYiRmDZknx_yoF7eXB4zXhjKbKs93pA0kwwgDodo0C5m5LZfGmTBv1qjqFDcZcD2XQI0A3HWlJwrQNeFH-xRfTDs8SBWI_N6W9tyiDu_ImkrK3iTNXRPYfJuJ5xOV4vvqvnEGKSddTiNox6LDdiszHuPEZTLHmu4iVYhEcgUo4ro0r0kxrjgnccTzK-eq-0x6kkYp3FnOdqiDZaC5ZZDeRYefdF_aV_iIumDA3Y2f3qJWzByphBxzK6BIZohri-JAgTVTeh41U-ty7W2F3R5qvaf37EZEMM02JmVMGChusLBnFz4alITHbighz2rJ-5b743YcfrcG3tOmjLgJglH6uO8rHTaHV-dGHERJGYyHsRkaWlFgRFVmPElpI5-4Kj7ZmtryK9lftRz09EUb4Bmhe0KbNMZiF8OAXAoxDFrdsYqt0zeBmW6lqHGG6df9ULtS1SEBT5rJuTzCKU4TxE43k9cpoT1KJsHsDatEpjkGczP2ZyDmmasNRr9SZIxL0xI7ghJwg7gN_Wo9K3FgW4bmU7oUPnku2pW_LCOCZpFje7YyI0pm2t9HcvxH43emrbaB3gkBSy7Dpd6FPD6Q4328MpATLnthgrLLpVKvMY_ReTH2EZB9G2XJpStbGbi0NwHnY6Pq-5dMdLPOy6kunZLW4umfvenbWnJlwa

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 864C 0
20 B 45ms
44ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4817185762602&version=m202301230201&ct=76&x=1&cor=16947687642965395000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 5FAC
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t

43 B
855 B

118ms
117ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:46 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PHYK7JNWE3G13EJFMTAA
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:45 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RGM6CCVN26TMEJK2990H
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 5FAC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBKxB3w1iDieiQRG4m2--gs&google_cver=1

0
239 B

20ms
19ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBKxB3w1iDieiQRG4m2--gs&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBKxB3w1iDieiQRG4m2--gs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 5FAC
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJ5YRA1M-1E-3PVT

0
650 B

161ms
121ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJ5YRA1M-1E-3PVT
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:45 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 418BD96F3725491DB04C65FD70395F08 Ref B: FRAEDGE2021 Ref C: 2023-06-21T17:03:45Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX+psAvJW1lYPj/NvrntA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJ5YRA1M-1E-3PVT
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 5FAC 70 B
264 B 34ms
33ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

BhGWvaBYTBfCyPSw8Ml65Mn5EUdSAgOZEtemQ7w0kco
pr-bh.ybp.yahoo.com/sync/rubicon/ Frame 5FAC
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/BhGWvaBYTBfCyPSw8Ml65Mn5EUdSAgOZEtemQ7w0kco?csrc=

0
530 B

34ms
33ms

Image
text/plain

2a05:d018:d29:3605:6ce8:f044:1eeb:8f7f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/rubicon/BhGWvaBYTBfCyPSw8Ml65Mn5EUdSAgOZEtemQ7w0kco?csrc=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html

Protocol

Server

2a05:d018:d29:3605:6ce8:f044:1eeb:8f7f Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-length: 0

Redirect headers

Location: https://pr-bh.ybp.yahoo.com/sync/rubicon/BhGWvaBYTBfCyPSw8Ml65Mn5EUdSAgOZEtemQ7w0kco?csrc=
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5FAC
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0kT2ZPdoRzeP_1MTqa4ZPg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=0kT2ZPdoRzeP_1MTqa4ZPg

43 B
479 B

39ms
39ms

Image
image/gif

67.220.224.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=0kT2ZPdoRzeP_1MTqa4ZPg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html

Protocol

HTTP/1.1

Server

67.220.224.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:46 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FZ3PSRR0SCWRMQZQSD0D
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=0kT2ZPdoRzeP_1MTqa4ZPg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5FAC
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEo1WVJBMU0tMUUtM1BWVA==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHHMxPNoYChs4YykgtniO9w&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEo1WVJBMU0tMUUtM1BWVA==&google_push=

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEo1WVJBMU0tMUUtM1BWVA==&google_push=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEo1WVJBMU0tMUUtM1BWVA==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5FAC
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWQyZDVlYTg0ZDRlZTMwNDg1ODQ2ZDE3OGNhMzUxZmQwZTRjNWJhYg

170 B
188 B

20ms
19ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWQyZDVlYTg0ZDRlZTMwNDg1ODQ2ZDE3OGNhMzUxZmQwZTRjNWJhYg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWQyZDVlYTg0ZDRlZTMwNDg1ODQ2ZDE3OGNhMzUxZmQwZTRjNWJhYg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 4FAF 37 KB
14 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 11:36:49 GMT

GET
H/1.1 200
OK img Show response
sync.mathtag.com/sync/ Frame 7D2A 43 B
443 B 28ms
27ms Document
image/gif 185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master zrh zrh-pixel-x14 config_version:"1524" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 21 Jun 2023 17:03:45 GMT
Expires: Wed, 21 Jun 2023 17:03:44 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 1031 59fd23a master zrh zrh-pixel-x14 config_version:"1524"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame A9CA
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6984261806563861649

42 B
0

81ms
17ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6984261806563861649
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 21 Jun 2023 17:03:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6984261806563861649
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 009D 43 B
363 B 65ms
16ms Document
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:45 GMT
expires: Wed, 21 Jun 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 268865
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2EF0
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559728343166208

42 B
0

65ms
16ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559728343166208
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 21 Jun 2023 17:03:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Wed, 21 Jun 2023 17:03:45 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559728343166208
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 56BB
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CA57F6AE-0E19-4326-BAA9-8F1794321670&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CA57F6AE-0E19-4326-BAA9-8F1794321670&redir=true&gdpr=0&gdpr_consent=&dcc=t

0
0

228ms
226ms

Document
image/gif

67.220.224.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CA57F6AE-0E19-4326-BAA9-8F1794321670&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.224.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 21 Jun 2023 17:03:45 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 31QPE36EC7X3V5Y8M6S2

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Wed, 21 Jun 2023 17:03:45 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CA57F6AE-0E19-4326-BAA9-8F1794321670&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: DZCPFF2TBABCFRQQN53E

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F91A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ylf2rg4ZQya6qY8XlDIWcA%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

8ms
8ms

Image
text/html

23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:45 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=109360
accept-ranges: bytes
content-length: 5554
expires: Thu, 22 Jun 2023 23:26:25 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame F91A 49 B
266 B 130ms
40ms Image
image/gif 34.255.231.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=CA57F6AE-0E19-4326-BAA9-8F1794321670&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.231.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-231-185.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.24.166
content-length: 49
expires: 0

GET

UCookieSetPug
image6.pubmatic.com/AdServer/ Frame F91A
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2794372131
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0

0
0

GET match
a.audrte.com/ Frame F91A 0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F91A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0E1N0Y2QUUtMEUxOS00MzI2LUJBQTktOEYxNzk0MzIxNjcw&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

17ms
17ms

Image
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 21 Jun 2023 17:03:45 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F91A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKNwclUw68ELuBn7hfKwJeE&google_cver=1

42 B
299 B

17ms
17ms

Image
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKNwclUw68ELuBn7hfKwJeE&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 21 Jun 2023 17:03:44 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKNwclUw68ELuBn7hfKwJeE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame F91A 43 B
409 B 22ms
20ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 20 Jun 2023 17:03:45 GMT

GET

Pug
simage2.pubmatic.com/AdServer/ Frame F91A
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3753889245533002917

0
0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame F91A 70 B
264 B 34ms
33ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D449 0
20 B 43ms
41ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2970151933060&version=m202301230201&ct=76&x=1&cor=2503743497171652000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame A9D7 172 KB
60 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Origin: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:17:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 10:17:24 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/elements/html/ Frame A9D7 11 KB
4 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AlqBEPPPFslo7v-eSO0SuVrADmEh27hub97q3YAvdCVMRbN4rGVqDBQ-4yXmoRaIRZxFSurW9l_4MGweqzRtoUC7sOccB_mg_jvEELKyWhavCkeLPHK8HVi79MxhE326j8wkOLGeg9FTtJbBVleA1rkS3J7tV0obyyJHU-QmfeDmba4Sw&dbm_d=AKAmf-ChrfW51StkoHZ-v3xo-ZjwKpKve2-Rep0VRgONfmrDUgGgMOo0KHU_Slw3M2pk6M8F4DW0CoMPWv72B2F8-0_8X_7r2baFCRlyewUSASCx38M1k2QD8_MA0SPXSMQ9_0lrjalXYq8TE8Ok7ydQlao__EoH6PLr4lb6PEQHYTQ0oWyUy0-QtN73IQvnyrwvWlAQ4LygrJ1wjD-yDCZEFxvuix21lHJ8EbFRDVV5mbQ6KX8MHrVXr1GXIixJrSIcianV0lz_k3lgBj4Gb_91GwkAP30JvvFNdFXYiJsJ8XFGv9rq371NdIpnPRT3yN0nf0G1v0TQt_24jDNOxT5HVH_gellCe7pH25PO-SIy_hxfX-SYf49kv4YCYl489JKxBYbbsRwMbtV118hnlLDiQ5lao0szL1REuGEe1VHBPwBoiBJD9aKitYXgwokahmSVH8SNa4POVZGiaZ60Cq-PUH2OOYbmEqbNTYnhndaEieM9zW6cVIeLgxNQGV48sp9JhxsJLsx5COtTO1VUdzot3LOWeo_hnk5YQ29sc9xD23KRFRu4av49RQJIW2SuSdo8lNfQWtm217QAf72rraOcKyMsn5TDptx85gizmio7uC04AhEWKXhpi0pXeHKtivDfED13AQ9C9jU100KRVYVwAgQXdLs6P51LN0087uWQ-zFwINg8h0rEiPv-Uh7d9u1IOJl4UApNcL7MLOSfa_tgrkx4nDoqx0ud7VVNh1riMg_zHrM35g4jAJ5xZp27d98E3G65KXN3Glln32V-2ICxNgcT4TVhQsvJqtAZOvsdjkkNTs2EeuuNz-BD18LSsAvURghJ8tEgjIWEWx-DTN_IvajNhX5nsLIkm2Nlye67VPkNsZJOEWWCvIVMXdjUgG4MpTat9LAK4lwfMBiMNd6MQO1XHrMxMkyWhH--DKfkzC2x6OHok00HtGtOD8SNNSluWDcPRjQ2i_KhghhCJ1kKOHmMJH69GfFUTt7ea28m_MLVd-0hyY-FbQQBHpG-Mw2ES8T_vEoQcHc6H_BVAaYmQwxz8u-zC76kAVb8PusfTD_blMlMaqQNc36VARilV5ETx4F86sf1_DaTUnewuQNwcCDp6M0Fy_K3qr1p0PBUvgk1uhPnXew4Y-ZSMMiwz8-asTGUHgk4w6LF3PT0zh6IpvI6xHF9JY5hS8VIHd7Btrp-8xDw4tMHriXW6Do1fcXXxrz38ngNUUHbkvNi2PyRPGZdQwcZ_vhnWzXvrOYisW10zuu9ltHwN3uYMsgr66_iO6UF-4RDsYUFGFDLNqrb4jmBLafP-QHVw9A_Y8ZMMxIaRDQJB8ha4PuEbyKQG3yUzGlK646mBuHhSutDE-qD_7kxXL3hiWfurMyUzRUlIM-mcS4InxDHlQ1393tcmNVMUssWUxuunilKNy2DEbyV5MNH_9fxy4ZDTFhbZELlw6Bd5YHvTfTNLjM-Xt-jc2auu_qNa_UQsz0085fmrp9xPKgt3cckOfb1eaARnIccpk-eJo7mZbsKKTpxsdAvgDQZgz9IpRJ-PFCm8x_f1ey834hgvix7jugAfdO8RXbogYwZwsTEl-0vrsYiKr0ppg6UwO388uUQFf5-iN89QzrmS5T5f4U7JSq0eoL1VF4hMR8huDX_gZN3mxpKfeflk8IqU3uXZCn99a2sHOgDVsHqTmvwSccj4GXRXZ2eAauVf8UOAUfsqU3nxs6MIpOv6xqD2vmqXYZrEK2e0Hw7mo0hA5egkrf_-uA5obmboK9dtMmuR4RLEd728GWsia6gc3arMXM-qa_JkjVhAKZGjwJ9UEeChzJmcK1oO7RN0MbP-ORgISraHZMhPx6jReHy2SnGwaoOX6w-tqO2ytolmuDVsCmmKdFNFBxO7DNELdak1hMaYDNe11tUIdtZBfFeYKUwp8Yks-FSpDSZ8gC1p59HuxodTOadXszBO_41qPeDMB2Wk7p104y-ZAqfBCyhLmKPkrJ6zeofOTUd_IpMOzpOnXVrwkwET4GdiOOcuC_xuw0wNfkpJN-ajZRonl71TDAVa7OIH0m0T6MrbPsb3tGy1ENR2VxzwMZJB43R20Mw2asfN5S-iwppFe7HX6rMLFrSBg4de8Jsx1SB9yU4ojsmVQ_BOE0mvq9ofrukxXCcUpsyJ5pgZ7ZbbkoK1cw4ZQo1Uq2RVN6xJE9GCMJsAVXzInd6h_XqxI5aV9fd1Qa5VMIP6gOdxfQzym0AjRsoTyR0cVjvt97pGOQX43CCTEYhQYs1_Ae5TTxFSGGhP5MzzDWDTCeKl2cIfK2W2vri1eOUzhSK8xtywKnpy5TXfAVn8DhB7667GNgdgxt80hAEbHqAQ3Ex3adpZ4uP9wDxm9QCTJV2SBTSfwhRWWkewvh0P4WLMYIkmwfo6N0ac_6VNciJMUjJX4nrGcP04a79G3lWo7xpXgbMDz3le5ZonvZwgayXSGOM9Q_DmEOCT4zY5oNnLUnV5UuVXYA27IFck_dB6v_HxNfytDuEPqjZELrUH3ZT5bRBpLuHYBX0Ea-resQjQsA6djoJbE9j5qXksKoC-AnfCaic6A6yTPRef0HNp4kQgjdyzI1MNvN4sx6FYtcejMQTTq_mfmOQo5pvsDEgfCBwlT9wFdpnmeNeahBxsot3HWf3Pz_fHX9MDWXNiRLbQ_PaqjChZ2uai7Ao_TZy3Vkj29mwKuEx3wHPMIBnGEARXEQF3hZsqsgMapH65ldUHb2XyfGF0g3mH1H0ZfvhK69ZTkxjtI5CaQocobqdy7d577VKwoZjG-sh3bfrj5SnNIBjUhvjK-XpLykWDqPFYd75z52DIoERFTXlhWCvuNsYLqKpm3VPtpdV_AUfBMyHzvFY0nF36j6RFTlTcwtzcY0bvVgwM9NZQ3ZDmCLw5FjVM8e52oNVr_xf-M85bmtvWRATXy3uzujlLBzL2rgMntfBGSYn85P-z2JxOCe_X9Sr8IVbQtqeOZLZ0ElfOu5WIhSQwZ8W5Iu3YB-phziSMYktqwVFoWnsz_v0PAGlZ4sVHLSCCcGXPJQ8Iwdl6IRF3nn4O8VHttua6WJ0hR_O7DZOFnRVwrPGF9SP1Wv8-IDy_6qP1ItqHcWo3pJ1lsuxQaDTmuqF45GWNIm1N02SPmv7HLVamw-ZGMVAHDIFWFqjN4M863PdItYK14CcKPUwQIlP3kiqMZ-7DkAIHtt0emfEyyriINJSHSx9Oplx9q6YEoCzWemgN0PgsT4MmQOkSoWHUayHqXx2odEMynGEhDhno8adsKNjeB0jtP13e4mLLtYhrxDa-Lu1OL6J4qV6Sd0f61piYWh_4FlIUaoUMBzT7-NoyJhe56Wcmk-ALwFKOuiVsyoto0S5o-vjnwhPeQ4cSjt5urpoxnsBoNPi6M7rM3FkJbgDNntFu39IZEhlMdn-Wr_FH4TrZhthMr2nXFx64WMnKWrgpryNN0SJ0SDojWfgIdCoJwIf44-UWwaACFl6oORK-siWwxgKQdk6ZdDRTzJ4okgCs7cT6kjydTqpEJSZOQ-vYV88w_vNkwpjyrzoS0Z8efVDNzECJ4vNeytZslnRZ3p4aNBKwq4sy-xC6bfyUpwQRc3bB5IBKfPoR8BNZzCbPNhFha9wuYX-PmtpsLAzVGFbzDvfnZ-M3tMyOmoTuYTV2SbAcFw1rCjUU57p7PHz8gzh4iWU7MMEbI7ReaFYjgCS_MWhZZ_1tXIfTjuNEHHNRQpD7UDxYI5dL-0ppniV-SC4onSxHgE6M3e5bGEnX7l-ZQIP84LOC30aENu3BtUWXYufvpmjiJ_hFqKc6S_cvm_TpOCe_xt0-7h80WlJBcQNlIgCSNAxqa_qjr54BDxR6IRu1pi5ECqZrCNSG3gNVKOw6EUtLzHYrfnlw1J9MInmhnrVKwrQnOv4Oz4v&cid=CAQSOwBygQiD0t3ORJh3Rh-EiSSZbnUFiyetoazrPXywQZ0yIaHhLuM1osKi5EJebQG5hzizklDK_EPAi0k9GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ds=l&xdt=1&iif=1&cor=10987406926177438000&adk=2766597781&idt=175&cac=0&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:20:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2606
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 5499578052516643378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:20:19 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/ Frame A9D7 29 KB
11 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230615/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6977ce9520f2f65449534c21693dc8ffe2b30b3237f2eef6838d6dfc38187e31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:23:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11383
x-xss-protection: 0
server: cafe
etag: 11247298741758554759
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 16:23:27 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A9D7 41 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97870
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 13:52:35 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 58A2 17 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 17:03:45 GMT

GET
H2 200 track
st.pubmatic.com/ Frame CE51 0
91 B 99ms
21ms Image
text/plain 185.64.190.89
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1687367026&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H3 200 03032023-031527533-1940_500_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
s0.2mdn.net/4528404/ Frame 6003 50 KB
51 KB 8ms
8ms Image
image/gif 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031527533-1940_500_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

870e64a4fd7176773074b9807542d0a03175666ca0dc0d7b07c96479730bdc95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=93KdxgAicU&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 11:55:19 GMT
x-content-type-options: nosniff
age: 18506
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51681
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 11:55:19 GMT

GET
H3 200 03032023-031531062-1940_500_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png
s0.2mdn.net/4528404/ Frame 6003 89 KB
89 KB 10ms
10ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031531062-1940_500_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f49cc78249ddb5132767edc0c172fa8f6619918fcc1c09f325fa7776fdce799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=93KdxgAicU&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 11:55:18 GMT
x-content-type-options: nosniff
age: 18507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91120
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 11:55:18 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame CEAF 16 B
209 B 79ms
78ms Fetch
application/json 52.56.247.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.56.247.104 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-56-247-104.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Jun 2023 17:03:45 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 106ms
22ms Preflight 52.56.247.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.247.104 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-247-104.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 21 Jun 2023 17:03:45 GMT
server: nginx

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CEAF 0
20 B 45ms
43ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7325000046683&version=m202301230201&ct=77&x=1&cor=2923338633576930000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0A4A 1 KB
643 B 9ms
8ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13475
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 13:19:10 GMT
etag: 48472445140208031
expires: Thu, 22 Jun 2023 13:19:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A9D7 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b68f94b247bdf17c5553b793534de4090357dc45268ddc559ad9e7b2c1960356

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A6A2 17 KB
6 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 17:03:45 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5632 17 KB
6 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 17:03:45 GMT

GET
H3 200 congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame 58A2 98 KB
98 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:01:39 GMT
x-content-type-options: nosniff
age: 126
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100772
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 09:13:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Jun 2023 17:16:39 GMT

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 58A2 57 KB
57 KB 12ms
12ms Font
font/woff 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:52:59 GMT
x-content-type-options: nosniff
age: 646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Jun 2023 17:07:59 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 298D 0
857 B 16ms
15ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:45 GMT
AN-X-Request-Uuid: 0f5f68b4-bbe2-4b6d-a47f-096199eed096
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6349 0
857 B 15ms
14ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:45 GMT
AN-X-Request-Uuid: 3e71aeaf-7505-4b29-884e-fd0014ccd82a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame A6A2 98 KB
98 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:01:39 GMT
x-content-type-options: nosniff
age: 126
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100772
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 09:13:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Jun 2023 17:16:39 GMT

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame A6A2 57 KB
57 KB 13ms
7ms Font
font/woff 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:52:59 GMT
x-content-type-options: nosniff
age: 646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Jun 2023 17:07:59 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame AFB4 0
857 B 20ms
14ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:46 GMT
AN-X-Request-Uuid: 7ab5c3eb-67de-49ee-b659-6b9d7eb9fbc7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame 5632 98 KB
98 KB 11ms
9ms Font
font/woff2 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:01:39 GMT
x-content-type-options: nosniff
age: 126
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100772
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 09:13:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Jun 2023 17:16:39 GMT

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 5632 57 KB
57 KB 11ms
9ms Font
font/woff 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:52:59 GMT
x-content-type-options: nosniff
age: 646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Jun 2023 17:07:59 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B420 0
857 B 19ms
17ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:46 GMT
AN-X-Request-Uuid: 4e2d535a-f1bd-4113-b470-0a733dd27e45
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 03032023-031527533-1940_500_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
s0.2mdn.net/4528404/ Frame 6003 50 KB
51 KB 11ms
10ms Image
image/gif 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031527533-1940_500_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

870e64a4fd7176773074b9807542d0a03175666ca0dc0d7b07c96479730bdc95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=93KdxgAicU&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 11:55:19 GMT
x-content-type-options: nosniff
age: 18507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51681
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 11:55:19 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 808B 0
857 B 14ms
13ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:46 GMT
AN-X-Request-Uuid: fec40cd1-a616-48f6-8ad7-843b0c7ef56a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
st.pubmatic.com/ Frame BA5B 0
49 B 21ms
19ms Image
text/plain 185.64.190.89
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1687367024&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 i
vid-io-sin.springserve.com/vd/ Frame BA5B 43 B
206 B 643ms
208ms Image
image/gif 18.138.182.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-sin.springserve.com/vd/i?suuid=d1761447&ps_id=356921&event=js_opportunity&time_on_page=3&num_bq_pt=1&num_dt_pt=1&timestamp=1687367026034&ip=146.20.129.46&_disyn=1&ssid=3251c2f9-f664-43fa-b48f-51488a39c096.1687367022781&uuid=d1761447-5e57-435d-b13f-580349fb1965&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&did=d3ba4734-49f0-3f9e-5b17-740c918b2010&_rcc=bs.111772_vp.110514&d=correiodopovo.com.br&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&a_cc=s.356921&d_m=www.correiodopovo.com.br&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=1626457
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.138.182.210 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-138-182-210.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 17:03:46 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 i
vid-io-cle.springserve.com/vd/ Frame BA5B 43 B
206 B 535ms
168ms Image
image/gif 35.160.227.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-cle.springserve.com/vd/i?suuid=d1761447&ps_id=356921&event=cm_js_demand_req_resp&a_cc=s.356921-d.437974&dtidx=1&cc_i=0&response_time=174&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=1&timestamp=1687367026034&ip=146.20.129.46&_disyn=1&ssid=3251c2f9-f664-43fa-b48f-51488a39c096.1687367022781&uuid=d1761447-5e57-435d-b13f-580349fb1965&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&did=d3ba4734-49f0-3f9e-5b17-740c918b2010&_rcc=bs.111772_vp.110514&d=correiodopovo.com.br&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=www.correiodopovo.com.br&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=4857431
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.160.227.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-227-216.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 17:03:46 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 i
vid-io-iad.springserve.com/vd/ Frame BA5B 43 B
205 B 316ms
100ms Image
image/gif 54.205.191.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-iad.springserve.com/vd/i?suuid=d1761447&ps_id=356921&event=js_demand_opportunity&a_cc=s.356921-d.437974&dtidx=1&cc_i=0&response_time=1&creative_type=JS_VPAID&_t1=1&timestamp=1687367026034&ip=146.20.129.46&_disyn=1&ssid=3251c2f9-f664-43fa-b48f-51488a39c096.1687367022781&uuid=d1761447-5e57-435d-b13f-580349fb1965&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&did=d3ba4734-49f0-3f9e-5b17-740c918b2010&_rcc=bs.111772_vp.110514&d=correiodopovo.com.br&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=www.correiodopovo.com.br&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=9660546
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-191-114.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 17:03:46 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 i
vid-io-iad.springserve.com/vd/ Frame BA5B 43 B
205 B 320ms
105ms Image
image/gif 54.205.191.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-iad.springserve.com/vd/i?suuid=d1761447&ps_id=356921&event=js_demand_error&a_cc=s.356921-d.437974&dtidx=1&cc_i=0&response_time=1869&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=1&timestamp=1687367026034&ip=146.20.129.46&_disyn=1&ssid=3251c2f9-f664-43fa-b48f-51488a39c096.1687367022781&uuid=d1761447-5e57-435d-b13f-580349fb1965&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&did=d3ba4734-49f0-3f9e-5b17-740c918b2010&_rcc=bs.111772_vp.110514&d=correiodopovo.com.br&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=www.correiodopovo.com.br&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=8808272
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-191-114.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 17:03:46 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 i
vid-io-iad.springserve.com/vd/ Frame BA5B 43 B
206 B 315ms
99ms Image
image/gif 54.205.191.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-iad.springserve.com/vd/i?suuid=d1761447&ps_id=356921&event=js_supply_error&time_on_page=2045&reason=NO_FILL&timeout=false&timestamp=1687367026034&ip=146.20.129.46&_disyn=1&ssid=3251c2f9-f664-43fa-b48f-51488a39c096.1687367022781&uuid=d1761447-5e57-435d-b13f-580349fb1965&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&did=d3ba4734-49f0-3f9e-5b17-740c918b2010&_rcc=bs.111772_vp.110514&d=correiodopovo.com.br&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&a_cc=s.356921&d_m=www.correiodopovo.com.br&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=6907694
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-191-114.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 17:03:46 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5358810056708269933/ Frame D278 15 KB
2 KB 23ms
22ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=05DiAdvTqZ&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e00636ae85753830f398b2024f479648576821eb66d1d5dc0955b120e60cf2c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2269
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:46 GMT
expires: Thu, 20 Jun 2024 17:03:46 GMT
last-modified: Thu, 16 Feb 2023 16:32:29 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A9D7 0
0 52ms
51ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuj1zH4b088g8CmChYemuBn0CTUoXnEfOQkHH8GCuDzvFyDSAhwdRKoff5DM7vKRazK2NRlLgR_g3KZjaG_DEtBoj_qC0GRHEPOiDHhBfgoo28AdLJwrH12Z5HNZqctkdJC30EhnCPdT2b85li2H-7cqi6R0qP87vN1-Kaha5thLo_LCCQdSBBJrCzigk7BMCLy00Rhoytf-j4rUkZsAyovSQ7TtKr1WUUJE4BCE3K7ZOkZLUqIJuLfoc4rdZCAJ7idijnZYcG-kaOSuxOYqsn_L9MnZDvGw_x35wQJ113rsyfpzhPRhmOwNe0pER0m2xHzFpEL47ZPSFQdtL-Vime31OEqqG6y4p_Ul-OSMeZUmGNJGO90wjf-tKFy4IaBagmfKP13WQfpQSnj5OVECvy3QAs1-xQT_pPqwn9bIaFawGzym5TbK9HdF7CtPv0iRpyPacxKzauG5I61jJKpIDeaBC36ElCZa_l288BVQqufDlnO4qEV3hIg6eJtzb9TqnOJaNHSTryc3AWkxfUWRoDKF9e4_RmNYWMMOs4CCJsDt6e4rgE03fUOVd4GKqdk2Pvfz6YgsOOZD-HeHVSrCr1CPb0Bf_lgci_rHJLe5tUDTa7rEtVV-2CMgRi6d_t6Vm1O88b3jNQJDxiycCKR32wkjJLlC-MmqK9UkwSNSEuVENi7UA8u4Gpytp63ByUM38ApICWWDXcfEpPySWymRJJ9ZTuCkgkvdoPcxXP0KPT_m1UVpLg-JyVUekZCU7hkZCnC4HsMfpKp3Hkm4N-OQPEInR0EJGPAIJWf7h43m05IzCaao4xmrbCOrfCn96ksfuhP3mj9_X0f7qG1SNwDYvQBa-rew7MMK0aC5HAWfKQrfd9GBrLqEng1GucUJziTypCVHB0jFLpvZCZtHoV8cZvr5kntBNR1fgV-ub0vSobQqf6SOPuIqfyF9xa2o-2GQKmxYS_K9y4ycaMMW4nASmsID7S9AEwtsvq-Wn5HJ8fGt7W_HKf6646VSbMQyNphgdAzEnO5vjAvxuT9BCYQ52hYm_7LXqyH3lKdAu9yMj6iAazbvpS91DbkB1x-hKMimV3WMR1G8gDyE0_HJVJb179waT5VS2I84s-O0AfMEFn839zXo5U5-1c-mZRle42eapy4Ua5B8Ioof37tYgNJbZrj4pFwCQgTYxM3gHfVVcjC9TzEqMEUjazrB5niO-tMN4D4rBn93ehOt36yDlMPpYrkD5RS4lL96OSOuecn2u4q387UqobHBubqyMJvw2LAcf6tg2MlL4PQimE62nmLH_Dfuk3X1giFWf5r_hL1168TzOrghJ5-zSLgFkPh3IH71cMnJVQTCODrWU3p8wTzbUPl7520Cnnel99boAdtMV200WLIo24iYgY2Wkrpw3AW80WulWlb6TFMChothUw4L8ABXNnaCFI6qrwB2gk925OgUd408_38Bp67cgkc5-0&sai=AMfl-YTh8aFoH89-BdZMRsSjmm7zm8FSxzgar8VZtq94xb9TKW5oQsWkt1f6C_Qqi63mKSEXLv9MfaQ69UJuT18_TbkdEN883NMr6LhSCKr3DfyNvKn4KTfmXQa5fny7-XOBmhHEqj8krLZK9mU2PaZXAs94IUEbhwXJ31YI4cOBkFQ_XQI-CdG_U0EUYwXKXD1kA_veqz_eH67tXjx2wWx9PBtP8EWvF7W7H8VZy9WFkJWhSkTnk6FSo4YlEz5O4gkHW1jT&sig=Cg0ArKJSzEufjay-fTgoEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=345&cbvp=1&cstd=338&cisv=r20230615.50058&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Jun 2023 17:03:46 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:03:46 GMT

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 5486 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 11:36:49 GMT

GET
H2 200 i.match
a.tribalfusion.com/ Frame 0A4A 43 B
422 B 332ms
329ms Image
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESELXZVmsRu4mj52D_ui3BVVc&google_cver=1&google_push=ATf1kGPsk_jhssr9mGbV-ddhHn4aCWIFy7px5aWRWzcGTfiQ9uE6DUhy0l1CQL1vLpZFUAPHgmO4Vz822s1agHKFA_7yphnbyZ_g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPsk_jhssr9mGbV-ddhHn4aCWIFy7px5aWRWzcGTfiQ9uE6DUhy0l1CQL1vLpZFUAPHgmO4Vz822s1agHKFA_7yphnbyZ_g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7dadd3a9ae249b40-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0A4A
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMb1NcJIYREwfFoYEmulgvQ&google_cver=1&google_push=ATf1kGPOG5GsdmcGYmNgn5j1WcqPpNpHIJsMd3ksI-QwJ_8rbRoqU724ROn-2TotJ3A6hb7WjuvMUWawVvKaAOAaVsbXZZqCBRs
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D591207245924888BE3C3131620A3141&google_push=ATf1kGPOG5GsdmcGYmNgn5j1WcqPpNpHIJsMd3ksI-QwJ_8rbRoqU724ROn-2TotJ3A6hb7WjuvMUWawVvKaAOA...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D591207245924888BE3C3131620A3141&google_push=ATf1kGPOG5GsdmcGYmNgn5j1WcqPpNpHIJsMd3ksI-QwJ_8rbRoqU724ROn-2TotJ3A6hb7WjuvMUWawVvKaAOAaVsbXZZqCBRs

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 21 Jun 2023 17:03:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D591207245924888BE3C3131620A3141&google_push=ATf1kGPOG5GsdmcGYmNgn5j1WcqPpNpHIJsMd3ksI-QwJ_8rbRoqU724ROn-2TotJ3A6hb7WjuvMUWawVvKaAOAaVsbXZZqCBRs
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 20 Jun 2023 17:03:46 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0A4A
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBqpnT9kdfGp_VghZQkqYF8&google_cver=1&google_push=ATf1kGMHTL27M1ztyR65e0AI06G-wZyeIAf9EdBhOGwWlkS9ougHLBDvzfB4m1knI0EylqS5e4hUrhrLG9Ge12...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NzE4NjE4NDQzOTc4OTcxNA%3D%3D&google_push=ATf1kGMHTL27M1ztyR65e0AI06G-wZyeIAf9EdBhOGwWlkS9ougHLBDvzfB4m1knI0EylqS5e4hUrhrLG9Ge1248Ez...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NzE4NjE4NDQzOTc4OTcxNA%3D%3D&google_push=ATf1kGMHTL27M1ztyR65e0AI06G-wZyeIAf9EdBhOGwWlkS9ougHLBDvzfB4m1knI0EylqS5e4hUrhrLG9Ge1248EzxQNCdjxtbwmw

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NzE4NjE4NDQzOTc4OTcxNA%3D%3D&google_push=ATf1kGMHTL27M1ztyR65e0AI06G-wZyeIAf9EdBhOGwWlkS9ougHLBDvzfB4m1knI0EylqS5e4hUrhrLG9Ge1248EzxQNCdjxtbwmw
Date: Wed, 21 Jun 2023 17:03:46 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 0A4A 43 B
362 B 19ms
17ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEO-Hd48ppjBhZ8X2UhOE6Ps&google_cver=1&google_push=ATf1kGNHouXmkl5kLf5ZYjW113uEaJm_RtY6rgq8U9Bl_gnXt9a6_YMXBeFBzTFvvO_LKzvIdJotLn434-13EAUo1j2TMN6BhWLi

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:45 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 201114
expires: Wed, 21 Jun 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0A4A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHHMxPNoYChs4YykgtniO9w&google_cver=1&google_push=ATf1kGPAQ56QcxqwjUwEPEzxa8enM5isbz8asOcMqZ-ZnRjnlZsDBmr_pld33wUf3rIrNeDwzDW...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEo1WVJBMU0tMUUtM1BWVA==&google_push=ATf1kGPAQ56QcxqwjUwEPEzxa8enM5isbz8asOcMqZ-ZnRjnlZsDBmr_pld33wUf3rIrNeDwzDWpCVAO8CMAC7Qu9_YrWuSXKN9KZw

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEo1WVJBMU0tMUUtM1BWVA==&google_push=ATf1kGPAQ56QcxqwjUwEPEzxa8enM5isbz8asOcMqZ-ZnRjnlZsDBmr_pld33wUf3rIrNeDwzDWpCVAO8CMAC7Qu9_YrWuSXKN9KZw

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEo1WVJBMU0tMUUtM1BWVA==&google_push=ATf1kGPAQ56QcxqwjUwEPEzxa8enM5isbz8asOcMqZ-ZnRjnlZsDBmr_pld33wUf3rIrNeDwzDWpCVAO8CMAC7Qu9_YrWuSXKN9KZw
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 0A4A 0
500 B 282ms
95ms Image
text/plain 69.166.1.12
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DATf1kGM27dWKWkdLX8Xb75Z3ilGZvKhUDHbxZphBHlzSOoFbHAUylOCt-X5IOEzrN6AKEUVlTZBE_kJnUsFC01Ko13WuzIzqXyhgeg%26google_hm%3D%5BUID%5D&google_gid=CAESEOOvXDibeQQEzjm4o_d4Yl8&google_cver=1

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:46 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-198
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0A4A
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJSglx82KMpXnxf6iUzMhWA&google_cver=1&google_push=ATf1kGPC3cpTPqP244cyb9lR3u0IZehoiMCS_hYpiaj_dp1AxmXZz2RnoyMgPWtl0nubRRfWlbDJgZyUQ_Vgfq-f...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGPC3cpTPqP244cyb9lR3u0IZehoiMCS_hYpiaj_dp1AxmXZz2RnoyMgPWtl0nubRRfWlbDJgZyUQ_Vgfq-fNNLczBGp0Vx1HA

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGPC3cpTPqP244cyb9lR3u0IZehoiMCS_hYpiaj_dp1AxmXZz2RnoyMgPWtl0nubRRfWlbDJgZyUQ_Vgfq-fNNLczBGp0Vx1HA

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 21 Jun 2023 17:03:46 GMT
via: 1.1 dc18e61b7558d5d9f4d1852820b02a16.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: CDG50-P4
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGPC3cpTPqP244cyb9lR3u0IZehoiMCS_hYpiaj_dp1AxmXZz2RnoyMgPWtl0nubRRfWlbDJgZyUQ_Vgfq-fNNLczBGp0Vx1HA
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: UNo8xAduX49sRnOtBs9dKgNI1FUZtzEigDn6Sm5fRxm1E-tzSfj3CA==

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0A4A 0
12 B 17ms
15ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KoQECT5Rjn8mcxiZym-1y53EuxSLRnB0_9fw8wrHYEkX5EIJauec7cVO7EMwtHJuJH0zAP

Requested by

Host: 0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
URL: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2EA9 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3851251006634&version=m202301230201&ct=76&x=1&cor=7374407698534579000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1676550659977.css
s0.2mdn.net/sadbundle/5358810056708269933/ Frame D278 8 KB
2 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=05DiAdvTqZ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c29d3cfbb333f3612e8d9c53c25176c80cda8c3e3a1767c5e3d2875395fe749c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=05DiAdvTqZ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343453
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2325
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:32:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 16 Jun 2024 17:39:33 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame D278 118 KB
40 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=05DiAdvTqZ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=05DiAdvTqZ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23245
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 10:36:21 GMT

GET
H3 200 1676550659977.js Show response
s0.2mdn.net/sadbundle/5358810056708269933/ Frame D278 20 KB
5 KB 10ms
9ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=05DiAdvTqZ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=05DiAdvTqZ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 11:56:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18424
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5491
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:32:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jun 2024 11:56:42 GMT

GET
H3 200 03032023-031527533-1940_500_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
s0.2mdn.net/4528404/ Frame 58A2 50 KB
51 KB 8ms
8ms Image
image/gif 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031527533-1940_500_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

870e64a4fd7176773074b9807542d0a03175666ca0dc0d7b07c96479730bdc95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=y1rcCyjlwO&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 11:55:19 GMT
x-content-type-options: nosniff
age: 18507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51681
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 11:55:19 GMT

GET
H3 200 03032023-031531062-1940_500_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png
s0.2mdn.net/4528404/ Frame 58A2 89 KB
89 KB 9ms
9ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031531062-1940_500_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f49cc78249ddb5132767edc0c172fa8f6619918fcc1c09f325fa7776fdce799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=y1rcCyjlwO&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 11:55:18 GMT
x-content-type-options: nosniff
age: 18508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91120
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 11:55:18 GMT

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 16A1 37 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 11:36:49 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CBC0 22 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 97839
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 13:53:07 GMT
expires: Wed, 19 Jun 2024 13:53:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 0239 37 KB
14 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 11:36:49 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 53F8 0
20 B 46ms
46ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSTwtbi2TZK6tFeGRjuwPpM2U8AIAAAAAOAHgBAI&bg=!ISKlInbNAAaGYqkwpmI7ADkAdvg8WkiSo2Jn3Ur95BkM8nZqwQWl3SJIs5BcRchnO8YAQxIR_mKIh0WcWIW_cUBk4muDbpr15bACAAAFxlIAAAAEaAEHmQM8_GVUhsXwCMatLY-gC4xFr9mVCHB5S6dGVThPMB7_xVWOJGqRsWiAegRS2jrNQCwx7Xks6Meg_rOz9jTZNWC9eYtGzjBa8g7aSNpzwsuUdDZn8r5onKEfJdN6FGVGiCD4WxkQWrVSTq8fxLh5sb_5jEov34qCET9iGRYr0GaqLug50gtfL1r8HVk0rsoGQRDA5Fddvj0MEDh_01JAvsf3tHNePDU-A_WbQtFStU8ExToT8Dy37ptKC1WWNuYFLnnUpB1vOwwKL26_6xwdGGWoYAKYMzHjts8LMeuim0L6Zax7tTK9U_zs_Ozw6dJw9j5B_hg486zw9RRJwqC_x0c1HoqSTRQShcIsbI9v01ai4efAG8N3nKFrLuQjr78bneeUjly9FMvC8Y7xj8KQ4bZBbeJgYQsdb1_OXH04dLWZhgkD441CgRyqV_5j_LzD0yogZZa6-YMhRhixzQOFjtp4HKeGoMfRc29ZM0j0RUo3sllseCDATEbo6M34-sjfb2OfAbsQ4LC21Nl2phES4yIiE1rIg-6pRKoASoSVZF6QYDjFgMho-VAJ18MI92X6u0kfK2AMsU7pj67Jw2osq11qNLTv-RtptYQL8rMTYJlG6GzTneg_r0fiMC_Fx6ErkJIRVNqK5to-KDjLm7C30SGm3rS9xu8iRNv8Fxk8BlnRIE3yyOz1dB4nyKskmddll28k_fCcdR8Dt-WEfBTD0aoOdACfDcNVbPwHZb_q_4NM3J99yd-SouEiC71LzIdJ6VtwyHgM_B4u9bZkfY_F56uIsrBI2N3YUiwzKvXqK433DSHZNvuX-Bsr2HVLVNQfOSdUSBYLE7q35DjRNxHraJOYx882EAFSQQg6INxqt6IfCa7yVrDwtoSMkj3EmEh4NsWEMRr5dK1csdjAcm0gWiPi2WAc-xeqI2XumZ8ld0e5zeK9MDjHx2yS_PeJAMWWZ0xJahD5DHqGa_eCt9cYvsocZ3GcvJ1CDGqe2II6DgajA6ESwT75MsYI7HToVd-1mimZzhlj2V1jA5awK1a-3Cp-xuNy6hAza9L0WOTYhUTWXLBVXDMdCByBnwKTbJn8nY135rChjhVfUFLu8R8w

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B9E 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=220885799814&version=m202301230201&ct=76&x=1&cor=6877162342574948000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C4B6 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9686073701928&version=m202301230201&ct=76&x=1&cor=636309029302438300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 03032023-031527533-1940_500_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
s0.2mdn.net/4528404/ Frame A6A2 50 KB
51 KB 8ms
7ms Image
image/gif 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031527533-1940_500_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

870e64a4fd7176773074b9807542d0a03175666ca0dc0d7b07c96479730bdc95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=QO2mJ3msF6&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 11:55:19 GMT
x-content-type-options: nosniff
age: 18507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51681
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 11:55:19 GMT

GET
H3 200 03032023-031531062-1940_500_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png
s0.2mdn.net/4528404/ Frame A6A2 89 KB
89 KB 9ms
8ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031531062-1940_500_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f49cc78249ddb5132767edc0c172fa8f6619918fcc1c09f325fa7776fdce799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=QO2mJ3msF6&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 11:55:18 GMT
x-content-type-options: nosniff
age: 18508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91120
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 11:55:18 GMT

GET
H3 200 03032023-031527533-1940_500_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
s0.2mdn.net/4528404/ Frame 5632 50 KB
51 KB 9ms
9ms Image
image/gif 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031527533-1940_500_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

870e64a4fd7176773074b9807542d0a03175666ca0dc0d7b07c96479730bdc95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=98lqtTCVOC&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 11:55:19 GMT
x-content-type-options: nosniff
age: 18507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51681
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 11:55:19 GMT

GET
H3 200 03032023-031531062-1940_500_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png
s0.2mdn.net/4528404/ Frame 5632 89 KB
89 KB 10ms
10ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031531062-1940_500_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f49cc78249ddb5132767edc0c172fa8f6619918fcc1c09f325fa7776fdce799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=98lqtTCVOC&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 11:55:18 GMT
x-content-type-options: nosniff
age: 18508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91120
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 11:55:18 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4DF5 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BG0g7bi2TZNm3PIne3wOIsqOoCgAAAAA4AeAEAg&bg=!LyylLHjNAAaGYqkwpmI7ADkAdvg8WlbMBT-yQRuhCPTVwvEvhfUmdEu9Bk7Ctz0IjPjCKqeaxy2_HEG8QpV30Fv1qJitmLFM13ECAAAFV1IAAAADaAEHmQM9BYGcTqZ7kT5SVAJtgLKpuiGxr5fCIuOsl-o9q_w_KJGOgPOLFbV0Z5jA4jMzLHevQ68mUvt3WCtUGSUIPijMkf0s7VXi5w73GjHIS7SXtO7k09IwPcn9hrqkbWXI41L9bZq-aQcYW_GE9AAlkaL9bYBMTFUL82aOr3dX8zytDAeavlYOBJSINIFaYfUI4kHcbMT69OrPBpnenxyqdgg6AeP9phlXDfI256kx5FIE1rlB2ixbcdhUmuRLftW7YbnH4sW_T_ofzy2GFShnAdj7jIzkXt3Mke20W7jUh3lJOHFEQZRqTWDp-2Sdg0hW3ewc3NQo9Xc9mQhTcCEe5Ek9_uvLPyW2DX4mvRx5e5JqvsypMrEQNn08ghHdXA4VhR1nxoq1iKhV9hdFgLjAclNxLlcqc0I2VcgrfM3yUAn0-_dTSE5MYuOZn_CSnMjFVKA9KNTkodmplLxedGEKNuQLzNVXAmF6VpMzj6HIaEk91DHvZLgYpDKiveo0w2iWK--PGP--0dlrPOH9LWtiaterdtXMutwlmlpDx5iZoYkQvDQgNIAIxVLe37qYAlvhG9hWw2hXJEiNvEwDbye_2dI-rbqDbK2alsoqk0NBqp5CV3esGAWacaYWEJyYyrBPJiist5v3Ej00I8odhMTVTXdclC9QHabdyHvWU17RwnYsvO0I9agSPSF2G_9RUiuJHBXMK8XlyxWaf-dpbEvuBvkjuyZqklpvqJ58u6Swt5z7GDZ0jRyKjCMAxSHN5-aLyz5syccnwuol39UdfyMYPdqFJGIcXPWr4FG1XB_p58r-s4uyYx0wTN8qf_rK4j5tVB503oCBoHQOPSriv6ZxZ5V3H88k5181kHoW21zaByALi_r0iBBd8wdi1C5ivIqNCQsyu-bep7j8cMwNCDYPDrNiVKj7_9QshBsT7cAEBt7UCoqbhUw_vjux4-w7pb-DhubUj9j4oma2AnAZRSQO_MIe8biLP7BdqK84sXvuoEJk1_ds8FRLFCWeYDzGEsO0V77SLG51DNHFmvGI_nz5WI4TrOGOPSoLpZ69nZNWjc63u2RhaWuhp3Tid5EM4ZqTKY7zFs2yYlQHhCiM6yY--g

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C280 0
20 B 46ms
45ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B21c5bi2TZMrTPMK-gAeZg7hQAAAAADgB4AQC&bg=!JySlJHDNAAaGYqkwpmI7ADkAdvg8WsHqvetYYf6o_QsSUrFKrGtYRk9ycAwC89nPRyCCpLc0eHjaq91eJAT5MbTz7p5EQR7A0p8CAAAFVFIAAAACaAEHmQM4GcD5SaVUfhLRwei6N8NNUlEbj76IcBtdzXE6ZZGc9KpBgmx8cv1faUMNesTAwU_4twWW_6n_cUJ_vyXgTi1dKEgso7U1kS7w1Z6xMWnKweRE3DF9WPPwTP-M6Bs3ohAgQeB025fwTlCFawXvJP_B-6q8r82BFU5CoJTultL6F73kA10qrAjWb-_9elgG3PhEDDXleji8JTFvmNWpi-blAG25It9eYtZQrVYb58PULTeTwDW2XvlBTtxGC08_JmloTARCl4bJqQzoaU1rEuWyJXHg0of4Z73mWjRPWcj72Q09uZnr0mFgWNfQXTZxnyREtJgVZceirsqgPP_EQy228mG9oqkgnDgDRxsDvQxKI4kCBQHIGgwEK5d4dJxAcEM-nuDiB_lrk3GeLGVHvXQcgWBmwc9OzH4-jSce70UKioCwKiCfOSc2A58T47Y0O1Yg6QPgXwXSrkkVLBwStdyY11IOFe-ao6RTW1FgB-oPYCUVF4COv97OyJdAvParipVum2qnTRyvFcqWi19FZhRrz-yvpaEBWBhkFSyXUi7hfCLdPczLqI3KdgXqP_KidfoLb8OnDq4LKHDC3DwfdhA26yaoeDSX3xwS4Y4JEx6wd2c8x0n-hwG1ToxX9QjJ4gs633oaVKocVPbckcXgUi34fIHjMHIOpKY-l3p3Ih38pLidcyhjgZzrbqij2i18s2SZUYR5crg-roOJayoPp-8am7wo1DIApSqZ3DOkamqKlCYwDjhFBsvmLPbKMo7_zMizCJz5_eGffy0EgBzv4L_-R1u2kjXZfZMiHL-QnJrm-nDiBPAjCXyDXOmv_o0jP7DBZhrr9Y2m4OVtzK2aryY4g0N4oiJoQfpa65nc78ynsDdAnp6nbIitJJRHydftDNpjFKGdLDwlMDkco_puWdzvMX2qNG9gzaJYMqY60PirVWkO42CeAkmAujqDOBbS-5afIVwFgWEYgK1PHSeTwKk3mn9UdmP-gEhprQfHMJoGnSrXXIUg3Jf82jGLfKrkPS2g10P4p3NI_kA4w3dgDTz9f_IQ4HXQiJ7nXdUoUZnRXLd3dAGZijsbiV70_c6R7n0KjuN39j_geCc

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 03032023-031527533-1940_500_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
s0.2mdn.net/4528404/ Frame 58A2 50 KB
51 KB 7ms
7ms Image
image/gif 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031527533-1940_500_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

870e64a4fd7176773074b9807542d0a03175666ca0dc0d7b07c96479730bdc95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=y1rcCyjlwO&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 11:55:19 GMT
x-content-type-options: nosniff
age: 18507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51681
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 11:55:19 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1666 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJ3hzbi2TZMirJOyk9u8Pq7yv8A8AAAAAOAHgBAI&bg=!HR6lHkrNAAaGYqkwpmI7ADkAdvg8WuTsSTitLqfTBslTZwLOm4MBfxmc5z5w3yfKv_adSv8jePV6cVwvRhIY5ldfHpp-FT1fnuQCAAAFs1IAAAACaAEHmQNLkObHB1kBA5GbxJN2tiK1V0rAjRKQqYs5lhgfk--FFa4FOOCK6cosZ4TILTy8rDpzcE_3JCjpN1FuqGKlwlz7qsBFJC9A3uWtHmg4DEWKMKXXHw96jxCdpWlyzq5IISK5GchEYKcpq0V0emmmPrqM13rko-Wr883bkUvBbvXXixV_yMc0YAHmrL9K6KCZzKN30ClGwgKyHLEESGbtyITr8IwPgUCGhZwsqlRlRUUNK3qPlWv3LY3meH9H0sE19bnNxpBRT5o30SbueXMT1ztplvuwLgA_WrhrzRw-dnJvaaAOAkFaI8UegSuZ4AwX5bOV4k96_xgY3-NI3FvgABHeolpHWRinG6-umiMdl3bFTHDbX4anPVQEvDAWwqd3n-ECTmeT344shJGbxKIQeFJiGH8T77G2-u3V9VdU9fM7n1SJAjHE0MihVJPwfi1FTJi-jQlHwlv0J3F-61u9Y0L67gbfgtYQP2LUL0_SYr-PzlxssbHPjxR17Etzj5GhHaQDb8a9kmGw1N11w0r_IdMl3ISwP3QjNJK40IvLrA-9Y_PICNYiSUiDhRHmfPaBvHGVEgNYmA4xJqGoM5vj8es2C_Rk_hsjaJ6AT0TtSSKbYUh2h5qn_R2wJMBEyZEsQUopkiBju2v9QBt3UWBaYvpO4vKcVknARpTR9wjBdpu646--zjrEa7QngUQw99M0aC7lQSFzgpx9iqWn5cTIW8BN2nt92Mptk29_W2DHh3Pjtnj9BuEnIYly9i29YILMOnSfCB-EohfdUEpceuXj_QwkktqjvfQLCSKVlG1zqTA_QOyp4cFMU1kD7iLHhRrfBbd7ZXE6Y5fx7Cws32x9hAjxDOp8PAYVnFrblBLBoKqVXQ5gm-U9iweBIHydbBhcCxhlCci_DHTo1ba7dxJImwWK9q0w3d-q3fq-WuYY2MCYA_7DILM4HK93U9F7PPE0VkxHQlm_J4VOvtr2Xi8EQlL_zpRD4T1rv_3kVg1nl65pIZctQwQERBvYvWsGrFlIf6SITVS8iOR5xoXYT9_Q4B488cr7I56Lz7CMwy-XpKz88-rJUSIAe9XoTGZokf58wzZzNCllozEo-4XueBxwXbWA5TsOk7TNgXbVH0dD

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5886 0
20 B 49ms
48ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BC_iNbi2TZLDeO9SjrAT7oZGoBgAAAAA4AeAEAg&bg=!gIOlg9fNAAaGYqkwpmI7ADkAdvg8Wu6PXclw4eHWx5sskopKbCJ_vhXEBQiQ9CVjcDkEYHEaClbHlkbGwi39C-bklHCQkj304kUCAAAFulIAAAACaAEHCgAmNbYm94FNGVFYwK9VqsU7mr74uKb4X4_cG6bAHj_wctP3npIT5A6ZAzNRfW7PttdmOfP5pWk0UGiA_TQFTNDpmPYH_v8rxcsnhtFVZe3BS9WhEnfov7H048WbKuZrhKF2btaFs6rNrgZaT0PEMxk_2KFfFNPboE02bZ9f0Zykmwe6cluMWW5HR3s7wVrlx-vLw-FpLvKqsiFJg0Dr1d9jo16EGCCfF7dEYqTsyfeDAYzaVUsjmGvVm3IqSPDtyDXJbDjIwDFEGOrd97DHxZSxfusck3x5sYQ3P7LVwNycsrb6oJVYRO5L_y1XFTbTIlKVarv9OsoAeNApvNHYXNfANq-E5tRcNAupF7Qw4jKG8cBeaYVx7u4S_h1Po6yV2ChYRBBb5qZHfbezYSY7vwPw3Y7HDYhL4gpvUUTVUblSgT6SL22SWSLU-AQRs4HTyvm-Ss0KIdTqsxJQsVOsFGOFnY4SElt6W-mddGAO9KH-hIrtxGoMfjDLdQ6bLrjRxu6GL7S5alx2le-KNUcetohKmOwxUDTggEw0Lk0PqKCtc6hcw6V4HYxaO1x5mrRr7LmSh1UWPgRY7fWGdrN2g9ehG9TwEjqaqWpyRuAr0nGfdofkeVDn40s5g_odLmr-o8oSiEXAOwPrSZyielGPVKDrtFLl2xDZm3MzHjBoWBzBxnRCQJXI6Dr_23Olg5-Dml1iizI5JIUGxQi5erwTEJAv7N00RkdO67ouBGp8LL58l7QjcD1YG4TB0zuIgaSr9XJ1yqly5I6jxE8z2Zpr1JXKoOZXWWWNR5G9aqlskrAO7AhyI1tiP7H7MBtVpskqjfvZIbonYevwADc1x70-W75t08SddOpeND_-kOGzziyMBsf9p9qGr4aWgzo1Ryp5bzyDxTDCyJ0fxmdiiKpAMb1Ub69neVDDQut2K3Da5HwaInWKMjAIzSjB5ZHhOqI1TDGjY1We3pa1HnkcAACBYTRrfshPwVmtYoz90WsPL6NMoYgcfJsLVa0jwuNKVmLlvoeDc57bZsZzVLhyZphpKuk_48VB62940KlTXAXmF4QSHk4QaHxVIEjpv7eIj8L4ylxYSJyD2YiO5X5QkJEVs-Xgl0UA5ZRdJyrBWx-tNEmmRXci4mgtf2UZv5fWjo4

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 03032023-031527533-1940_500_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
s0.2mdn.net/4528404/ Frame A6A2 50 KB
51 KB 8ms
8ms Image
image/gif 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031527533-1940_500_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

870e64a4fd7176773074b9807542d0a03175666ca0dc0d7b07c96479730bdc95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=QO2mJ3msF6&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 11:55:19 GMT
x-content-type-options: nosniff
age: 18507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51681
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 11:55:19 GMT

GET
H3 200 03032023-031527533-1940_500_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
s0.2mdn.net/4528404/ Frame 5632 50 KB
51 KB 12ms
11ms Image
image/gif 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031527533-1940_500_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

870e64a4fd7176773074b9807542d0a03175666ca0dc0d7b07c96479730bdc95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=98lqtTCVOC&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 11:55:19 GMT
x-content-type-options: nosniff
age: 18507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51681
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 11:55:19 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F72 0
20 B 45ms
41ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=701814311581&version=m202301230201&ct=77&x=1&cor=11001661722504872000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C65C 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7659768160298&version=m202301230201&ct=77&x=1&cor=6119218896691053000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5AEE 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2268345881629&version=m202301230201&ct=77&x=1&cor=9179555485740904000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1ABD 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5481996067979&version=m202301230201&ct=77&x=1&cor=1980630504628841200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A8E 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bl21Fby2TZK5kgebuA4WtiMgBAAAAADgB4AQC&bg=!jY6ljtrNAAaGYqkwpmI7ADkAdvg8WqOY-8OVLG2GR9QbTTq5Jx9xrCFoAXG9tLenQ9zi13dp2ubH26RMmaghoH2t2Uxky3SS2L4CAAAFn1IAAAACaAEHmQM5Ve54ptC_eFDjvkxKYdK87qGYIm556gM4raTMNCVR5U63u_Cw19k7GP88kBJ765wvrQsJgjme36EZxGq_ZhKJ0S6jE9lRTjDunFf-pAXF3V7CIJ250XaULpDvs5mwv3fhgETSyVGfmhzoI2IMoOL3aLFGGcVx_e6d9p_x0msid3-R5H20d9LVrqoqlArLS2WHjRR1bSpCrKnaOxwLmfVNgczi4s8qD023viGCzMGPGgkHrAYFuRsEBUQQ3mHj4JWmpEgPTk9Bp2uJZL-D53Ok_SoNvfkruguWU1gGTkC0gkjEzLo2xL7cYqk7yQKNtzrzRJX_3Ok_4dzAnBwYvTcn4ttJEYnm6cvefwwEwbv0-BoWY3wxcJWp5tO17xsEyqAd7xmVKoBwh2iBOfglpCm5kblM1RQnBYuwV-HjO3tdHkHU219eKTy-IiNPlAUJZwwrDSr3zs1ISegG55V5FmnC-hdcJfAjq49K6fj1vdLP1tXZ89iSIHZMgbgAx8DYjF4j_mpFsIxGZZTYEJ5Ga7eWOkVkOeBRFxWRr1m6nfZSd0d8ZuLS114J4mCuqsMJrRdahuvJ4QRVuf1f4AML4NTK4bSBoZMSeVRltGCkU2g5N_aPgNUXXB2Tb9e-yNJFj4NnIAoBuVAzrwDw0joEh2DK0c98srFLpS4hfocBWBeJJWzdgxiPN6MnBup6LUbjAZtU88J1g3waq6Po3IIssirvgHEPn2JXRtlsZHcGfwbNeKsbnaohSIuDQxqEgqy-Ox5eSvayVV6Dmkrb4JkmOGWcwHDWf-6gQj6uYIa-8_MymQ28AjD1_BLhSGbdINECmr54uDgthEeIg2qS3sBtACOQ9CCY8JOZiCL5Gou7hedDDNY-Wf1YxlKW2eutkI8u2WhrulHdjNnb_aCb1TxpJQ92AHQstjXTE9WtZngvKn4wyFpIjXS8xVVzim_X652CqPCu3zOz01Gpn-08JtYmxBoBfNKSxqyv6K7K9v5DfTcp4mxUmp1wO0U6FROnptJMUeNMurPDxBU1qRNkeRGHwV2y4pjVD9FxowGHVdasOnIZIs4ADiptfj5LhHL9-dtcs90qBzAIy-tp8BR4

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
208 B 123ms
123ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=v&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1687367026699&cb=0.15957979188885196&aa=horizontal

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7dadd3acea1e9128-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/5358810056708269933/ Frame D278 3 KB
1 KB 7ms
7ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5358810056708269933/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f88ad1b185e443ce4a39c76c65fa4b6f199c1521398535cc5452b19304d5f17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 17:20:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1359
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 16:32:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Jun 2024 17:20:33 GMT

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame CBC0 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 11:36:49 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A9D7 0
0 46ms
46ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuj1zH4b088g8CmChYemuBn0CTUoXnEfOQkHH8GCuDzvFyDSAhwdRKoff5DM7vKRazK2NRlLgR_g3KZjaG_DEtBoj_qC0GRHEPOiDHhBfgoo28AdLJwrH12Z5HNZqctkdJC30EhnCPdT2b85li2H-7cqi6R0qP87vN1-Kaha5thLo_LCCQdSBBJrCzigk7BMCLy00Rhoytf-j4rUkZsAyovSQ7TtKr1WUUJE4BCE3K7ZOkZLUqIJuLfoc4rdZCAJ7idijnZYcG-kaOSuxOYqsn_L9MnZDvGw_x35wQJ113rsyfpzhPRhmOwNe0pER0m2xHzFpEL47ZPSFQdtL-Vime31OEqqG6y4p_Ul-OSMeZUmGNJGO90wjf-tKFy4IaBagmfKP13WQfpQSnj5OVECvy3QAs1-xQT_pPqwn9bIaFawGzym5TbK9HdF7CtPv0iRpyPacxKzauG5I61jJKpIDeaBC36ElCZa_l288BVQqufDlnO4qEV3hIg6eJtzb9TqnOJaNHSTryc3AWkxfUWRoDKF9e4_RmNYWMMOs4CCJsDt6e4rgE03fUOVd4GKqdk2Pvfz6YgsOOZD-HeHVSrCr1CPb0Bf_lgci_rHJLe5tUDTa7rEtVV-2CMgRi6d_t6Vm1O88b3jNQJDxiycCKR32wkjJLlC-MmqK9UkwSNSEuVENi7UA8u4Gpytp63ByUM38ApICWWDXcfEpPySWymRJJ9ZTuCkgkvdoPcxXP0KPT_m1UVpLg-JyVUekZCU7hkZCnC4HsMfpKp3Hkm4N-OQPEInR0EJGPAIJWf7h43m05IzCaao4xmrbCOrfCn96ksfuhP3mj9_X0f7qG1SNwDYvQBa-rew7MMK0aC5HAWfKQrfd9GBrLqEng1GucUJziTypCVHB0jFLpvZCZtHoV8cZvr5kntBNR1fgV-ub0vSobQqf6SOPuIqfyF9xa2o-2GQKmxYS_K9y4ycaMMW4nASmsID7S9AEwtsvq-Wn5HJ8fGt7W_HKf6646VSbMQyNphgdAzEnO5vjAvxuT9BCYQ52hYm_7LXqyH3lKdAu9yMj6iAazbvpS91DbkB1x-hKMimV3WMR1G8gDyE0_HJVJb179waT5VS2I84s-O0AfMEFn839zXo5U5-1c-mZRle42eapy4Ua5B8Ioof37tYgNJbZrj4pFwCQgTYxM3gHfVVcjC9TzEqMEUjazrB5niO-tMN4D4rBn93ehOt36yDlMPpYrkD5RS4lL96OSOuecn2u4q387UqobHBubqyMJvw2LAcf6tg2MlL4PQimE62nmLH_Dfuk3X1giFWf5r_hL1168TzOrghJ5-zSLgFkPh3IH71cMnJVQTCODrWU3p8wTzbUPl7520Cnnel99boAdtMV200WLIo24iYgY2Wkrpw3AW80WulWlb6TFMChothUw4L8ABXNnaCFI6qrwB2gk925OgUd408_38Bp67cgkc5-0&sai=AMfl-YTh8aFoH89-BdZMRsSjmm7zm8FSxzgar8VZtq94xb9TKW5oQsWkt1f6C_Qqi63mKSEXLv9MfaQ69UJuT18_TbkdEN883NMr6LhSCKr3DfyNvKn4KTfmXQa5fny7-XOBmhHEqj8krLZK9mU2PaZXAs94IUEbhwXJ31YI4cOBkFQ_XQI-CdG_U0EUYwXKXD1kA_veqz_eH67tXjx2wWx9PBtP8EWvF7W7H8VZy9WFkJWhSkTnk6FSo4YlEz5O4gkHW1jT&sig=Cg0ArKJSzEufjay-fTgoEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1033&vt=11&dtpt=688&dett=3&cstd=338&cisv=r20230615.50058&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Jun 2023 17:03:46 GMT

GET
DATA 200
OK truncated
/ Frame DACB 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 vpaid_3bc8d9fc.js Show response
vpaid.springserve.com/production/ Frame 4249 521 KB
91 KB 8ms
8ms Script
application/javascript 2600:9000:206f:e800:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_3bc8d9fc.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:e800:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fcc64316c5f3a1f5a4adb8183f9bdb4cf1c1e95713781e63c9ae243877f62128

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 15:49:54 GMT
content-encoding: br
via: 1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
last-modified: Tue, 06 Jun 2023 22:03:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 1214032
etag: W/"a29292a78266a1cc6eb74cbf0c848fb0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2678400
x-amz-cf-id: utZzL_MdJnvgDMs7nkt-XjBUEzWLVkyKYxqwgO7fmfb52_-WZjBLIg==

GET
H3 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame D278 13 KB
5 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 01:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jun 2024 01:39:52 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D278 7 KB
6 KB 53ms
52ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5724c31fc9384c8062a6d8f9fb3bcab2e9e09beb0c67b4b23ac3231d0799ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5688
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3543 0
20 B 46ms
46ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5Cxfby2TZPLHB4bD9u8PwJebSAAAAAA4AeAEAg&bg=!19Sl1IDNAAaGYqkwpmI7ADkAdvg8Wj9vWHGCvCpDB63g7Eyfojral5XQ3RonMTDjAMQXp5ItCli9RUJLymDrFHJiEv3HdotbtN8CAAAE21IAAAADaAEHmQM5c-aYsyrfjf9t4HickR4Sx4769bQpXe3kEvb8uFoeB34qTO8sUpkp8ZTaoNzNC0KTEYIF8Uk-jXdcPRnHzC-lVJ4ElLAjkM30e7OBL-m4mn0s2FomQ46yMBmd6z6MFQ5otvmlKZEDXb_9k1T7XbULwbyRxGcBQSNhe2i7XnGudJdlDZmRfE60zQ8m4dvcArwhmX9ks4DZQp6Sz5O2lz6TUYx7A9NRf39N9MR6_s1wgUnG2VXoznoGBv9D8xQ5FM26fjAFoINRnMY9Bh23aNJ2rAxA0psK85-yJmh3_p8zwbWAM7-zLabAgXYzLo7l4WVrltDlkxPVUpT3Q1XoNvDWpkGHHTKA7VNeMjpt1lfl8m2JLzlnqW_6eNSWAuVu3sv5uKS4M7eKDmv07dR1VvSLxZWS2Zbv0fDXWiomhm3Po1wfAsBwAlQ18kdT6_7K05nxZjevZQKpyB6-faJoQfTkXqObMtZRWfOPF1jT48D4abVmBarIlW4bEceGtHEk-zohiT5HmNLWlHNM7XU3QYOC8kPUA5yZfMcSYAACKfPJOgD9swAuj9vyxi6q8LfuJofLiYDfUC7TTCXiG1GAZCNzMbKgi36Y04yz7Bj4zZi50fxMC7FUNIZqVuUU-w7RkuiCGcn5mBP_-IxxLCUX3HeaEUv96G-fugcLN2ZX9uy4AE2rqZEjiO9nkEqh38P7xkvVmxw3v8JeA18YsUO72ftk7KyLyR9rDilGd07eJxuV-FPy7u1GD7Em0x5HeFIpurrJ5I3N2JWtYanjjOX9ymln3d36KFvjYAFDgQt4pZo4FVeYbhByoWo64s1yKKzZZfd9BJ-qJr2cuVA4qiAx_HdMznPOpvF_dYywxBGgQfO1DA6HiX_ElmzO8u-7L-WBALLiLsSvPL2M4JOXWu1mKzKnEch9YFGPQHV5PuVSDtC2h6CehJnkLgN8pnVPKNA_EemCMWA6ArL9aufsZpVY1-tcJASy1ycwmQKSPcuYKIKIIFZ0gW6Qy5YzjCTx9NAXmVWUoJxucN7dVVDNGLhw2RBkKPx-LKn_a22Q-248047LvZ3xjKJLCbzo4Dj6k2IiWeCs4GyapBwp8ui7

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5052 0
20 B 46ms
45ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BU7KKby2TZIzBDeyk9u8Pq7yv8A8AAAAAOAHgBAI&bg=!p6SlpPDNAAaGYqkwpmI7ADkAdvg8Wl7Bu4T2ujBiURIPHGh9swfnGQ_8D1zqCu4669QaWgUzJ965auQkG5AZPvTYQOV0pDJkrGECAAAEQ1IAAAADaAEHmQMuJK6xGqXCXTbNneV4KChJoxWun7-p20WBfoMXiX203Vtqh2uzqdm25HLQQO_7oru95ZfZVY26tPBP8eb-UBoadeRyS8soSUwweXa_lkRGWPenR34BBtijOF8klnT3SWZoxcJdOj5KmMj2UvYSsK0tBv_gn2MrPxGhDAESP5_wb3S2iSKib-wW4kqSFBlRvm7THZeWZCAwce1ADpEE0KAxYdVLkFghXN1jO9GWh4u7zy2VdD-nktARLhKLsVqQdzzGx4DPeb4fBT8DMBEK1FZyylNdcariDXHPcoAFbCutJFUlcsMKMmp8yPlsOPg0tZMlgfXdncIELMoSDzYBurOvOLnnJoL3XdNrvcZPwsDSAA_92eZ3F97Uoxc4o6Vh-uXPlp_Naod6kEP091TLGk2tbRenMDeZBY27kqNMZ1s9lX6e1Ema-mxFjin1vPCAkbUUGSx4nYClvIcnUEGmi3OGx6l5P84DA8mtB2eXWAJj6_a3t0bEhjkrtO7m-f7_DtBI7854rVEUo2UHlNtg8NtukkNvP_2z6orDMCZ29j7o9MNyTrUDmnJLSg2EUcFIHMV-bsDk1PWP7b2o9RTwr8mmeZh9VMZOsLHFJG5LAcIsKcaBsHSpFmKhBt2POvVuzxZwzek3MYETcMuJyCw3A5SLs0M_A-A60geyeo5ng1DLYR4_34ST6zU-uyUetaa1ls_8YBwyIp9wL7OA1w3_fzx667KVyuvYirYoUug9pxlCPKcPx5C0b1cG228FlATqiWUegXDIGVl456CRspTwZmOYhyGYLEfiJVQ5cl4jNf_ZjF81C0MGUbuVdwQj9uiQhWqQuy6_JykoeRxvebaEZdjS4h-d-qo3G6a5AS6EO2TjNUDI7LMyFDzS5-a-pQwAbqn66_ShrJhDDkzqj5oGqAJJLs3C6mnBBo6F41SlQWiWlI4WmuV0hw4gWnKE5FH1ObJE_QaRRbxNrFx6TJ4IzvLD82GpPMpQhwhcyxm9CkPjdLMSWwaTOX2Ky6i7iRgxO5Dk2Br9cYzsc6nXiz2Qs3ZUPxW8nRk58jathyW1ST61uqLC9gPSW2fLLXoNYATG2w

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B646 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHSHIby2TZNfHDdaSjuwPzMiA0AoAAAAAOAHgBAI&bg=!2tml2Y3NAAaGYqkwpmI7ADkAdvg8WmMRYqL-00RhWMLSCIjo-oFhP4upJHU94mpY7ACNMh_Nh0DfN_WYi7-F_S0YXXxcw7Eb3MMCAAAEMVIAAAAFaAEHmQM81knu30fd317pN4c3WjOjzWRnWaym5k5gQNl6fTmHVVAmiNFAs5aV4-Zy7K8cJiyKy6yUlc4od7Qw0ozNsniiOQ-A3UQ8hGhJplS30t9g4iuEMmGedLeBIYEnmOrjewrygYLECVDCqJSPUzlB-0a4cjhWOi1OnzxSjpwShvwOT4GL34_KDCWXU1Z99rTsXcc2tRAKUvDe4EmT0oSfpvIsUEDxY00l9zOpmCgfZkvtZMjJmox54g8Fsw5ybiAHTKfM_0R_9ffRmX1uaAf3c0WbzrlPwu0jxzZjhdtFv3ULZYFud4HsTxY0ruWLxjbquLj6BfctCj-fIJmS7hHU7WlB1sCHc06oUyxVFPrAFQj8iX3VhdzhsPCv-r5Y4jyMPuLlYS6hxt-_vIBIQjhL7bBK9KdEtZTaMzKc3JQ94LMb0VZV-pOwiPrqmlDgq7tQRVNSVD7vTt8wHDmMeW3jM9OoOdirp6LZuPEy49YBua1TShSO5q3uWB3mqfUbVsuMODHiwYowckVby-GE78QaZVkB4SX0W-V5kJ5u0_Cvd_ncEIrf-8ddXWAT9WK2k_t4v4qiRQHmiwsjp5eK2ZI8HQviOrSdYn7sY64L2XOtp4FIR_4d83u9xPwREK6JTjgo5WFWYfH-y7jxG0Bjuu9w4c9GmF-o78ZzFmF1jgkIrxwuMFIzNxEONasW0XPpg0hgfbcv_yu7e9UdTroEWENOp4zLPHyDoHKi-oODXyGqgLQK4ttMn5Eg98Zub6jHE-hqOrluDesuB5mXmwVVGwL7tdu5LpxPuSRhjc9or2ODA3bZSbQh7tQl-DPbg00zON7jUYNQbqaCjdLD33PBhOQkMUwSBBP_FI2J_1bYKl0eDqtUq6Um6Y0aedn6oo0klr1q4s-9Gn-YC3KB1ireBlU69Tb8y7z6ouQbELYucC_pBr0VPMQg7CFEEuzzl6j3cemGQCfOu86yEv63tdWHwLS1aRFsK2uDh_b8pFwsLaj_iJHocSHXHzjV8u8dexMFnFqRvEQEo110zBvceZg2ROokF7fy4W1M7czAOcsV5IsmWxp3xnEQ1SBpc54fgCZVb1XWB_atbCZ5tOCZYAb5QG1m

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D278 17 KB
6 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 17:03:46 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A07A0B93D45C4BE2A3B1305D2B027C51&RedC=c.clarity.ms&MXFR=3F20F1B7C5F06E832784E280C1F06046
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A07A0B93D45C4BE2A3B1305D2B027C51&MUID=1980ED05CA2A69DC0C71FE32CB2A68CA

42 B
443 B

27ms
27ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A07A0B93D45C4BE2A3B1305D2B027C51&MUID=1980ED05CA2A69DC0C71FE32CB2A68CA
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
last-modified: Tue, 06 Jun 2023 17:31:23 GMT
server: Microsoft-IIS/10.0
etag: "dca6ffb69c98d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 881F09D567204D16B335FC6BED0B3CA4 Ref B: FRAEDGE1719 Ref C: 2023-06-21T17:03:47Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A07A0B93D45C4BE2A3B1305D2B027C51&MUID=1980ED05CA2A69DC0C71FE32CB2A68CA
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 56ms
56ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230615&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f31c78f74821e02758ea1d59bc0e942f847c631cb9e91d6643b1bfdf48851178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11119
x-xss-protection: 0

GET
H2 200 all.min.js Show response
plugins.soclminer.com.br/v3/sdk/ 236 KB
76 KB 112ms
25ms Script
application/javascript 2606:4700:20::ac43:494b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.soclminer.com.br/v3/sdk/all.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:494b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6c906925b8d82d84cb2cfa4adc4caac30c7f7d012419e13641be6d141be94c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Mar 2023 21:16:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: 2GV2MPWVZ6PMSJJ2
age: 25376
etag: W/"14615e7516405fbac150b0ce881e46c1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDettj0HQ3oeBOqMuDULv9dafmQPJVrgffWTxUFKjGsnvuTU4imARKF4idcGCMal2CE%2B5n6NuDef%2FprdyM5J91RuqmJGxe12ZnpJ1b3srXRq5lXvjugR73gN%2BfxzUr8COujXvIztpz%2BoqeuQnVOZbNS5CLLdKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7dadd3aebaee364b-FRA
x-amz-id-2: rovMGjSaNKeJarKLRMAMchQwwg0wKFeCBuGDrBiOhaAYH2l8Lva2wP7kR32PxJbVlIduC1T6NRw=

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 4249 984 B
851 B 10ms
10ms XHR
application/xml 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367022778,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_3bc8d9fc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8955067cb54ed238c7cb08bd849d3eabc11e01295c00cfb9644143143a89d579

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
content-encoding: gzip
server: Apache
etag: "23da-5f762218eccb9-gzip"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 609
expires: Wed, 21 Jun 2023 17:03:46 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 98ms
96ms Preflight
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.correiodopovo.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Jun 2023 17:03:46 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame 5400 0
170 B 98ms
97ms XHR
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Wed, 21 Jun 2023 17:03:47 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 _adview_.ad.json Show response
cdn.webspectator.com/ad/banner/_adsense_/_adserver/ 0
165 B 157ms
140ms Script
application/octet-stream 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.webspectator.com/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=71502133
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/adblocker/blockadblock.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:47 GMT
last-modified: Tue, 11 Oct 2016 11:19:36 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "d41d8cd98f00b204e9800998ecf8427e"
content-length: 0
x-cache-status: MISS
content-type: application/octet-stream

GET
H3 200 congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame D278 98 KB
98 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:01:39 GMT
x-content-type-options: nosniff
age: 127
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100772
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 09:13:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Jun 2023 17:16:39 GMT

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame D278 57 KB
57 KB 9ms
9ms Font
font/woff 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:52:59 GMT
x-content-type-options: nosniff
age: 647
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Jun 2023 17:07:59 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A9D7 42 B
64 B 51ms
51ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5agzGKhBVWahTEm55LLp6__8YBlRe_2_Dl5-DkaIf0-6WNzgEdEEPs2fn8zBPNMoPT5brHvz4Texc3VXj1_QZNBMYIgm0OeyKnitM4-G_1LAR2cfawhxXYyrhoXDadnzo2y31_7wVLK_n&sai=AMfl-YSJ5ryruYHXGdaJTYDk0yYjUZTOM9ICaRhBDkihRKBvnha5bHXEg4uzv9z-bqQahlZ8b1TTI_yq8qsq7NBOlmRBwrXxbDcHWdzRLGMSE2yDFy15RtMpx4SbWh0&sig=Cg0ArKJSzC5vEQEg2d3fEAE&cid=CAQSOwBygQiD0t3ORJh3Rh-EiSSZbnUFiyetoazrPXywQZ0yIaHhLuM1osKi5EJebQG5hzizklDK_EPAi0k9GAE&id=lidar2&mcvt=1033&p=1100,315,1350,1285&mtos=0,0,0,1033,1033&tos=0,0,0,1033,0&v=20230620&bin=7&avms=nio&bs=0,0&mc=0.4&if=1&vu=1&app=0&itpl=20&adk=994353144&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687367024481&rpt=1434&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 404E 159 KB
38 KB 8ms
7ms Script
application/javascript 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367022778,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:46 GMT
content-encoding: gzip
last-modified: Tue, 21 Mar 2023 05:15:25 GMT
server: Apache
etag: "27bcd-5f762218e8e3a-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 38303

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 17:03:46 GMT

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame AFBD 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 11:36:49 GMT

GET
H2 204 social
am-trc-events.taboola.com/correiodopovo/log/3/ 0
230 B 16ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/correiodopovo/log/3/social?route=AM:AM:V&lti=deflated&ri=5baa504d49cd36e5a20168b6c9b81b17&sd=v2_c955b60c2e18fd990e3579ddc6613730_ea73d8da-8a26-4720-994f-785266cac580-tuctb8cb2ec_1687367020_1687367020_CIi3jgYQzeNHGLnhpfeNMSABKAEwODib4wlAgooQSMzK2QNQ____________AVgAYABosrWxmb6uzo3eAXAA&ui=ea73d8da-8a26-4720-994f-785266cac580-tuctb8cb2ec&pi=/&wi=-5703500169402860967&pt=home&vi=1687367020729&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22player-iframe%22%2C%22nm%22%3A%22video%22%2C%22c%22%3A1%2C%22m%22%3A%22video%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.correiodopovo.com.br%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22%22%2C%22hdl%22%3A%22Correio%20do%20Povo%22%2C%22sec%22%3A%22undefined%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=17%3A03%3A47.007&id=1157&llvl=2&cv=20230620-6-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:47 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 03032023-031527533-1940_500_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
s0.2mdn.net/4528404/ Frame D278 50 KB
51 KB 8ms
7ms Image
image/gif 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031527533-1940_500_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

870e64a4fd7176773074b9807542d0a03175666ca0dc0d7b07c96479730bdc95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=05DiAdvTqZ&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 11:55:19 GMT
x-content-type-options: nosniff
age: 18508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51681
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 11:55:19 GMT

GET
H3 200 03032023-031531062-1940_500_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png
s0.2mdn.net/4528404/ Frame D278 89 KB
89 KB 10ms
10ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031531062-1940_500_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f49cc78249ddb5132767edc0c172fa8f6619918fcc1c09f325fa7776fdce799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=05DiAdvTqZ&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 11:55:18 GMT
x-content-type-options: nosniff
age: 18509
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91120
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 11:55:18 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C5D4 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 11929
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 13:44:58 GMT
expires: Thu, 20 Jun 2024 13:44:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F69C 783 B
535 B 18ms
17ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d5f2d13db868a6b7494f192452ea87aeab881e5380b0e9f30b17217a2211f5f0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VLz8gaSJ10JZEwGDk-2obA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-VLz8gaSJ10JZEwGDk-2obA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 17:03:47 GMT
expires: Wed, 21 Jun 2023 17:03:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 153B 39 KB
14 KB 8ms
7ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367022778,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=109379
content-encoding: gzip
content-length: 14445
content-type: text/html
date: Wed, 21 Jun 2023 17:03:47 GMT
expires: Thu, 22 Jun 2023 23:26:46 GMT
last-modified: Tue, 21 Mar 2023 06:09:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 404E 39 KB
14 KB 8ms
7ms Script
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367022778,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:47 GMT
content-encoding: gzip
last-modified: Tue, 21 Mar 2023 06:09:28 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=109379
accept-ranges: bytes
content-length: 14445
expires: Thu, 22 Jun 2023 23:26:46 GMT

GET
H3 200 03032023-031527533-1940_500_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
s0.2mdn.net/4528404/ Frame D278 50 KB
51 KB 8ms
8ms Image
image/gif 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031527533-1940_500_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

870e64a4fd7176773074b9807542d0a03175666ca0dc0d7b07c96479730bdc95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=05DiAdvTqZ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 11:55:19 GMT
x-content-type-options: nosniff
age: 18508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51681
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 11:55:19 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 153B 2 KB
2 KB 21ms
20ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=15814361&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: f4d59fdeef8ad1e68d7ee5b85f2d1045a443ef33c48d882805aa57f391267508

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 21 Jun 2023 17:03:47 GMT
content-length: 1910
content-type: text/html; charset=UTF-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F69C 0
0 41ms
41ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230615&jk=227302566722832&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame C5D4 37 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 11:36:49 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CBC0 0
20 B 46ms
46ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bc0ebcS2TZKCCE_3Ax_AP8MGB4AgAAAAAOAHgBAI&bg=!_f6l_qrNAAaGYqkwpmI7ADkAdvg8WgIDQSSAPk0LB9M8ove3iNgyalU-Rz-lCLIszMlAvuR7r4wo9EGXNbEzHNdu1hDfQaAw3lgCAAABG1IAAAACaAEHmQM8M23dQWbz4MS8e5igo8ZCiua5UmwRO1ty5hHlJiMV-s00j2Jn-Q_TTSb7sBaXr76pmqwtTJOLHMnT6N7wOS8vwhrlOODCrVor4XrYm4CsIKYUXV5eGb7YjvFMzxBFT-A4bedNWy1FGxEmBPPP5oUlj4PyAqRtlcnbPum4J3AAxc2lFtmvkWQFVlAgpScb7fxB43b3M9KQlVj5SguWbDGMGojEJh6TG8LvLC37nYf7FIy9n0ysCUPcaHvcxKARnaienbb_RYCB0XbZgeHeVr4YI8azH_-eVa4wtGH5TGzw4QWe6gVip4MduKKO-sCJwSBVYwLfSX_eSLpstfcB_RtArQlb5vuFJj7ZERjJa_6K_xJUO9HKBkcxcGIpE5ySkUjmMw59CtLd4W4VgK5ZMkuc-DigtM_B_unehfJmRbR5RB-60yOcVxcPbB5f5PQrP4A8xDKQJuG6wjaD-XFQBRCqvX6F-sFfAcXnNNch_OqfeRyno6YEHYYUUA9Il1aEybwsH9_a7GQy2DsaVbYPZ8AgnkEdMTDsnEjg1JuvQGLX-OLxJseuIX3hcm_bah8cKG0jEa4GveKXoRrCqpxLe2BI2Dc79A55IdMgeKZADv5YP2YPmaq43i31omiOLV_6U0drESIqd2EqOMP-Y4nKjhum1z2hgbFNApvwz5cD3gT4TB1sqc1QRPKQC8mnCiMvDWpniZm11Lw9_ZbxemBGWnkSYfgEOpzVI2AKpqbpYCJCa0CL35Q-4cIiAAIrrB_l6EmR8eXijcRgYdqo32uHFfA8uXZeYs69jDI29n6G7reBAy69XkLk5OzULrhAvYEwSpmWgGcBM76kx_JSVneNvL8dCVY5YrGPqo2qTvJayAqBxrtZiaFLYSKkbDe0GahdiV5tnQQxEr6RndDyqH-R1Pq6nlqN3bgMBfZN1NNTWgbnhLgDqfFaYGW-UjKji_w8qVn2MIIK06tpAxXELw283Pfak4EhH-jjclC9P2_37aX0j0V5VhTVoIb57j4NPFQ53zof1NfgWX8ThaUMhiZblwiqO1MNHo_Vp_YIbPLDmD3ZgyJg0AWgJSDUDD2R75jH42Q1TwtwvQOKPmiUO1hy

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 5DA7 35 B
600 B 23ms
23ms Document
image/gif 37.157.2.229
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=CA57F6AE-0E19-4326-BAA9-8F1794321670&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Wed, 21 Jun 2023 17:03:47 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame BAD8
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3W1ZENk9VkDGYAUR2zpNFNpoARbGPFBF0jyffEEa

42 B
422 B

14ms
13ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3W1ZENk9VkDGYAUR2zpNFNpoARbGPFBF0jyffEEa
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 21 Jun 2023 17:03:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Wed, 21 Jun 2023 17:03:47 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3W1ZENk9VkDGYAUR2zpNFNpoARbGPFBF0jyffEEa
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3270
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5589260742170955798&gdpr=0&gdpr_consent=

42 B
447 B

20ms
20ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5589260742170955798&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 21 Jun 2023 17:03:47 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: a48a7f8e-9b68-4c16-82dc-64aee131b175
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Wed, 21 Jun 2023 17:03:47 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5589260742170955798&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 9235
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7247186184439789714&gdpr=0&gdpr_consent=

42 B
220 B

20ms
20ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7247186184439789714&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 21 Jun 2023 17:03:47 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Wed, 21 Jun 2023 17:03:47 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7247186184439789714&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 05A4
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBLVRVN0pKbHNBQUJfR0VjVkoydw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAA-TU7JJlsAAB_GEcVJ2w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAA-TU7JJlsAAB_GEcVJ2w&pid=558502&do=add&gdpr=0
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAA-TU7JJlsAAB_GEcVJ2w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=7047329588402905016&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAA-TU7JJlsAAB_GEcVJ2w&gdpr=0&gdpr_consent=

42 B
278 B

15ms
14ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAA-TU7JJlsAAB_GEcVJ2w&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 21 Jun 2023 17:03:47 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Wed, 21 Jun 2023 17:03:47 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAA-TU7JJlsAAB_GEcVJ2w&gdpr=0&gdpr_consent=
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B932
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TW1pEDX9XsNcY8UojiLEdCU6Ovg&gdpr=0&gdpr_consent=

42 B
300 B

20ms
20ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TW1pEDX9XsNcY8UojiLEdCU6Ovg&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 21 Jun 2023 17:03:47 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Wed, 21 Jun 2023 17:03:47 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TW1pEDX9XsNcY8UojiLEdCU6Ovg&gdpr=0&gdpr_consent=

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 153B 95 B
439 B 51ms
23ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=CA57F6AE-0E19-4326-BAA9-8F1794321670

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:47 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 7dadd3affa8f1994-FRA
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 153B
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CA57F6AE-0E19-4326-BAA9-8F1794321670&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CA57F6AE-0E19-4326-BAA9-8F1794321670&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

31ms
31ms

Image
image/gif

77.243.51.121
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CA57F6AE-0E19-4326-BAA9-8F1794321670&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Server: 77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:55 GMT
frontend-id: 10
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:55 GMT
frontend-id: 13
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=CA57F6AE-0E19-4326-BAA9-8F1794321670&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET

/
loada.exelator.com/load/ Frame 153B
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=CA57F6AE-0E19-4326-BAA9-8F1794321670&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bdde43eb43588a9d/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1

0
0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58292/ Frame 153B 0
38 B 11ms
8ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CA57F6AE-0E19-4326-BAA9-8F1794321670&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:47 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 CA57F6AE-0E19-4326-BAA9-8F1794321670
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 153B 0
530 B 36ms
33ms Image
text/plain 2a05:d018:d29:3605:6ce8:f044:1eeb:8f7f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/CA57F6AE-0E19-4326-BAA9-8F1794321670?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:6ce8:f044:1eeb:8f7f Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:47 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 153B
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CO...
https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1b2e4395-99bc-4397-9f27-8596723f56e1&gdpr=0&gdpr_consent=&gdpr_pd=

1 B
166 B

21ms
20ms

Image
text/html

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1b2e4395-99bc-4397-9f27-8596723f56e1&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 21 Jun 2023 17:03:47 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1b2e4395-99bc-4397-9f27-8596723f56e1&gdpr=0&gdpr_consent=&gdpr_pd=
date: Wed, 21 Jun 2023 17:03:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 153B 0
103 B 40ms
15ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=CA57F6AE-0E19-4326-BAA9-8F1794321670&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:47 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 153B
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3792032271343893360&gdpr=0&gdpr_consent=&us_privacy=

1 B
195 B

21ms
20ms

Image
text/html

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3792032271343893360&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 21 Jun 2023 17:03:47 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3792032271343893360&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C5D4 0
12 B 7ms
7ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GvhVjw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame 404E 27 B
360 B 123ms
123ms XHR
application/xml 198.47.127.206
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367022778,,&us_privacy=&cb=1687367027028&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.correiodopovo.com.br%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.correiodopovo.com.br%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2023-6-21%2017:3:47&ranreq=0.33382687923102816&timezone=0&sua_br=[]&sua_mob=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367022778,,
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.206 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:47 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.correiodopovo.com.br
content-type: application/xml; charset=utf-8
x-vdbg: 1:0/165:-1
access-control-allow-credentials: true
cache-control: no-store, no-cache, private

GET
H2 200 track
st.pubmatic.com/ Frame 404E 0
49 B 20ms
20ms Image
text/plain 185.64.190.89
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1687367028&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 track
st.pubmatic.com/ Frame 4249 0
49 B 25ms
25ms Image
text/plain 185.64.190.89
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1687367026&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 i
vid-io-iad.springserve.com/vd/ Frame 4249 43 B
205 B 125ms
123ms Image
image/gif 54.205.191.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-iad.springserve.com/vd/i?suuid=bf1bdcf7&ps_id=356921&event=js_opportunity&time_on_page=1&num_bq_pt=1&num_dt_pt=1&timestamp=1687367027681&ip=146.20.129.46&_disyn=1&ssid=f8f8e992-57b7-4ac9-9a5b-9b7a3c0cd221.1687367022778&uuid=bf1bdcf7-af40-4a8f-8874-aeb60fa5bd13&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&did=d3ba4734-49f0-3f9e-5b17-740c918b2010&_rcc=bs.111772_vp.110514&d=correiodopovo.com.br&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&a_cc=s.356921&d_m=www.correiodopovo.com.br&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=7584282
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-191-114.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 17:03:47 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 i
vid-io-iad.springserve.com/vd/ Frame 4249 43 B
205 B 125ms
123ms Image
image/gif 54.205.191.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-iad.springserve.com/vd/i?suuid=bf1bdcf7&ps_id=356921&event=cm_js_demand_req_resp&a_cc=s.356921-d.437974&dtidx=1&cc_i=0&response_time=33&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=1&timestamp=1687367027681&ip=146.20.129.46&_disyn=1&ssid=f8f8e992-57b7-4ac9-9a5b-9b7a3c0cd221.1687367022778&uuid=bf1bdcf7-af40-4a8f-8874-aeb60fa5bd13&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&did=d3ba4734-49f0-3f9e-5b17-740c918b2010&_rcc=bs.111772_vp.110514&d=correiodopovo.com.br&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=www.correiodopovo.com.br&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=6101800
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-191-114.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 17:03:47 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 i
vid-io-cle.springserve.com/vd/ Frame 4249 43 B
205 B 170ms
168ms Image
image/gif 35.160.227.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-cle.springserve.com/vd/i?suuid=bf1bdcf7&ps_id=356921&event=js_demand_opportunity&a_cc=s.356921-d.437974&dtidx=1&cc_i=0&response_time=0&creative_type=JS_VPAID&_t1=1&timestamp=1687367027681&ip=146.20.129.46&_disyn=1&ssid=f8f8e992-57b7-4ac9-9a5b-9b7a3c0cd221.1687367022778&uuid=bf1bdcf7-af40-4a8f-8874-aeb60fa5bd13&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&did=d3ba4734-49f0-3f9e-5b17-740c918b2010&_rcc=bs.111772_vp.110514&d=correiodopovo.com.br&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=www.correiodopovo.com.br&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=2826125
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.160.227.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-227-216.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 17:03:47 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 i
vid-io-sin.springserve.com/vd/ Frame 4249 43 B
205 B 208ms
206ms Image
image/gif 18.138.182.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-sin.springserve.com/vd/i?suuid=bf1bdcf7&ps_id=356921&event=js_demand_error&a_cc=s.356921-d.437974&dtidx=1&cc_i=0&response_time=716&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=1&timestamp=1687367027681&ip=146.20.129.46&_disyn=1&ssid=f8f8e992-57b7-4ac9-9a5b-9b7a3c0cd221.1687367022778&uuid=bf1bdcf7-af40-4a8f-8874-aeb60fa5bd13&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&did=d3ba4734-49f0-3f9e-5b17-740c918b2010&_rcc=bs.111772_vp.110514&d=correiodopovo.com.br&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=www.correiodopovo.com.br&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=3402595
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.138.182.210 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-138-182-210.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 17:03:47 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 i
vid-io-iad.springserve.com/vd/ Frame 4249 43 B
205 B 125ms
123ms Image
image/gif 54.205.191.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-iad.springserve.com/vd/i?suuid=bf1bdcf7&ps_id=356921&event=js_supply_error&time_on_page=750&reason=NO_FILL&timeout=false&timestamp=1687367027681&ip=146.20.129.46&_disyn=1&ssid=f8f8e992-57b7-4ac9-9a5b-9b7a3c0cd221.1687367022778&uuid=bf1bdcf7-af40-4a8f-8874-aeb60fa5bd13&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&did=d3ba4734-49f0-3f9e-5b17-740c918b2010&_rcc=bs.111772_vp.110514&d=correiodopovo.com.br&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&a_cc=s.356921&d_m=www.correiodopovo.com.br&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=6962780
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-191-114.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 17:03:47 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A9D7 0
20 B 52ms
52ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7713214283519&version=m202301230201&ct=76&x=1&cor=10987406926177438000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
45ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230615&jk=227302566722832&bg=!9Pel96PNAAaGYqkwpmI7ADkAdvg8Wn3rnklplifBqDFVeHxZsmn2jO5x4PFmK1o5JcLObWt6LH0hH3grPfV4cguBTjX06TqSc_UCAAAAaFIAAAACaAEHmQLcY9Y0tVIUVqZ5fAZBxB7NFjPTEXWgIeNVEowScQYQL3SpIGs0Of-6RQeODLguMmShPWwEiX0nuFVx1P-nJrN-QSyZWHyX9Puzy9dNk8F61vBSXbyC86_e4ubUDS0KP_zoUSoVEcd3DMjLshqdJz8nWLLEg2jnSNX1FPw4TjZoiYxkNeOpN8yn__ez4jM2UvZ4ioENm4ta5n3fTt1Vw7VHrwSQjieZWCe-XK7CDlzHGfdbQwtmbZJB9t3zPN-cudXYQ0nMo_Pl2XfGXB1104I5eQ59j4epDzm7Wzvfkd_--4zGAWOHWMegXzbMxypcEGUafJx5YBfKn0bzBmBEC3YW5hEUOYuZMB8i0FIOYLqzI-Gt45Rhg-tsoTcS645b9jf_cboEP2bBR3c5d6b79xeaR4JFUq3KKNvD3feMWognI06GDnWAY8Z16yn7MmXTJKKWq1QPb4pi265YipTKo_966vyjpQD1roo12cHoOqpeh2BuT10WcA0uJgqc6DT3eYFsQV7nIcbB6sWmagRe-9x26N9TYVYziVpfSEY-PwE5XkSUr1-6fwpiJFxes_uYiWJnQN_oyBW3h66foiuUIEvRoOEy3t9K3rEwKHdkOXfV35NmipNqJ3Vup8MjigfbbBZZJ7jEk0gNox0oR3rUmKLwkuBdfyi2KMkRzmtti1YbDeXKw5JVfvTy1K-rtV7UrseZFKDuHaC-61m9m7LyN16lG6bcs1YfonRMA_sGLAKVJkuBHopNEM-uBsINTgLzkqnIEJanuTZNIcw3dIY5XRgiGxBTD_DVzPV98J_nCoup4h4kUm7JmecBmZlrQd1gmrMtnf6Dh9rgacPlaAXHaM5P9VfyRuHDtYv-U7-xvB6ts_nYn7xF7ynoBhbnmxfp_iqFYIZQjFg9IImmH8SwtlgKLfRsamLjiFv8WZfg7-cDmBWYzRztAQBWEyjTS4qsfln0WU5wJ3dLgJaazLwS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 4BBB 443 KB
113 KB 132ms
11ms Script
application/x-javascript 2600:9000:223d:c400:19:c363:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:c400:19:c363:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 3775b2253694eeaf0214b74d44e271c33bb635a547c1e2c95a48285bac8ed152

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 00:30:23 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-cache-status: MISS
x-cache: Hit from cloudfront
last-modified: Wed, 26 Apr 2023 15:08:54 GMT
server: CloudFront
etag: W/"64493e86-6ea45"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-cf-id: HqO0xLFsmiuY78otxd2S4MQucsG6WCczf6GkPShBmuETrh8-hlRSKw==
expires: Thu, 22 Jun 2023 00:30:23 GMT

GET
H2 200 bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 4BBB 25 KB
25 KB 30ms
12ms XHR
application/octet-stream 2600:9000:223d:c400:19:c363:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1687367028074
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:c400:19:c363:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 04:08:40 GMT
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-cache-status: MISS
x-cache: Hit from cloudfront
content-length: 25600
last-modified: Wed, 26 Apr 2023 15:08:54 GMT
server: CloudFront
etag: "64493e86-6400"
content-type: application/octet-stream
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: FFIkW-zg5NQ4TX4Xii_KhsKXERjtnVUjz9AVD-7i-3_-fzRLnAd2rg==
expires: Thu, 22 Jun 2023 04:08:40 GMT

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
518 B 17ms
16ms Image
image/gif 2.16.202.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:48 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1687367028106010-562
Expires: Wed, 21 Jun 2023 17:03:48 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 4BBB 301 B
659 B 17ms
17ms XHR
text/xml 2.16.202.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fwww.correiodopovo.com.br%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:48 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1687367028055065-509
Expires: Wed, 21 Jun 2023 17:03:48 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 4BBB 67 B
469 B 82ms
82ms XHR
application/xml 2.16.202.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C63943%2C1%2C6283015888660968652381478453%2C%2C&_fw_gdpr_consent=&vav=7f85bbfc247185ee64cd44703fa679bd&vaviv=4804a7d5be4b5b1c381b9d815affec03&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.7.0&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.correiodopovo.com.br%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:48 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1687367028112010-600
Expires: Wed, 21 Jun 2023 17:03:48 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 95ms
95ms Preflight
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.correiodopovo.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Jun 2023 17:03:48 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame 5400 0
170 B 98ms
98ms XHR
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Wed, 21 Jun 2023 17:03:48 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YmNlNjg5NzM5M2EwZmQyOGE5MjU2OGI3NDUxZmM4Yjc=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YmNlNjg5NzM5M2EwZmQyOGE5MjU2OGI3NDUxZmM4Yjc=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:48 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YmNlNjg5NzM5M2EwZmQyOGE5MjU2OGI3NDUxZmM4Yjc=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1687367028075053-523
Expires: Wed, 21 Jun 2023 17:03:48 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=bce6897393a0fd28a92568b7451fc8b7&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

43 B
479 B

116ms
116ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=bce6897393a0fd28a92568b7451fc8b7&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:48 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MG4Z6S5SHFDVH3RSXBGM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:48 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=bce6897393a0fd28a92568b7451fc8b7&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1687367028056082-539
Expires: Wed, 21 Jun 2023 17:03:48 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
902 B 171ms
170ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1687367028145&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1528&pt=1393640203&tz=0&viewable=true&ddast=V8vj0CLAa0TgBLA97b2RNonQCWBry3sy8AAABgYGDnAMk4Jg7HaDlbKwcjh1s0XM3Wwt3G4la5Zi7bYrdwjIzDISAZx8ThGC1na-Vg5HCLhqvZWrjbWNwq18xlW-wWjpFxOAUOU3aaXJaDWiBrmlx-NwhB0-nwue71ut_vrvFbLi-n3-Q3_G1_u8bvtkssfzkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIoDw7nu1pfd6HB9XnZ_AAAAAAABAAAAQAKAIH69BMBIZ9eJ__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIgm5tTKw5Rw6Rgt0ijAAAAACU6OjgH5mkE1Qsqvz___dbAbgCABCA6J0OZ59Fd1DiLQwAAADAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCRGZmaYJYAADU_AICAKz5BQQAYDNuAADeCMAJOgStGAxWByEWu9lgsVnMDgAAAMCd____fz0g41ytJrbBxrJyDGcm53Kw8qx2y5HJY5stNrvNYHtM_8uqs0WdRfs4TNlpclkOaoGsaXL57WfCFqPVZLJZDmfLxWQwHA1Ho_0ZiMVogCZisFxOJovJbjVajTbD3Wg2WCCBGEwQRYsGk9VoNFlMhqvRZDVbLna7DaJo1Wo22gyGq9lkttuthoPhcjRCE7YYrSaTzXI4Wy4mg-FoOBoNEUw5fJuRceRwCxeW2Vq0mwzWyuVo5tYNV5PZbOPwuIaDtej1MV2MG4tl5fEiwQCRvUieFulENXE4XIPRyLTcmDyzlWthGSxmw4lt45wYFxPHbiKWaE4W6UR22Xecq9XENthYVo7hzORcDlae1W45Mnlss8VmtxnsWw7fZmQcOdzChWW2Fu0mg7VyOZq5dcPVZDbbODyu4WAten1MF-PGYll5_I3ZcLeZ7QaTwb4xG-42s91gMth3mEzP1OdsVF92Io9MNxpuLjub06BwGSzen8S0mHZnB8_vd3Ta1C9lUWf0-_1-v9_v9_v9foPWczAbFL7n8iu-LbbV9e9ZOYgNBkUsEVykE43fcnk5_Sa_4W_7W8QSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf8Rw-zmquFcNZxLRsNVAgAAAAAAAACwBNNMNwEAAABwMpjJaLBbrdOBbDajwWi1XAAR8c26fqjFt1h_tFN2wWZjQOtx6WYVa-yxhvFbLi-n3-Q3_G1_KwOQ4KtnttlnBLFWq2UNAABAABsAAEAAN914ExBmxf3___-PAwAAICOHHgAAwM4-oKuZmZmZmZl_ACrEWq1WtxtrtVo!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2334045&dpubid=324075&abtst=206725b_vA!nonrv_vA!srcol_vA!srcol_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.correiodopovo.com.br&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.4/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 51800285a1aa8a493c39a7d9bb3cedbda5a57df3d47cdd379a4fe120b011a8d6

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Wed, 21 Jun 2023 17:03:48 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1467
x-cache: MISS
x-served-by: cache-fra-eddf8230110-FRA
pragma: no-cache
server: nginx
x-timer: S1687367028.149587,VS0,VE162
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame B17D 443 KB
113 KB 10ms
10ms Script
application/x-javascript 2600:9000:223d:c400:19:c363:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:c400:19:c363:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 3775b2253694eeaf0214b74d44e271c33bb635a547c1e2c95a48285bac8ed152

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 00:30:23 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-cache-status: MISS
x-cache: Hit from cloudfront
last-modified: Wed, 26 Apr 2023 15:08:54 GMT
server: CloudFront
etag: W/"64493e86-6ea45"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-cf-id: tBR5XORwEJR0Kf-K0WKbXmkMOIQ35RT5jN2egL3ZTXO9wroLZkQAlw==
expires: Thu, 22 Jun 2023 00:30:23 GMT

GET
H2 200 bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame B17D 25 KB
25 KB 12ms
11ms XHR
application/octet-stream 2600:9000:223d:c400:19:c363:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1687367028238
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:c400:19:c363:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 04:08:40 GMT
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-cache-status: MISS
x-cache: Hit from cloudfront
content-length: 25600
last-modified: Wed, 26 Apr 2023 15:08:54 GMT
server: CloudFront
etag: "64493e86-6400"
content-type: application/octet-stream
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: iu499KrP2q8MRnFw2cz4DAUESKZAC9pT6o6iROVcRPdGK1shkT7c9g==
expires: Thu, 22 Jun 2023 04:08:40 GMT

GET auto-user-sync
ads.stickyadstv.com/ Frame B17D 0
0

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
519 B 28ms
27ms Image
image/gif 2.16.202.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:48 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1687367028175078-514
Expires: Wed, 21 Jun 2023 17:03:48 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame B17D 301 B
659 B 23ms
22ms XHR
text/xml 2.16.202.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fwww.correiodopovo.com.br%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:48 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1687367028204090-557
Expires: Wed, 21 Jun 2023 17:03:48 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame B17D 67 B
469 B 48ms
48ms XHR
application/xml 2.16.202.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C63943%2C1%2C8660968652381478453129366206%2C%2C&_fw_gdpr_consent=&vav=4586f9f7ca5246310f1a03d501c96a0b&vaviv=3cdb73fe35c630f28c78cba888a0c5fc&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.7.0&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.correiodopovo.com.br%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:48 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1687367028252027-503
Expires: Wed, 21 Jun 2023 17:03:48 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame 5400 0
170 B 98ms
98ms XHR
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Wed, 21 Jun 2023 17:03:48 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 95ms
95ms Preflight
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.correiodopovo.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Jun 2023 17:03:48 GMT
server: nginx

GET user-matching
ads.stickyadstv.com/ Frame B17D 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZTU4YTE1NmQzODVmMzZlNTUzNGY4OTkxOTUzOTVkNw==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZTU4YTE1NmQzODVmMzZlNTUzNGY4OTkxOTUzOTVkNw==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:48 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZTU4YTE1NmQzODVmMzZlNTUzNGY4OTkxOTUzOTVkNw==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1687367028328060-503
Expires: Wed, 21 Jun 2023 17:03:48 GMT

GET user-matching
ads.stickyadstv.com/ Frame B17D 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=15fc2893e957cdf248b92e10d7ed7eb&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

43 B
479 B

125ms
124ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=15fc2893e957cdf248b92e10d7ed7eb&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:48 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3TXJYA1E393QXRZZVKPY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:48 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=15fc2893e957cdf248b92e10d7ed7eb&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1687367028376004-538
Expires: Wed, 21 Jun 2023 17:03:48 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 95ms
95ms Preflight
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.correiodopovo.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Jun 2023 17:03:48 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame 5400 0
170 B 97ms
96ms XHR
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Wed, 21 Jun 2023 17:03:48 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/7574746098446268149/media/ Frame 7D5D 5 KB
3 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7574746098446268149/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7574746098446268149/0222c204667789ce9432cf06f1e011de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7574746098446268149/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 05:42:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40850
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 15:49:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jun 2024 05:42:58 GMT

GET
H3 200 7985a8fae9d997cd9a63e225431a4af3.png
s0.2mdn.net/sadbundle/7574746098446268149/media/ Frame 7D5D 16 KB
16 KB 8ms
8ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7574746098446268149/media/7985a8fae9d997cd9a63e225431a4af3.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29943d672e2751b1ae9026caa3a7376157b88340b62cd40bc2c62d39c52ad635

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7574746098446268149/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 05:36:44 GMT
x-content-type-options: nosniff
age: 41224
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15949
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 15:49:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jun 2024 05:36:44 GMT

GET
H3 200 ibm_plex_sans_700_normal.ttf
s0.2mdn.net/sadbundle/7574746098446268149/fonts/ Frame 7D5D 172 KB
75 KB 8ms
8ms Font
font/ttf 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7574746098446268149/fonts/ibm_plex_sans_700_normal.ttf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7574746098446268149/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 09:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114705
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76650
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 15:49:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Jun 2024 09:12:03 GMT

GET
H3 200 0d5eac5857e5c31690ec313613a50dc9.png
s0.2mdn.net/sadbundle/7574746098446268149/media/ Frame 7D5D 7 KB
7 KB 12ms
12ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7574746098446268149/media/0d5eac5857e5c31690ec313613a50dc9.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96e51785834f5f8d7725e321a0b023b9f27e02e5ddc397f94cabfe0ffac4a641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7574746098446268149/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 15:33:21 GMT
x-content-type-options: nosniff
age: 5427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7374
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 15:49:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jun 2024 15:33:21 GMT

POST
H2 200 unitsanalytics Show response
vidanalytics.taboola.com/putes/ 2 B
194 B 271ms
72ms Fetch
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidanalytics.taboola.com/putes/unitsanalytics
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_8_8/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

x-cache-hits: 0
date: Wed, 21 Jun 2023 17:03:48 GMT
via: 1.1 varnish
x-backend-name: 5i41NEgLZrTBnTzubPzIMu--F_NLB_VIDEO_UI_00102
server: nginx
x-timer: S1687367029.934596,VS0,VE65
x-cache: MISS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2
x-served-by: cache-fra-eddf8230087-FRA

GET
H2 200 ad Show response
v.lkqd.net/ Frame 4601 2 KB
2 KB 94ms
94ms XHR
application/xml 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1180144&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63943%2C1%2C&c4=true&c5=&c6=63943&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=16213452&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 499861b6417beda06c09c4f8a4a4f3f37cf246782ff4bce5a3dd4a5bef5704b3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:48 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1417

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame C2C6 230 KB
61 KB 10ms
10ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:48 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 21:01:07 GMT
etag: "88ca76abee51b1544e17b021f04aaaed"
x-hw: 1687367028.cds231.fr8.hn,1687367028.cds333.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62021

GET
H3 200 03032023-031531062-1940_500_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png
s0.2mdn.net/4528404/ Frame 6003 89 KB
89 KB 9ms
7ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031531062-1940_500_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f49cc78249ddb5132767edc0c172fa8f6619918fcc1c09f325fa7776fdce799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=93KdxgAicU&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 11:55:18 GMT
x-content-type-options: nosniff
age: 18511
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91120
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 11:55:18 GMT

GET
H2 200 dc_oe=ChMIyJrz_-vU_wIVbJL9Bx0r3gv-EAAYACCrvfdKQhMI8K2j_-vU_wIVuZP9Bx2sdgar;stragg=1;&timestamp=1687367029000;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame D449 42 B
401 B 104ms
43ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyJrz_-vU_wIVbJL9Bx0r3gv-EAAYACCrvfdKQhMI8K2j_-vU_wIVuZP9Bx2sdgar;stragg=1;&timestamp=1687367029000;str=Show%20Slide%200;strtype=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 1FAF 4 KB
2 KB 13ms
12ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Wed, 21 Jun 2023 17:03:49 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1687367029.cds231.fr8.hn,1687367029.cds288.fr8.c

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 99ms
99ms Preflight 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1180144&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63943%2C1%2C&c4=true&c5=&c6=63943&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=16213452&m=&rtv=1&thost=www.correiodopovo.com.br
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.correiodopovo.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
date: Wed, 21 Jun 2023 17:03:49 GMT
server: nginx

POST
H2 200 ad Show response
v.lkqd.net/ Frame C2C6 61 KB
5 KB 523ms
523ms XHR
application/json 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1180144&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63943%2C1%2C&c4=true&c5=&c6=63943&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=16213452&m=&rtv=1&thost=www.correiodopovo.com.br
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: b7d70dedd947222451c2f1d9c8f59eafecf8ec3598a687ebb03cc957416e6a38

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Jun 2023 17:03:49 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 4935

GET
H2

200

cs
cs.lkqd.net/ Frame 1FAF
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3b0fd566-02a1-4b0f-9db4-95e140e8e0ef

43 B
308 B

92ms
92ms

Image
image/gif

146.20.132.111
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3b0fd566-02a1-4b0f-9db4-95e140e8e0ef
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:49 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3b0fd566-02a1-4b0f-9db4-95e140e8e0ef
date: Wed, 21 Jun 2023 17:03:49 GMT
server: _
content-length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame 1FAF 43 B
308 B 93ms
92ms Image
image/gif 146.20.132.111
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:49 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 1FAF 43 B
308 B 94ms
93ms Image
image/gif 146.20.132.111
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:49 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 1FAF
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3792032271343893360

43 B
308 B

92ms
92ms

Image
image/gif

146.20.132.111
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3792032271343893360
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:49 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3792032271343893360
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:48 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame 1FAF
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=TW1pEDX9XsNcY8UojiLEdCU6Ovg

43 B
308 B

92ms
92ms

Image
image/gif

146.20.132.111
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=TW1pEDX9XsNcY8UojiLEdCU6Ovg
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:49 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=TW1pEDX9XsNcY8UojiLEdCU6Ovg
Date: Wed, 21 Jun 2023 17:03:49 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 95ms
95ms Preflight
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.correiodopovo.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Jun 2023 17:03:49 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame B44C 0
170 B 101ms
101ms XHR
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Wed, 21 Jun 2023 17:03:49 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H3 200 03032023-031531062-1940_500_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png
s0.2mdn.net/4528404/ Frame 58A2 89 KB
89 KB 7ms
7ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031531062-1940_500_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f49cc78249ddb5132767edc0c172fa8f6619918fcc1c09f325fa7776fdce799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=y1rcCyjlwO&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 11:55:18 GMT
x-content-type-options: nosniff
age: 18511
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91120
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 11:55:18 GMT

GET
H2 200 dc_oe=ChMIsruTgOzU_wIVhqH9Bx3AywYJEAAYACCrvfdKQhMI9OPC_-vU_wIVFZ79Bx1bJQxV;stragg=1;&timestamp=1687367029457;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 2EA9 42 B
107 B 44ms
44ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIsruTgOzU_wIVhqH9Bx3AywYJEAAYACCrvfdKQhMI9OPC_-vU_wIVFZ79Bx1bJQxV;stragg=1;&timestamp=1687367029457;str=Show%20Slide%200;strtype=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 03032023-031531062-1940_500_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png
s0.2mdn.net/4528404/ Frame A6A2 89 KB
89 KB 7ms
7ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031531062-1940_500_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f49cc78249ddb5132767edc0c172fa8f6619918fcc1c09f325fa7776fdce799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=QO2mJ3msF6&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 11:55:18 GMT
x-content-type-options: nosniff
age: 18511
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91120
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 11:55:18 GMT

GET
H3 200 dc_oe=ChMIzLSZgOzU_wIVbJL9Bx0r3gv-EAAYACCrvfdKQhMI9-PC_-vU_wIVFZ79Bx1bJQxV;stragg=1;&timestamp=1687367029493;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 6B9E 42 B
63 B 45ms
45ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzLSZgOzU_wIVbJL9Bx0r3gv-EAAYACCrvfdKQhMI9-PC_-vU_wIVFZ79Bx1bJQxV;stragg=1;&timestamp=1687367029493;str=Show%20Slide%200;strtype=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 03032023-031531062-1940_500_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png
s0.2mdn.net/4528404/ Frame 5632 89 KB
89 KB 8ms
8ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031531062-1940_500_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f49cc78249ddb5132767edc0c172fa8f6619918fcc1c09f325fa7776fdce799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=98lqtTCVOC&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 11:55:18 GMT
x-content-type-options: nosniff
age: 18511
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91120
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 11:55:18 GMT

GET
H3 200 dc_oe=ChMIl7uZgOzU_wIVVomDBx1MJACqEAAYACCrvfdKQhMI-OPC_-vU_wIVFZ79Bx1bJQxV;stragg=1;&timestamp=1687367029495;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame C4B6 42 B
63 B 44ms
43ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIl7uZgOzU_wIVVomDBx1MJACqEAAYACCrvfdKQhMI-OPC_-vU_wIVFZ79Bx1bJQxV;stragg=1;&timestamp=1687367029495;str=Show%20Slide%200;strtype=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast.xml Show response
optimized-by.rubiconproject.com/a/api/ 28 B
366 B 202ms
118ms XHR
application/xml 18.194.142.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=416676&zone_id=2350390&size_id=201&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=30&p_aso.video.playbackmethod=2&p_aso.video.api=2&gdpr=&gdpr_consent=&rp_schain=1.0%2C1%21vidoomy.com%2C63943%2C1%2C11061925191807244183748889773,,&tg_c.language=es&width=400&height=225
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.142.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-142-62.eu-central-1.compute.amazonaws.com
Software: nginx/1.21.4 /
Resource Hash: 460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Wed, 17 Sep 1975 21:32:10 GMT
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:49 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.correiodopovo.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 28
x-http2-stream-id: 3549

GET
H2 200 av Show response
vidoomy-d.openx.net/v/1.0/ 48 B
183 B 146ms
108ms XHR
text/xml 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&cb=1717848427&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C63943%2C1%2C18072441837488897731546084082,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:49 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept-Encoding
content-type: text/xml
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 814 B
1 KB 18ms
18ms XHR
application/xml 2.16.202.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C63943%2C1%2C450854041807244183748889773,,&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d8b8ffb2ed949f2ec3126e84eb7c20da59f51f38bf678c3bd72ab8143b7528aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:49 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 814
x-sticky-vk: 1687367029636037-580
Expires: Wed, 21 Jun 2023 17:03:49 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 831 B
1 KB 20ms
20ms XHR
application/xml 2.16.202.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C63943%2C1%2C1807244183748889773179526309%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7808b0a021a846cfe4ef6005d42843e8ac96a956a16a4423134e51f7cd5b81c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:49 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Cneonction: close
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 831
x-sticky-vk: 1687367029615058-603
Expires: Wed, 21 Jun 2023 17:03:49 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 832 B
1 KB 17ms
17ms XHR
application/xml 2.16.202.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C63943%2C1%2C18072441837488897731401043377%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 327f0669540533394b070367fed757e00b3ef7ed5a30a673904861dd219134f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:49 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 832
x-sticky-vk: 1687367029611059-527
Expires: Wed, 21 Jun 2023 17:03:49 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 95ms
95ms Preflight
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.correiodopovo.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Jun 2023 17:03:49 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame B44C 0
170 B 99ms
98ms XHR
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Wed, 21 Jun 2023 17:03:50 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame C2C6 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 vpaid_3bc8d9fc.js Show response
vpaid.springserve.com/production/ Frame F9EA 521 KB
91 KB 8ms
8ms Script
application/javascript 2600:9000:206f:e800:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_3bc8d9fc.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:e800:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fcc64316c5f3a1f5a4adb8183f9bdb4cf1c1e95713781e63c9ae243877f62128

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 15:49:54 GMT
content-encoding: br
via: 1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
last-modified: Tue, 06 Jun 2023 22:03:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 1214035
etag: W/"a29292a78266a1cc6eb74cbf0c848fb0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2678400
x-amz-cf-id: FYErT8NbRTSUzuS6zSzMz7ukReRDF5FqMZw6u-KPgnCkaJJnC8SZNA==

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame F9EA 984 B
851 B 10ms
9ms XHR
application/xml 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367029424,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_3bc8d9fc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 64d41602eee2aa7d37aa60a1bac90f26d56b06d57c09071c36f97f4bf4b2b0b3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:49 GMT
content-encoding: gzip
server: Apache
etag: "23da-5f762218eccb9-gzip"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 609
expires: Wed, 21 Jun 2023 17:03:49 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame B44C 0
170 B 97ms
96ms XHR
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Wed, 21 Jun 2023 17:03:50 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 96ms
95ms Preflight
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.correiodopovo.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Jun 2023 17:03:50 GMT
server: nginx

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame EBC2 159 KB
38 KB 7ms
7ms Script
application/javascript 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367029424,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:50 GMT
content-encoding: gzip
last-modified: Tue, 21 Mar 2023 05:15:25 GMT
server: Apache
etag: "27bcd-5f762218e8e3a-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 38303

GET
H/1.1 200
OK 0d2ab486-745b-45cf-991c-8d91aa3e3e5f Show response
api.soclminer.com.br/v2.1/customers/ 882 B
1 KB 460ms
108ms XHR
application/json 54.172.233.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.soclminer.com.br/v2.1/customers/0d2ab486-745b-45cf-991c-8d91aa3e3e5f?format=json&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&referrer=&paramOnSession=&isMobile=false
Requested by: Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/sdk/all.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.233.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-233-79.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ServiceStack/3,971 Win32NT/.NET, ASP.NET
Resource Hash: 5024e3cca320577600386c33e3642f1dd299181481dfb195f3a21318bcc1b28c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 17:03:49 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ServiceStack/3,971 Win32NT/.NET, ASP.NET
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, JSNLog-RequestId
Content-Length: 882

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame AB0B 39 KB
14 KB 8ms
7ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367029424,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=109376
content-encoding: gzip
content-length: 14445
content-type: text/html
date: Wed, 21 Jun 2023 17:03:50 GMT
expires: Thu, 22 Jun 2023 23:26:46 GMT
last-modified: Tue, 21 Mar 2023 06:09:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame EBC2 39 KB
14 KB 10ms
9ms Script
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367029424,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:50 GMT
content-encoding: gzip
last-modified: Tue, 21 Mar 2023 06:09:28 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=109376
accept-ranges: bytes
content-length: 14445
expires: Thu, 22 Jun 2023 23:26:46 GMT

GET
H3 200 03032023-031531062-1940_500_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png
s0.2mdn.net/4528404/ Frame D278 89 KB
89 KB 10ms
9ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031531062-1940_500_stoerer-gbplus2722f639-478f-4d75-bfc4-f30d15c3fc22.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5358810056708269933/1676550659977.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f49cc78249ddb5132767edc0c172fa8f6619918fcc1c09f325fa7776fdce799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5358810056708269933/index.html?e=69&leftOffset=0&topOffset=0&c=05DiAdvTqZ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 11:55:18 GMT
x-content-type-options: nosniff
age: 18512
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91120
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:15:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 11:55:18 GMT

GET
H3 200 dc_oe=ChMI4P6YgezU_wIVfeARCB3wYACMEAAYACCrvfdKQhMIlNLCgOzU_wIVIov9Bx3RkALz;stragg=1;&timestamp=1687367030087;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame A9D7 42 B
63 B 52ms
47ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI4P6YgezU_wIVfeARCB3wYACMEAAYACCrvfdKQhMIlNLCgOzU_wIVIov9Bx3RkALz;stragg=1;&timestamp=1687367030087;str=Show%20Slide%200;strtype=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame AB0B 2 KB
2 KB 21ms
21ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=43284042&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 8d7b1a3e07ff3f0b915760ae1ac63b8410592bee3a89553a3bf8f73a6423a93b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 21 Jun 2023 17:03:50 GMT
content-length: 1635
content-type: text/html; charset=UTF-8

GET
H2 200 b9pj45k4 Show response
sync-tm.everesttech.net/upi/pid/ Frame 568C 85 B
259 B 97ms
97ms Document
image/png 151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Wed, 21 Jun 2023 17:03:50 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230091-FRA
x-timer: S1687367030.215341,VS0,VE89

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame A033 43 B
283 B 91ms
21ms Document
image/gif 64.95.96.108
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 43
content-type: image/gif
date: Wed, 21 Jun 2023 17:03:50 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-10

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame 1343 43 B
312 B 43ms
15ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Wed, 21 Jun 2023 17:03:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame BF26 0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0ED1
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
74 B

21ms
20ms

Document
text/html

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 21 Jun 2023 17:03:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Wed, 21 Jun 2023 17:03:50 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame D0DD 43 B
279 B 294ms
201ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Wed, 21 Jun 2023 17:03:50 GMT
Vary: Accept-Encoding
X-adserver-worker: komodo-cd427d0a9d88@version_1.556v2
X-core-time: 0ms
X-server-arch: v2

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A721
Redirect Chain

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=CA57F6AE-0E19-4326-BAA9-8F1794321670&gdpr=0&gdpr_consent=

42 B
363 B

26ms
26ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=CA57F6AE-0E19-4326-BAA9-8F1794321670&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 21 Jun 2023 17:03:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 21 Jun 2023 17:03:49 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=CA57F6AE-0E19-4326-BAA9-8F1794321670&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 i.match Show response
a.tribalfusion.com/ Frame BAC5 43 B
641 B 189ms
189ms Document
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7dadd3c2e8a81d8a-FRA
content-length: 43
content-type: image/gif; charset=utf-8
date: Wed, 21 Jun 2023 17:03:50 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame AB0B 0
187 B 42ms
13ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:49 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame AB0B
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c7450c6b-5486-4e5c-b766-34bf5986541f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
95 B

21ms
21ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c7450c6b-5486-4e5c-b766-34bf5986541f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 21 Jun 2023 17:03:48 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c7450c6b-5486-4e5c-b766-34bf5986541f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Wed, 21 Jun 2023 17:03:50 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

POST
H2 204 perf Show response
am-trc-events.taboola.com/correiodopovo/log/3/ 0
252 B 15ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/correiodopovo/log/3/perf?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230620-6-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:50 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
304 B 723ms
422ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.correiodopovo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Date: Wed, 21 Jun 2023 17:03:51 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 crawler.js Show response
static.socialminer.com/customers/0d2ab486-745b-45cf-991c-8d91aa3e3e5f/crawler/ 21 KB
7 KB 69ms
25ms Script
application/javascript 2606:4700:20::ac43:4663
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.socialminer.com/customers/0d2ab486-745b-45cf-991c-8d91aa3e3e5f/crawler/crawler.js
Requested by: Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/sdk/all.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4663 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee35020849ff3b061d9281af944309fa2a45f1c9dd6ed71b0c22849e6e3d2bc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:50 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: H7J29EM47HPCMC2M
age: 13841
x-amz-id-2: zkD3pDgimk1LkRljk0Rw9eUtWcusExKKNWuPc/zHFk5uDiGaN8kXR7VKl5Jtozkb9gLelNVom+c=
last-modified: Tue, 01 Sep 2020 20:51:53 GMT
server: cloudflare
etag: W/"eaa86ce499c35f2a99d1205b9ff2a30b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDdIqQMDtRIQ06Za9iEJmj7C80oOXHYwykfxs%2FVo52hOnn%2BMs%2BNFMCjDMcet5c0hceP4%2F64uKYKBP%2B3%2BDgbpaSAZLSHnLPloKJXGRxMPXN3kUQ7bHjU82LpOL36axnVazsyTraXXpGBxcnFODjF2mduKLIw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7dadd3c51b47bb65-FRA

GET
H2 200 view.min.html Show response
plugins.soclminer.com.br/v3/sdk/tracking/html/ Frame 5D4C 2 KB
1 KB 249ms
248ms Document
text/html 2606:4700:20::ac43:494b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.soclminer.com.br/v3/sdk/tracking/html/view.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&gaEnabled=true&pushNativeEnabled=false&smuid=undefined&v=106&clientId=0cac0779-95ad-4b69-a475-24b14fa669b1&sessionHash=d9c1230c50c5a1920088fb5b1943c767f3c4d574
Requested by: Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/sdk/all.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:494b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a3391f6cdf18fd1fd8b39994ef4ed0d2583f56a6210624d1cf48a4ef606ba6

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
cf-cache-status: MISS
cf-ray: 7dadd3c4de11364b-FRA
content-encoding: br
content-type: text/html
date: Wed, 21 Jun 2023 17:03:50 GMT
last-modified: Wed, 25 Apr 2018 19:55:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m91xKowsASnWmFgGAVCj9bbkX6O%2Fuzsiecwkr5tApw3MWHT6p98%2FXE64Dg302lqv5%2FlBPb0qyIlQgbceGyoSCSi9z7t2E%2B6Nb7k6lertwMvMP7a08GqBp42feOEdH%2B2nz%2BUWfeqZveG4Q64cMQK56Z150ZnYuA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-amz-id-2: nnVMgy+J1iPbSHtbcIJOEOcoVVfYkG1L5p/B4xa7TcvkMI1wIcpwRTiLZe7j1TGoShA39At/pB4=
x-amz-request-id: YVMSQ09HHX1FNS2P

GET
H2

200

default.js Show response
static.socialminer.com/custom/
Redirect Chain

https://static.socialminer.com/custom/0d2ab486745b45cf991c8d91aa3e3e5f/custom.js
https://static.socialminer.com/custom/default.js

0
418 B

15ms
15ms

Script
application/javascript

2606:4700:20::ac43:4663
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.socialminer.com/custom/default.js
Protocol: H2
Server: 2606:4700:20::ac43:4663 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:50 GMT
x-amz-version-id: null
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 03DX63CCEHYQKCJ9
age: 15539
content-length: 0
x-amz-id-2: Rn4xMObPvpmdunrJHuNHswHKvtFyDAL+H2ieWecirzi8kq2mcO/CxrKy1dYIcDTSIukDe+O3f+c=
last-modified: Mon, 27 Jan 2020 21:15:06 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JFtjx1XCBQi%2BVjqSpaLiQMb3JMz8uwVSE7BdyoVvD4isGqCCaBnVSmxiKgZ0by%2BnwaWDw9M91jMjEw51suZ9gpd6QnXT7UUY2J66g38btmDGCdss5zL3WrTZiUt3h%2FpHRx47FVMLJLO%2Fc%2BPVSrfth3TB%2BHk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7dadd3c53b60bb65-FRA

Redirect headers

date: Wed, 21 Jun 2023 17:03:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: ESKKY05MPSP5TN26
age: 11644
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NF0sjDUC2jloorsqBQfIAfLxMu1yjpThQb%2FFW%2FRp%2Fpl3oD1IOLEHMrv4njyNRV2%2ByI%2BjmUyat9F4MFz%2FZ1kQzgcjjFNOwNDziIJdfQdSqggSbMfE9Yupa3dV0qN8N1TYqo%2BnMJkDskALlYtLGFbwaUo3vY%3D"}],"group":"cf-nel","max_age":604800}
location: https://static.socialminer.com/custom/default.js
cache-control: max-age=86400
cf-ray: 7dadd3c51b49bb65-FRA
content-length: 0
x-amz-id-2: qaleShgXwp5EoiIaNNHnofMBrxte8zXGB3CY4/2dcofr3cUp8fY+jeXJFmpXzGLdcGq0qdYvgJQ=

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame EBC2 27 B
360 B 88ms
87ms XHR
application/xml 198.47.127.206
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367029424,,&us_privacy=&cb=1687367030073&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.correiodopovo.com.br%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.correiodopovo.com.br%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2023-6-21%2017:3:50&ranreq=0.7550267128007826&timezone=0&sua_br=[]&sua_mob=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367029424,,
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.206 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:50 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.correiodopovo.com.br
content-type: application/xml; charset=utf-8
x-vdbg: 1:0/165:-1
access-control-allow-credentials: true
cache-control: no-store, no-cache, private

GET
H2 200 track
st.pubmatic.com/ Frame EBC2 0
49 B 20ms
20ms Image
text/plain 185.64.190.89
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1687367031&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 track
st.pubmatic.com/ Frame F9EA 0
49 B 20ms
19ms Image
text/plain 185.64.190.89
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1687367029&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 i
vid-io-sin.springserve.com/vd/ Frame F9EA 43 B
205 B 208ms
207ms Image
image/gif 18.138.182.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-sin.springserve.com/vd/i?suuid=c3565900&ps_id=356921&event=js_opportunity&time_on_page=0&num_bq_pt=1&num_dt_pt=1&timestamp=1687367030693&ip=146.20.128.111&_disyn=1&ssid=d0e99f4e-4cb0-46c0-aff5-6a779f410922.1687367029424&uuid=c3565900-e427-40d9-8272-eb0f944f7c47&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&did=ad481023-557a-5df1-f3ed-3d7d73eb0a92&_rcc=bs.111772_vp.110514&d=correiodopovo.com.br&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&a_cc=s.356921&d_m=www.correiodopovo.com.br&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=9837948
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.138.182.210 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-138-182-210.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 17:03:50 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 i
vid-io-dub.springserve.com/vd/ Frame F9EA 43 B
206 B 120ms
31ms Image
image/gif 54.77.72.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-dub.springserve.com/vd/i?suuid=c3565900&ps_id=356921&event=cm_js_demand_req_resp&a_cc=s.356921-d.437974&dtidx=1&cc_i=0&response_time=111&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=1&timestamp=1687367030693&ip=146.20.128.111&_disyn=1&ssid=d0e99f4e-4cb0-46c0-aff5-6a779f410922.1687367029424&uuid=c3565900-e427-40d9-8272-eb0f944f7c47&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&did=ad481023-557a-5df1-f3ed-3d7d73eb0a92&_rcc=bs.111772_vp.110514&d=correiodopovo.com.br&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=www.correiodopovo.com.br&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=6199704
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.72.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-72-186.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 17:03:50 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 i
vid-io-dub.springserve.com/vd/ Frame F9EA 43 B
205 B 121ms
31ms Image
image/gif 54.77.72.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-dub.springserve.com/vd/i?suuid=c3565900&ps_id=356921&event=js_demand_opportunity&a_cc=s.356921-d.437974&dtidx=1&cc_i=0&response_time=0&creative_type=JS_VPAID&_t1=1&timestamp=1687367030693&ip=146.20.128.111&_disyn=1&ssid=d0e99f4e-4cb0-46c0-aff5-6a779f410922.1687367029424&uuid=c3565900-e427-40d9-8272-eb0f944f7c47&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&did=ad481023-557a-5df1-f3ed-3d7d73eb0a92&_rcc=bs.111772_vp.110514&d=correiodopovo.com.br&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=www.correiodopovo.com.br&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=5231279
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.72.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-72-186.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 17:03:50 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 i
vid-io-cle.springserve.com/vd/ Frame F9EA 43 B
205 B 169ms
168ms Image
image/gif 35.160.227.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-cle.springserve.com/vd/i?suuid=c3565900&ps_id=356921&event=js_demand_error&a_cc=s.356921-d.437974&dtidx=1&cc_i=0&response_time=651&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=1&timestamp=1687367030693&ip=146.20.128.111&_disyn=1&ssid=d0e99f4e-4cb0-46c0-aff5-6a779f410922.1687367029424&uuid=c3565900-e427-40d9-8272-eb0f944f7c47&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&did=ad481023-557a-5df1-f3ed-3d7d73eb0a92&_rcc=bs.111772_vp.110514&d=correiodopovo.com.br&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=www.correiodopovo.com.br&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=6929046
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.160.227.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-227-216.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 17:03:50 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 i
vid-io-iad.springserve.com/vd/ Frame F9EA 43 B
205 B 101ms
100ms Image
image/gif 54.205.191.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-iad.springserve.com/vd/i?suuid=c3565900&ps_id=356921&event=js_supply_error&time_on_page=764&reason=NO_FILL&timeout=false&timestamp=1687367030693&ip=146.20.128.111&_disyn=1&ssid=d0e99f4e-4cb0-46c0-aff5-6a779f410922.1687367029424&uuid=c3565900-e427-40d9-8272-eb0f944f7c47&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&did=ad481023-557a-5df1-f3ed-3d7d73eb0a92&_rcc=bs.111772_vp.110514&d=correiodopovo.com.br&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&a_cc=s.356921&d_m=www.correiodopovo.com.br&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=8118517
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-191-114.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 17:03:50 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 pajs.min.js Show response
plugins.soclminer.com.br/v3/assets/js/ Frame 5D4C 6 KB
2 KB 19ms
19ms Script
application/x-javascript 2606:4700:20::ac43:494b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.soclminer.com.br/v3/assets/js/pajs.min.js
Requested by: Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/sdk/tracking/html/view.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&gaEnabled=true&pushNativeEnabled=false&smuid=undefined&v=106&clientId=0cac0779-95ad-4b69-a475-24b14fa669b1&sessionHash=d9c1230c50c5a1920088fb5b1943c767f3c4d574
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:494b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be97ade1a009ba58f04b22da4007db70e29ad3ecc437bede28f13a2481bc5536

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plugins.soclminer.com.br/v3/sdk/tracking/html/view.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&gaEnabled=true&pushNativeEnabled=false&smuid=undefined&v=106&clientId=0cac0779-95ad-4b69-a475-24b14fa669b1&sessionHash=d9c1230c50c5a1920088fb5b1943c767f3c4d574
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 28 Oct 2016 14:27:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: 8Z5GWZHNNVS5E0CM
age: 23248
etag: W/"7002afde1f637ef2c8b0b1387791814e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lplkfnvHzNu4k%2FXzuKxVPkzpvFTS3kXrAWBHyvQcNCz%2FPMxZx1t6SEr3XpQwWTLbywOng1QROD0YfpuESsi9subm8RppqmclPaLrMNp5YnL1sUrssNGrBEnKSZl8P%2BHRGG9rBuBkCwR7nut093JAwRs9muRpWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
cf-ray: 7dadd3c67804364b-FRA
x-amz-id-2: UD2N+TO1qByOUL/uvdApZJQsExk6HLWcmkUCl3hGLRHP/zD1PJz9IW944cWHIwBcqbbNro99srs=

GET
H2 200 all.min.js Show response
plugins.soclminer.com.br/v3/sdk/ Frame 5D4C 236 KB
75 KB 25ms
24ms Script
application/javascript 2606:4700:20::ac43:494b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.soclminer.com.br/v3/sdk/all.min.js
Requested by: Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/sdk/tracking/html/view.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&gaEnabled=true&pushNativeEnabled=false&smuid=undefined&v=106&clientId=0cac0779-95ad-4b69-a475-24b14fa669b1&sessionHash=d9c1230c50c5a1920088fb5b1943c767f3c4d574
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:494b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6c906925b8d82d84cb2cfa4adc4caac30c7f7d012419e13641be6d141be94c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plugins.soclminer.com.br/v3/sdk/tracking/html/view.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&gaEnabled=true&pushNativeEnabled=false&smuid=undefined&v=106&clientId=0cac0779-95ad-4b69-a475-24b14fa669b1&sessionHash=d9c1230c50c5a1920088fb5b1943c767f3c4d574
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Mar 2023 21:16:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: 2GV2MPWVZ6PMSJJ2
age: 25379
etag: W/"14615e7516405fbac150b0ce881e46c1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2F9quiktBr4bn4UF3Vm3fuPc0AJ3DJvqR7zhrRjfUjJVkbIu7DK00CEaTuIBx%2BGUwmoL1JIBDCXyo6FcdzR5uPVt935Ht8EskYSM3z%2B%2BN4ZMADnuq4qYW3jA5c5C07Xr2Vpd9irb4H1CeKHteG2RvJD2IPwikg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7dadd3c67808364b-FRA
x-amz-id-2: rovMGjSaNKeJarKLRMAMchQwwg0wKFeCBuGDrBiOhaAYH2l8Lva2wP7kR32PxJbVlIduC1T6NRw=

GET
H2 200 vpaid_3bc8d9fc.js Show response
vpaid.springserve.com/production/ Frame 17BD 521 KB
91 KB 30ms
10ms Script
application/javascript 2600:9000:206f:e800:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_3bc8d9fc.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:e800:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fcc64316c5f3a1f5a4adb8183f9bdb4cf1c1e95713781e63c9ae243877f62128

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 15:49:54 GMT
content-encoding: br
via: 1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
last-modified: Tue, 06 Jun 2023 22:03:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 1214036
etag: W/"a29292a78266a1cc6eb74cbf0c848fb0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2678400
x-amz-cf-id: We0amephudTYNZhaXXoYrWq602La_e27JnpAyfU04imG4cw27lvzBw==

POST
H2 200 t Show response
t.lkqd.net/ Frame B44C 0
170 B 98ms
97ms XHR
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Wed, 21 Jun 2023 17:03:51 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 96ms
96ms Preflight
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.correiodopovo.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Jun 2023 17:03:51 GMT
server: nginx

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 17BD 984 B
851 B 17ms
5ms XHR
application/xml 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367029424,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_3bc8d9fc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 97c982c685bffd399186a8b168d5da818f4c9a34e3b7cd465ccebda48444894f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:51 GMT
content-encoding: gzip
server: Apache
etag: "23da-5f762218eccb9-gzip"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 610
expires: Wed, 21 Jun 2023 17:03:51 GMT

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame D2C0 159 KB
38 KB 12ms
12ms Script
application/javascript 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367029424,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:51 GMT
content-encoding: gzip
last-modified: Tue, 21 Mar 2023 05:15:25 GMT
server: Apache
etag: "27bcd-5f762218e8e3a-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 38303

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame F28F 39 KB
14 KB 13ms
13ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367029424,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=109375
content-encoding: gzip
content-length: 14445
content-type: text/html
date: Wed, 21 Jun 2023 17:03:51 GMT
expires: Thu, 22 Jun 2023 23:26:46 GMT
last-modified: Tue, 21 Mar 2023 06:09:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame D2C0 39 KB
14 KB 13ms
13ms Script
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367029424,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:51 GMT
content-encoding: gzip
last-modified: Tue, 21 Mar 2023 06:09:28 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=109375
accept-ranges: bytes
content-length: 14445
expires: Thu, 22 Jun 2023 23:26:46 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame F28F 809 B
1 KB 21ms
21ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=99319760&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 17feceb42ef4b48f790946784ac7643a607ee672fb3aee094550142510d7645b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 21 Jun 2023 17:03:50 GMT
content-length: 809
content-type: text/html; charset=UTF-8

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 4CFE
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhQQnWYnhWYVSSgRQ&gdpr=0&gdpr_consent=

42 B
281 B

14ms
14ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhQQnWYnhWYVSSgRQ&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 21 Jun 2023 17:03:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhQQnWYnhWYVSSgRQ&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame EE16
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://ad.turn.com/r/cs?pid=45&rndcb=765628785
https://sync.1rx.io/usersync/turn/3792032271343893360?dspret=1&gdpr=0&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-ec8a09f1-09fe-47dc-8deb-60a9efac3cb2-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ec8a09f1-09fe-47dc-8deb-60a9efac3cb2-003

42 B
332 B

29ms
28ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ec8a09f1-09fe-47dc-8deb-60a9efac3cb2-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 21 Jun 2023 17:03:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-type: text/html
date: Wed, 21 Jun 2023 17:03:51 GMT
etag: RXec8a09f109fe47dc8deb60a9efac3cb2003
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ec8a09f1-09fe-47dc-8deb-60a9efac3cb2-003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame A8B1 0
0 66ms
15ms Document
text/plain 162.55.120.196

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

162.55.120.196 -, , ASN (),

Reverse DNS

Software

nginx/1.23.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Date: Wed, 21 Jun 2023 17:03:51 GMT
Server: nginx/1.23.3
Strict-Transport-Security: max-age=15768000

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 01FB
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D591207245924888BE3C3131620A3141&gdpr=0&gdpr_consent=

1 B
53 B

20ms
20ms

Document
text/html

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D591207245924888BE3C3131620A3141&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Wed, 21 Jun 2023 17:03:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Wed, 21 Jun 2023 17:03:51 GMT
expires: Tue, 20 Jun 2023 17:03:51 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D591207245924888BE3C3131620A3141&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame F28F
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5589260742170955798

42 B
95 B

21ms
20ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5589260742170955798
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 21 Jun 2023 17:03:51 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 21 Jun 2023 17:03:51 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.248; 37.58.58.248; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 3ed28dc5-b225-49ad-a02c-411ec84fd59d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5589260742170955798
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 index.min.html Show response
correiodopovo.soclminer.com.br/00000000000000000000000000000000/ Frame 11D5 1 KB
868 B 35ms
23ms Document
text/html 2606:4700:20::ac43:494b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodopovo.soclminer.com.br/00000000000000000000000000000000/index.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&name=Correio%20do%20Povo&pluginId=00000000000000000000000000000000&version=0&dns=correiodopovo&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&hasOptIn=false&isMobile=false&gaEnabled=true&googleApp=2
Requested by: Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/sdk/all.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:494b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4217f2c8e10b25a869b1a649dd5b15ca1fe010e85a912f6095a130a4606ea55

Request headers

Referer: https://www.correiodopovo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21517
cache-control: max-age=86400
cf-cache-status: HIT
cf-ray: 7dadd3cb2d2c364b-FRA
content-encoding: br
content-type: text/html
date: Wed, 21 Jun 2023 17:03:51 GMT
last-modified: Wed, 07 Oct 2020 13:58:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLyoEJyrU3X1DYmR9YpA4CpEeV0n9eY3XjimY8PWgkayPafiU%2Bb7vxtrr3AbhftOiQUtINUML6GHZ2u6lVQxIXGadNwCTnag8Z2j7669YQQ9NB9dqcpFSUfqlaXcAKPQMkn04uiWPH7KT6%2Bda0Jr0B8W0d%2BqkTzl5uTncA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-amz-id-2: OiVX5qWb3i0JocW5SMUkZYvO5DfHZxierzPmoUUw4ulrOmFKUFdUOk92o4yO+aC/M7qdjdFC+SA=
x-amz-request-id: RM4YJHSK418V8KFB

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame D2C0 27 B
360 B 131ms
130ms XHR
application/xml 198.47.127.206
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367029424,,&us_privacy=&cb=1687367031110&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.correiodopovo.com.br%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.correiodopovo.com.br%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2023-6-21%2017:3:51&ranreq=0.5379975669285659&timezone=0&sua_br=[]&sua_mob=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&schain=1.0,1!vidoomy.com,63943,1,1687367029424,,
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.206 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:51 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.correiodopovo.com.br
content-type: application/xml; charset=utf-8
x-vdbg: 1:0/165:-1
access-control-allow-credentials: true
cache-control: no-store, no-cache, private

GET
H2 200 all.min.js Show response
plugins.soclminer.com.br/v3/sdk/ Frame 11D5 236 KB
75 KB 24ms
24ms Script
application/javascript 2606:4700:20::ac43:494b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.soclminer.com.br/v3/sdk/all.min.js
Requested by: Host: correiodopovo.soclminer.com.br
URL: https://correiodopovo.soclminer.com.br/00000000000000000000000000000000/index.min.html?appId=623820585193456&id=0d2ab486745b45cf991c8d91aa3e3e5f&name=Correio%20do%20Povo&pluginId=00000000000000000000000000000000&version=0&dns=correiodopovo&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&hasOptIn=false&isMobile=false&gaEnabled=true&googleApp=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:494b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6c906925b8d82d84cb2cfa4adc4caac30c7f7d012419e13641be6d141be94c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://correiodopovo.soclminer.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Mar 2023 21:16:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: 2GV2MPWVZ6PMSJJ2
age: 25380
etag: W/"14615e7516405fbac150b0ce881e46c1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmogUjXGp6DRoF1%2BO0mKAbgggSN3fAlUCJkS0PcoZxL2U5%2BcCliNRMWYFfRG%2FNQSHlq%2F6DQZTgenCXBDoQ6JU0ag9tsM%2FHt2zg3KSKxnBJKcohWY81JHF3Yhrn4Ei3a%2FqBEi3IpoWsxUg35cb0cOOy7%2Bng4zug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7dadd3ccdf97364b-FRA
x-amz-id-2: rovMGjSaNKeJarKLRMAMchQwwg0wKFeCBuGDrBiOhaAYH2l8Lva2wP7kR32PxJbVlIduC1T6NRw=

GET
H2 200 track
st.pubmatic.com/ Frame D2C0 0
49 B 19ms
19ms Image
text/plain 185.64.190.89
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1687367032&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 track
st.pubmatic.com/ Frame 17BD 0
49 B 21ms
19ms Image
text/plain 185.64.190.89
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1687367031&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 21 Jun 2023 17:03:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 i
vid-io-dub.springserve.com/vd/ Frame 17BD 43 B
205 B 32ms
30ms Image
image/gif 54.77.72.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-dub.springserve.com/vd/i?suuid=ffae5257&ps_id=356921&event=js_opportunity&time_on_page=1&num_bq_pt=1&num_dt_pt=1&timestamp=1687367031956&ip=146.20.128.111&_disyn=1&ssid=83263722-8e6c-4fd9-a02d-03a50f13bcd7.1687367029424&uuid=ffae5257-c303-47a2-8f15-87ed457b0b80&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&did=ad481023-557a-5df1-f3ed-3d7d73eb0a92&_rcc=bs.111772_vp.110514&d=correiodopovo.com.br&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&a_cc=s.356921&d_m=www.correiodopovo.com.br&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=8764069
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.72.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-72-186.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 17:03:51 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 i
vid-io-dub.springserve.com/vd/ Frame 17BD 43 B
205 B 32ms
31ms Image
image/gif 54.77.72.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-dub.springserve.com/vd/i?suuid=ffae5257&ps_id=356921&event=cm_js_demand_req_resp&a_cc=s.356921-d.437974&dtidx=1&cc_i=0&response_time=20&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=1&timestamp=1687367031956&ip=146.20.128.111&_disyn=1&ssid=83263722-8e6c-4fd9-a02d-03a50f13bcd7.1687367029424&uuid=ffae5257-c303-47a2-8f15-87ed457b0b80&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&did=ad481023-557a-5df1-f3ed-3d7d73eb0a92&_rcc=bs.111772_vp.110514&d=correiodopovo.com.br&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=www.correiodopovo.com.br&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=5021240
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.72.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-72-186.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 17:03:51 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 i
vid-io-dub.springserve.com/vd/ Frame 17BD 43 B
205 B 33ms
32ms Image
image/gif 54.77.72.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-dub.springserve.com/vd/i?suuid=ffae5257&ps_id=356921&event=js_demand_opportunity&a_cc=s.356921-d.437974&dtidx=1&cc_i=0&response_time=0&creative_type=JS_VPAID&_t1=1&timestamp=1687367031956&ip=146.20.128.111&_disyn=1&ssid=83263722-8e6c-4fd9-a02d-03a50f13bcd7.1687367029424&uuid=ffae5257-c303-47a2-8f15-87ed457b0b80&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&did=ad481023-557a-5df1-f3ed-3d7d73eb0a92&_rcc=bs.111772_vp.110514&d=correiodopovo.com.br&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=www.correiodopovo.com.br&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=5702066
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.72.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-72-186.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 17:03:51 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 i
vid-io-iad.springserve.com/vd/ Frame 17BD 43 B
205 B 107ms
105ms Image
image/gif 54.205.191.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-iad.springserve.com/vd/i?suuid=ffae5257&ps_id=356921&event=js_demand_error&a_cc=s.356921-d.437974&dtidx=1&cc_i=0&response_time=875&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=1&timestamp=1687367031956&ip=146.20.128.111&_disyn=1&ssid=83263722-8e6c-4fd9-a02d-03a50f13bcd7.1687367029424&uuid=ffae5257-c303-47a2-8f15-87ed457b0b80&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&did=ad481023-557a-5df1-f3ed-3d7d73eb0a92&_rcc=bs.111772_vp.110514&d=correiodopovo.com.br&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&d_m=www.correiodopovo.com.br&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=2262774
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-191-114.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 17:03:52 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 i
vid-io-dub.springserve.com/vd/ Frame 17BD 43 B
205 B 32ms
31ms Image
image/gif 54.77.72.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-dub.springserve.com/vd/i?suuid=ffae5257&ps_id=356921&event=js_supply_error&time_on_page=897&reason=NO_FILL&timeout=false&timestamp=1687367031956&ip=146.20.128.111&_disyn=1&ssid=83263722-8e6c-4fd9-a02d-03a50f13bcd7.1687367029424&uuid=ffae5257-c303-47a2-8f15-87ed457b0b80&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&did=ad481023-557a-5df1-f3ed-3d7d73eb0a92&_rcc=bs.111772_vp.110514&d=correiodopovo.com.br&w=400&h=225&cc=US&dtnum=1&ss_region=pdx&a_cc=s.356921&d_m=www.correiodopovo.com.br&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=9891375
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.72.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-72-186.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 21 Jun 2023 17:03:51 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame CA10 443 KB
113 KB 12ms
12ms Script
application/x-javascript 2600:9000:223d:c400:19:c363:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:c400:19:c363:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 3775b2253694eeaf0214b74d44e271c33bb635a547c1e2c95a48285bac8ed152

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 00:30:23 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-cache-status: MISS
x-cache: Hit from cloudfront
last-modified: Wed, 26 Apr 2023 15:08:54 GMT
server: CloudFront
etag: W/"64493e86-6ea45"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-cf-id: 03ZtDjdmUYJQbh0OSRB4uwQecED4rob9TJSLc9E___o9Tl1ibABfoQ==
expires: Thu, 22 Jun 2023 00:30:23 GMT

GET
H2 200 bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame CA10 25 KB
25 KB 12ms
11ms XHR
application/octet-stream 2600:9000:223d:c400:19:c363:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1687367032116
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:c400:19:c363:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 04:08:40 GMT
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-cache-status: MISS
x-cache: Hit from cloudfront
content-length: 25600
last-modified: Wed, 26 Apr 2023 15:08:54 GMT
server: CloudFront
etag: "64493e86-6400"
content-type: application/octet-stream
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: 1K0WH1YUp3e55k3-cBSfq0dzImCKLTVYZteilDiL3gfl5rxrJ5k_WA==
expires: Thu, 22 Jun 2023 04:08:40 GMT

GET auto-user-sync
ads.stickyadstv.com/ Frame CA10 0
0

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
517 B 38ms
38ms Image
image/gif 2.16.202.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:52 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1687367032077061-511
Expires: Wed, 21 Jun 2023 17:03:52 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame CA10 301 B
659 B 24ms
24ms XHR
text/xml 2.16.202.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fwww.correiodopovo.com.br%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:52 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1687367032097066-566
Expires: Wed, 21 Jun 2023 17:03:52 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame CA10 67 B
469 B 56ms
56ms XHR
application/xml 2.16.202.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C63943%2C1%2C450854041807244183748889773%2C%2C&_fw_gdpr_consent=&vav=93a0344eeeeeac44cfc95aa67fc548ce&vaviv=d3a3078f41cca81931d17a291ba15a9e&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.7.0&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.correiodopovo.com.br%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:52 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1687367032157001-546
Expires: Wed, 21 Jun 2023 17:03:52 GMT

GET user-matching
ads.stickyadstv.com/ Frame CA10 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MjU2OTljY2EzOTgyMDEyM2Q3MmE3ZTYyYTViYmEy&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MjU2OTljY2EzOTgyMDEyM2Q3MmE3ZTYyYTViYmEy&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:52 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MjU2OTljY2EzOTgyMDEyM2Q3MmE3ZTYyYTViYmEy&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1687367032113075-584
Expires: Wed, 21 Jun 2023 17:03:52 GMT

GET user-matching
ads.stickyadstv.com/ Frame CA10 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=70e2c0ff2fbeedce3a7d9afe55f236&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

43 B
479 B

119ms
119ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=70e2c0ff2fbeedce3a7d9afe55f236&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:52 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RWZ183BN8H5T9BCNP22P
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:52 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=70e2c0ff2fbeedce3a7d9afe55f236&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1687367032106079-590
Expires: Wed, 21 Jun 2023 17:03:52 GMT

GET
H2 200 vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame D831 443 KB
113 KB 10ms
9ms Script
application/x-javascript 2600:9000:223d:c400:19:c363:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:c400:19:c363:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 3775b2253694eeaf0214b74d44e271c33bb635a547c1e2c95a48285bac8ed152

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 00:30:23 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-cache-status: MISS
x-cache: Hit from cloudfront
last-modified: Wed, 26 Apr 2023 15:08:54 GMT
server: CloudFront
etag: W/"64493e86-6ea45"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-cf-id: z9oEM9SdRLAuZIsoP8dfqyYEIKfR6rEKgMiXPMvMfdkU9dYQ7VBLbg==
expires: Thu, 22 Jun 2023 00:30:23 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 95ms
95ms Preflight
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.correiodopovo.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Jun 2023 17:03:52 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame B44C 0
170 B 97ms
97ms XHR
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Wed, 21 Jun 2023 17:03:52 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame D831 25 KB
25 KB 14ms
14ms XHR
application/octet-stream 2600:9000:223d:c400:19:c363:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1687367032231
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:c400:19:c363:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 04:08:40 GMT
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-cache-status: MISS
x-cache: Hit from cloudfront
content-length: 25600
last-modified: Wed, 26 Apr 2023 15:08:54 GMT
server: CloudFront
etag: "64493e86-6400"
content-type: application/octet-stream
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: Jv8t9WoK939js6k-LcpMEPwPS2w5sfxDb6_RrG8avrFh-gtkMh0ERw==
expires: Thu, 22 Jun 2023 04:08:40 GMT

GET auto-user-sync
ads.stickyadstv.com/ Frame D831 0
0

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
518 B 18ms
18ms Image
image/gif 2.16.202.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:52 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1687367032230008-521
Expires: Wed, 21 Jun 2023 17:03:52 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame D831 301 B
659 B 20ms
20ms XHR
text/xml 2.16.202.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fwww.correiodopovo.com.br%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:52 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1687367032220060-516
Expires: Wed, 21 Jun 2023 17:03:52 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame D831 67 B
469 B 51ms
51ms XHR
application/xml 2.16.202.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C63943%2C1%2C1807244183748889773179526309%2C%2C&_fw_gdpr_consent=&vav=dd99f3620af64f39e4b5e702eb508702&vaviv=1c71009680a6258b2034ad3478824022&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.7.0&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.correiodopovo.com.br%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:52 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1687367032239028-595
Expires: Wed, 21 Jun 2023 17:03:52 GMT

GET user-matching
ads.stickyadstv.com/ Frame D831 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=Mjg2MDMyZTVkZjFiZDFhOTZkYjcyMzU2NDRjOTc0Mw==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=Mjg2MDMyZTVkZjFiZDFhOTZkYjcyMzU2NDRjOTc0Mw==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 17:03:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:52 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=Mjg2MDMyZTVkZjFiZDFhOTZkYjcyMzU2NDRjOTc0Mw==&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1687367032242042-579
Expires: Wed, 21 Jun 2023 17:03:52 GMT

GET user-matching
ads.stickyadstv.com/ Frame D831 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=d9c2847dd5f4bdc4809181c56a9ee957&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

43 B
479 B

129ms
116ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=d9c2847dd5f4bdc4809181c56a9ee957&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:52 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 77E3B6NWWNAAVSKJJ51A
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 17:03:52 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=d9c2847dd5f4bdc4809181c56a9ee957&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1687367032237081-575
Expires: Wed, 21 Jun 2023 17:03:52 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 95ms
95ms Preflight
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.correiodopovo.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Jun 2023 17:03:52 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame B44C 0
170 B 97ms
96ms XHR
text/plain 146.20.132.167
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.167 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Wed, 21 Jun 2023 17:03:52 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H3 200 7985a8fae9d997cd9a63e225431a4af3.png
s0.2mdn.net/sadbundle/7574746098446268149/media/ Frame 7D5D 16 KB
16 KB 7ms
7ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7574746098446268149/media/7985a8fae9d997cd9a63e225431a4af3.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29943d672e2751b1ae9026caa3a7376157b88340b62cd40bc2c62d39c52ad635

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7574746098446268149/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 05:36:44 GMT
x-content-type-options: nosniff
age: 41228
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15949
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 15:49:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jun 2024 05:36:44 GMT

GET
H2 200 ad Show response
v.lkqd.net/ Frame 4601 2 KB
2 KB 98ms
98ms XHR
application/xml 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1180144&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63943%2C1%2C&c4=true&c5=&c6=63943&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=43191907&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3dc940e1e8941a2b95f07719a2243ab472affc7327fe0cb72f53710cbd8c651

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:52 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1418

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 5D4C 3 KB
2 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: plugins.soclminer.com.br
URL: https://plugins.soclminer.com.br/v3/sdk/all.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5378cdcad7b920a5ab73d5bf1ccf7b764042c37f4c064367b352b3fe1f8c25b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plugins.soclminer.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Jun 2023 17:03:52 GMT
content-md5: SYqb+tW5yH5LSErMqweg8Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-debug: xpbtPZUZkCeVQDK1wskzr79P1FZQcv6AyMCDW2ecyGaZWRl5kXxSz5VqE1e814cBpdl9AASODTkT6Xe0ER+BUQ==
x-fb-content-md5: f2edc8932c57ace2bc89cb2a40dc220b
cross-origin-opener-policy: same-origin-allow-popups
etag: "ccab8aeaa818adbd78fbd3bfeff6b42c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 21 Jun 2023 17:20:30 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 5D4C 301 KB
85 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=778d486ce8428b3c8cfda6a00124778a

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e10903b1e36b3713d8272128121e7453439c89947befd7869b479b3090990ada

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://plugins.soclminer.com.br/
Origin: https://plugins.soclminer.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Jun 2023 17:03:52 GMT
content-md5: Tkv0MVFnHAZi4Fs3o6rrdg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87248
x-fb-debug: 8bPmpDbXicx/zg7bSUp6wN077tutxvClbSHKvNarTBKwaN/nvP7j1hYyhbfJDga4MCxame+bwye0lyQFzkkfjQ==
x-fb-content-md5: 11c0c4e7da42e3f8fb47d6a987c16106
cross-origin-opener-policy: same-origin-allow-popups
etag: "f6c62b01d994a24537ea1f0e6ae23129"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 20 Jun 2024 15:40:06 GMT

GET
H3 200 status
www.facebook.com/x/oauth/ Frame 5D4C 0
0 37ms
37ms Fetch
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fwww.correiodopovo.com.br&client_id=623820585193456&input_token&origin=1&redirect_uri=https%3A%2F%2Fplugins.soclminer.com.br%2Fv3%2Fsdk%2Ftracking%2Fhtml%2Fview.min.html%3FappId%3D623820585193456%26id%3D0d2ab486745b45cf991c8d91aa3e3e5f%26gaEnabled%3Dtrue%26pushNativeEnabled%3Dfalse%26smuid%3Dundefined%26v%3D106%26clientId%3D0cac0779-95ad-4b69-a475-24b14fa669b1%26sessionHash%3Dd9c1230c50c5a1920088fb5b1943c767f3c4d574&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=778d486ce8428b3c8cfda6a00124778a

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://plugins.soclminer.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Wed, 21 Jun 2023 17:03:52 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
x-fb-debug: Yi62/r/M1Gq40ot8zjbtjsSz0B3SurZDilMdyaGto8msOH9f3588uxc9JQSJ2vfLcjdNwqRICcfHui1NcaujAQ==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://plugins.soclminer.com.br
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame E944 230 KB
61 KB 12ms
11ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:52 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 21:01:07 GMT
etag: "88ca76abee51b1544e17b021f04aaaed"
x-hw: 1687367032.cds231.fr8.hn,1687367032.cds333.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62021

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 0BAE 4 KB
2 KB 12ms
11ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Wed, 21 Jun 2023 17:03:52 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1687367032.cds231.fr8.hn,1687367032.cds288.fr8.c

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 102ms
102ms Preflight 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1180144&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63943%2C1%2C&c4=true&c5=&c6=63943&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=43191907&m=&rtv=1&thost=www.correiodopovo.com.br
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.correiodopovo.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
date: Wed, 21 Jun 2023 17:03:53 GMT
server: nginx

POST ad
v.lkqd.net/ Frame E944 0
0

GET

cs
cs.lkqd.net/ Frame 0BAE
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3b0fd566-02a1-4b0f-9db4-95e140e8e0ef

0
0

GET
H2 200 cs
cs.lkqd.net/ Frame 0BAE 43 B
308 B 96ms
95ms Image
image/gif 146.20.132.111
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:53 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 0BAE 43 B
308 B 97ms
96ms Image
image/gif 146.20.132.111
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.111 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:03:53 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET

cs
cs.lkqd.net/ Frame 0BAE
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3792032271343893360

0
0

GET sync
sync.srv.stackadapt.com/ Frame 0BAE 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwviimws6y95H79MmvdVl2lGj4XUvJElVaZLWAbMmadFUMmz7PLRAapoDdMXwSDm8F616cc_M_rcWY6PAqiocF8oyB6rnSWvOtHGGPjk5fd8Msbvaa30RM4Sw2LCldjMWbBU9TvS6VJOzt53hCbWHe6Yqm7hu712WAdFE4FtOeCA2k34Jh7QCTpvwpzH6E7UrkYW218XRhL3PSqye27Ogw_WRzmCznXW0Km4GIl6fsxvEKF9yGicnz_xB_ZTl73xGxaKM5eAPA2lg9qrA4mpHg1Zj-bf4QSycFeyYeTaykDUXmJGaR9YNFNFPSoCD2sS8BqZPpiau6eM7cdwJ8CqE&sai=AMfl-YTdjB4PaJKC4aIEmn_AOCzCCOaEryM84qBEY4MgJOCKjSa9Y-P4UgqMPuwPv6k60dG98gYLf0SRJgMWoGDI3JLBNWWrUQ9xGvG0xiDR7HNWJKdzZCXuH1mRohsU1g&sig=Cg0ArKJSzFhSy7AXdAl7EAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsto3n9feTRs6TWN4MJvoaFyxW54ieRYSfF2nMqMXfT1qMdWWr1WlVAlJig7OkmGjR2WbZE02eHNAeC5crE9h6K2MqVNuQE-5p9AUQgX1k8af6QGhp3d_RIy0lCPNLUpFAAUHCKxYNsEUl6ThxxXDAS4rEElrF23k4ocBbR4ghCm5cguUg9nZxKBl-ZgQth8X4r7oGFE15107q1tgScJqmuvvqd4PMx6WzBli3x4L7BPmz9tCWa7ooxTUpWpCzsxajp63buU47xHABQGoma4IzWkC2yBkLb2MHY0fzKtC7YnJQyXB1DyJy2UF81sJvrisk4k-xgMyg&sai=AMfl-YRhJwxGI2TeKeMBhf_Wk1zXfb14jM5IQ7cx34XMwlM6Uk6UKofTCj3vgQ0dY_h5ggus1EsBbujsPaEYk98nstwOX6gNBIaBkxkgKDNcGN1HadVt2lujuifpSvwzNQ&sig=Cg0ArKJSzM2tNwFQreK1EAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: fksnk.com
URL: https://fksnk.com/cs/google?google_gid=CAESEEypmH750MXmry0Ua56lm-w&google_cver=1&google_push=ATf1kGPL_EZnJGnfVjykjH_ex6jQJ3RBzYW8dmQkMqWkO53N2LQB0vhIZj6j2zgrCLvU50DDenpy31MPcxIKJEJCGwuHMbqLarNM

Domain: cs.chocolateplatform.com
URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESECe8rBwOUgut2LkZHnRCdEQ&google_cver=1&google_push=ATf1kGNpgR2yKMInbUBueSFUOLieREZAe441AeiDwH3pDxB723uyljrcctrXtTdCMVd2cj5JsygpHF5vNW8hRtKIm8cz_XWCGdVU

Domain: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0

Domain: a.audrte.com
URL: https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=CA57F6AE-0E19-4326-BAA9-8F1794321670

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3753889245533002917

Domain: loada.exelator.com
URL: https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: cm-supply-web.gammaplatform.com
URL: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: v.lkqd.net
URL: https://v.lkqd.net/ad?pid=430&sid=1180144&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63943%2C1%2C&c4=true&c5=&c6=63943&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=43191907&m=&rtv=1&thost=www.correiodopovo.com.br

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3b0fd566-02a1-4b0f-9db4-95e140e8e0ef

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3792032271343893360

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=161

Verdicts & Comments Add Verdict or Comment

541 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

180 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: U7H5hP6QprQ
www.correiodopovo.com.br/	1970-01-20 13:25:59	Name: _pbjs_userid_consent_data Value: 3524755945110770
www.correiodopovo.com.br/	1970-01-20 12:52:51	Name: denakop_freq Value: {}
www.clarity.ms/	1970-01-20 21:28:23	Name: CLID Value: 25bf568fc01944ad8cd252c81552375a.20230621.20240620
.denakop.com/	1970-01-20 22:18:47	Name: uxid Value: Wh0AE6VpR8mn%2BKF7C7M6xA%2F0
.webspectator.com/	1970-01-20 22:18:47	Name: ___ws_gid Value: 7C98116C35F24CEA
.correiodopovo.com.br/	1970-01-20 22:18:47	Name: _ga_B73LS4GNNN Value: GS1.1.1687367020.1.0.1687367020.0.0.0
.correiodopovo.com.br/	1970-01-20 14:52:23	Name: _fbp Value: fb.2.1687367020391.1732682851
.navdmp.com/	1970-01-20 21:28:43	Name: ac3 Value: 1
.correiodopovo.com.br/	1970-01-20 12:44:13	Name: _gid Value: GA1.3.2032037943.1687367021
.correiodopovo.com.br/	1970-01-20 12:42:47	Name: _gat_UA-4083550-1 Value: 1
.correiodopovo.com.br/	1970-01-20 12:42:48	Name: ___ws_ses Value: 7C98116C35F24CEA.1
.correiodopovo.com.br/	1969-12-31 23:59:59	Name: ___ws-sr Value:
.correiodopovo.com.br/	1970-01-20 17:01:59	Name: ___ws_vis Value: 7C98116C35F24CEA.1687367020286
.correiodopovo.com.br/	1970-01-20 12:42:48	Name: ___ws_ses_sec Value: 4863:1687367020286
.correiodopovo.com.br/	1970-01-20 17:01:59	Name: ___ws_vis_sec Value: 4863:1687367020286
.correiodopovo.com.br/	1970-01-20 21:28:23	Name: _clck Value: 1sv01d9\|2\|fcn\|0\|1267
.quantserve.com/	1970-01-20 22:13:01	Name: mc Value: 64932d6c-9e20c-711a5-e0f9e
.doubleclick.net/	1970-01-20 22:04:23	Name: IDE Value: AHWqTUmvs6MPe69L-gsnBhAuRlZ0z5TLM4gBRiNmxXBgeGykBnyut0X4n-zzCilwwXQ
.correiodopovo.com.br/	1970-01-20 22:07:15	Name: __qca Value: P0-108555751-1687367020201
.bidswitch.net/	1970-01-20 21:28:23	Name: tuuid Value: 1b2e4395-99bc-4397-9f27-8596723f56e1
.bidswitch.net/	1970-01-20 21:28:23	Name: c Value: 1687367020
.bidswitch.net/	1970-01-20 21:28:23	Name: tuuid_lu Value: 1687367020
.rubiconproject.com/	1970-01-20 21:28:23	Name: khaos Value: LJ5YRA1M-1E-3PVT
.rubiconproject.com/	1970-01-20 21:28:23	Name: audit Value: 1\|naVuGyos1qp/fohIVn/tcbJGe4Ni1ThWK2euPP2lVg2+SmvwaNDOnh+14k80l7X3qg4RliDe2NgYWI3YhBbmR4bnf9SkrL/ySBx2P3in8zMKVG+w2+zOsBuybVyVU0yt
.adnxs.com/	1970-01-20 14:52:23	Name: uuid2 Value: 5589260742170955798
.casalemedia.com/	1970-01-20 21:28:23	Name: CMID Value: ZJMtbayDHAyZOxDyXo45vQAA
.casalemedia.com/	1970-01-20 14:52:23	Name: CMPS Value: 3234
.casalemedia.com/	1970-01-20 14:52:23	Name: CMPRO Value: 3234
.correiodopovo.com.br/	1970-01-20 22:18:47	Name: _ga_VH600BGGZW Value: GS1.1.1687367021.1.0.1687367021.0.0.0
.correiodopovo.com.br/	1970-01-20 22:18:47	Name: _ga Value: GA1.1.246229871.1687367020
.correiodopovo.com.br/	1970-01-20 12:44:13	Name: _clsk Value: 13irhbi\|1687367021412\|1\|1\|t.clarity.ms/collect
.navdmp.com/	1970-01-20 22:18:47	Name: nid Value: 12e378d8effa9fd06feadf78c210\|1\|201
pool.admedo.com/	1970-01-20 21:28:23	Name: tuuid Value: 4fbe391c-3659-4cd5-8f79-ce22ae5e9f59
pool.admedo.com/	1970-01-20 21:28:23	Name: c Value: 1687367021
pool.admedo.com/	1970-01-20 21:28:23	Name: tuuid_lu Value: 1687367021
www.correiodopovo.com.br/	1970-01-20 21:28:23	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3Dea73d8da-8a26-4720-994f-785266cac580-tuctb8cb2ec
.www.correiodopovo.com.br/	1970-01-20 22:18:47	Name: G_ENABLED_IDPS Value: google
.adnxs.com/	1970-01-20 14:52:23	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E><qhgTX!]tbPl1M>e)ZlrFUfJ+tGXxoHaq5'MV'zYUaUHDsG0%[Gd^/aaUx*F=tgs3If)y3KL9D3I?+J(Nncs
.turn.com/	1970-01-20 17:01:59	Name: uid Value: 3792032271343893360
.correiodopovo.com.br/	1970-01-20 22:04:23	Name: __gads Value: ID=24374c29096ff7d2:T=1687367020:RT=1687367020:S=ALNI_MZatcUSJN77lwWveC52MzCRo6eHAA
.correiodopovo.com.br/	1970-01-20 22:04:23	Name: __gpi Value: UID=00000c326f282931:T=1687367020:RT=1687367020:S=ALNI_MZDvftnhDeWWJVkCY6Fap_3iNVKIw
.csync.loopme.me/	1970-01-20 14:55:15	Name: viewer_token Value: 3b0fd566-02a1-4b0f-9db4-95e140e8e0ef
www.correiodopovo.com.br/	1970-01-20 12:42:47	Name: ws-refr Value: https://www.correiodopovo.com.br/
.correiodopovo.com.br/	1970-01-20 21:28:23	Name: nvg23925 Value: 12e378d8ef40a25121df9a1ca310\|0_173
www.correiodopovo.com.br/	1970-01-20 12:42:48	Name: tt_c_vmt Value: 1687367022
www.correiodopovo.com.br/	1970-01-20 12:42:48	Name: tt_c_c Value: direct
www.correiodopovo.com.br/	1970-01-20 12:42:48	Name: tt_c_s Value: direct
www.correiodopovo.com.br/	1970-01-20 12:42:48	Name: tt_c_m Value: direct
.correiodopovo.com.br/	1970-01-20 14:52:23	Name: _gcl_au Value: 1.1.1286260787.1687367022
sync.srv.stackadapt.com/	1970-01-20 21:28:23	Name: sa-user-id Value: s%3A0-4d6d6910-35fd-5ec3-5c63-c5288e22c474.NjTu35Zzva7p1OQvKZYgsG495qwyZs2%2B1R26EQ%2B8s5E
sync.srv.stackadapt.com/	1970-01-20 21:28:23	Name: sa-user-id-v2 Value: s%3ATW1pEDX9XsNcY8UojiLEdCU6Ovg.hiSEXGNZI1zZSbFeaNyVXrNS61eVJfdNBguACuu8ASc
.srv.stackadapt.com/	1970-01-20 21:28:23	Name: sa-user-id-v2 Value: s%3ATW1pEDX9XsNcY8UojiLEdCU6Ovg.hiSEXGNZI1zZSbFeaNyVXrNS61eVJfdNBguACuu8ASc
.tt-9964-3.seg.t.tailtarget.com/	1970-01-20 13:25:59	Name: trk Value: 48g4gc6Uau2UcSl8yyLFW9ZW+VCHEtE1VWrViWzM4H+XF/WHG72TXnnOj2cNdvllFb5Wh7HOAvAfuTA3vPYnyNd4fbZgqDE1YW6ExkKjQGkyNDpxP6QXvFUp7zqH1jf7k83txLrfA8VU00j2wt+Sng==
.t.tailtarget.com/	1970-01-20 21:28:23	Name: u Value: fwAAAWSTLW6XMQZbA+RBAgB=
.t.tailtarget.com/	1970-01-20 12:45:39	Name: _ssc Value: y
.spotxchange.com/	1970-01-20 13:23:06	Name: audience Value: 933f5381-1055-11ee-9d25-192cb16e0206
.vidoomy.com/	1970-01-20 21:28:23	Name: vidoomy-uids Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6IjFiMmU0Mzk1LTk5YmMtNDM5Ny05ZjI3LTg1OTY3MjNmNTZlMSIsImV4cGlyZXMiOjE2ODk5NTkwMjJ9fX0=
.redintelligence.net/	1970-01-20 14:52:23	Name: 8lcfmzhxc8d6_uid Value: cf95398d773c70e1
.yahoo.com/	1970-01-20 21:28:44	Name: A3 Value: d=AQABBG4tk2QCEB1nFIM5uHQ_uPI3NjgILuAFEv__AP8AAAAAAOANyiMAAMAAgA&S=AQAAAshBybhkxzunH9-D0AVsUx0
.retargetly.com/	1970-01-20 17:01:59	Name: _rlid Value: a3d22294-814c-48bd-a8b0-b47a487952db
www.correiodopovo.com.br/	1970-01-20 22:18:47	Name: _ttuu.s Value: 1687367022934
tagm.tchibo.de/	1970-01-20 14:52:23	Name: tchibo_et_gk Value: 18bf2546ac6e429e931cb94c8f12140c%7c20.08.2023+17%3a03%3a42
tagm.tchibo.de/	1970-01-20 17:01:59	Name: tchibo_et_uk Value: 9ff3e834e5c2449e87193154231ace20%7c
tagm.tchibo.de/	1969-12-31 23:59:59	Name: session_session Value: e0d8979fd66a47ee9997409a
.mgid.com/	1970-01-20 12:42:48	Name: __cf_bm Value: JO.EJaI387gMfwAgm9Rr9IRzsIJaH5vJKS5fo23tEMQ-1687367023-0-ATCEwkCHWb5NAFsI7oqfxbUG/kVd12cmg7EBGVeyCYl23ylPXaIvNsgHBUhJ0igrlNrdYwcyuk9TjRfgQ0chrf8=
.tapad.com/	1970-01-20 14:09:11	Name: TapAd_TS Value: 1687367023373
.tapad.com/	1970-01-20 14:09:11	Name: TapAd_DID Value: 3474c945-f3e9-4adb-b07a-5da5a1a3bd62
.smartadserver.com/	1970-01-20 21:29:49	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 21:29:49	Name: pbw Value: %24b%3d16999%3b%24o%3d11100
www.correiodopovo.com.br/	1970-01-20 21:28:23	Name: tt.u Value: 0100007F6E2D93645B0631970241E403
.tapad.com/	1970-01-20 14:09:11	Name: TapAd_3WAY_SYNCS Value:
.pubmatic.com/	1970-01-20 21:28:23	Name: KADUSERCOOKIE Value: CA57F6AE-0E19-4326-BAA9-8F1794321670
.smartadserver.com/	1970-01-20 21:29:49	Name: pid Value: 7047329588402905016
.t.tailtarget.com/	1970-01-20 13:25:59	Name: ttbprf Value: ___de_1687367023626_624573176
.t.tailtarget.com/	1970-01-20 12:42:48	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-20 13:25:59	Name: ttnprf Value:
.retailads.net/	1970-01-20 13:25:59	Name: ppb2172 Value: 2806776007
.retargetly.com/	1970-01-20 17:01:59	Name: _rlmp1 Value: 2\|5589260742170955798\|1687367023&&9\|\|1687367023&&10\|\|1687367023&&11\|CAESEKtDhWqFufPC6edVg8cxl18\|1687367023&&13\|\|1687367023&&14\|CA57F6AE-0E19-4326-BAA9-8F1794321670\|1687367023&&23\|\|1687367023&&24\|\|1687367023&&27\|\|1687367023&&51\|\|1687367023&&63\|\|1687367023&&70\|\|1687367023&&72\|\|1687367023
www.correiodopovo.com.br/	1969-12-31 23:59:59	Name: ortcsession-w5tlOg-s Value: 62aaacfb09a4175c
.mathtag.com/	1970-01-20 22:08:42	Name: uuid Value: 09026493-2d6f-4400-b61a-ffcc647aa73b
www.correiodopovo.com.br/	1970-01-20 12:44:13	Name: tt.nprf Value:
.office-partner.de/	1970-01-20 22:18:47	Name: source Value: {"webgains_webgains":{"timestamp":1687367024186,"clickCookie":false}}
.travelaudience.com/	1970-01-20 22:13:01	Name: _tracker Value: %7B%22UUID%22%3A%22DB529993-E097-42CE-86C4-E305F7FA0A1E%22%7D
www.correiodopovo.com.br/	1970-01-20 12:42:48	Name: ortcsession-w5tlOg Value: 62aaacfb09a4175c
.adnxs.com/	1970-01-20 14:52:23	Name: icu Value: ChkIwZSIARAKGAQgBCgEMPDazKQGOARABEgEEPDazKQGGAM.
.ctnsnet.com/	1970-01-20 21:28:23	Name: gid_CAESEBqpr6qa9dHC7gml1TENCWw Value: 1
match.sharethrough.com/	1970-01-20 12:52:51	Name: AWSALBCORS Value: RxKqxPycXfyEIQPKdBL9zEHk3gu6KgBc5FEFpRtJtHVDT3dPHJveY0JXFH/5nzdor9KoHdRa1t9cq6kxh6Q5b2bTJv2r5y1PqjI8aY00OU/U395Ls/N2HTjiAh2z
.adfarm1.adition.com/	1970-01-20 14:52:23	Name: UserID1 Value: 7247186184439789714
.tt-9964-3.seg.t.tailtarget.com/	1970-01-20 12:42:50	Name: ttca Value: CA15795,CA15771,CA17813_1687367024
.de17a.com/	1970-01-20 21:21:11	Name: guid Value: 1.6984261806563861649
.360yield.com/	1970-01-20 14:52:23	Name: tuuid Value: 6457a6ae-8705-47b9-b7a8-9b7f8e82024c
.360yield.com/	1970-01-20 14:52:23	Name: tuuid_lu Value: 1687367024
.awin1.com/	1970-01-20 12:52:51	Name: awpv11842 Value: 296283\|1687367024\|94644d50-1055-11ee-87f6-2265f034cf4c
.awin1.com/	1970-01-20 12:45:39	Name: awpv22610 Value: 296283\|1687367024\|946c3c90-1055-11ee-87f6-2265f034cf4c
.futalis.de/	1970-01-20 14:09:11	Name: raSIDb Value: 2806776007
.awin1.com/	1970-01-20 12:52:51	Name: awpv14098 Value: 296283\|1687367024\|947a4651-1055-11ee-b199-223078f3fa88
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 429086:2519595
ads.travelaudience.com/	1970-01-20 22:13:01	Name: _tracker Value: %7B%22UUID%22%3A%22DB529993-E097-42CE-86C4-E305F7FA0A1E%22%7D
.simpli.fi/	1970-01-20 21:29:49	Name: suid Value: D591207245924888BE3C3131620A3141
.3lift.com/	1970-01-20 14:52:23	Name: tluid Value: 3702040163326231866554
.w55c.net/	1970-01-20 22:13:01	Name: wfivefivec Value: XXUascXN1Qc1fa5
.mathtag.com/	1970-01-20 13:25:59	Name: mt_mop Value: 4:1687367025
.socdm.com/	1970-01-20 22:18:47	Name: SOC Value: ZJMtcMCo5swAAHeO9G8AAAAA
.id5-sync.com/	1970-01-20 12:42:47	Name: cf Value:
.id5-sync.com/	1970-01-20 12:42:47	Name: cip Value:
.id5-sync.com/	1970-01-20 12:42:47	Name: cnac Value:
.id5-sync.com/	1970-01-20 12:42:47	Name: car Value:
.id5-sync.com/	1970-01-20 12:42:47	Name: gdpr Value:
.id5-sync.com/	1970-01-20 12:42:47	Name: callback Value:
.everesttech.net/	1970-01-20 21:28:23	Name: everest_g_v2 Value: g_surferid~ZJMtcAABgFQFdQAz
.t.tailtarget.com/	1970-01-20 13:25:59	Name: n Value: 1687367025
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3sjA2MTY0MzMysBDiM9Q1SPNw9A5zNwlILk0DAPgXMhglAAAA
.rfihub.com/	1970-01-20 22:04:23	Name: rud Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3sjA2MTY0MzMysBDiM9Q1SPNw9A5zNwlILk0DAPgXMhglAAAA
.t.tailtarget.com/	1970-01-20 13:25:59	Name: tp1 Value: CAESEDPyC1olhkAlZvXAepsPGqI
.t.tailtarget.com/	1970-01-20 13:25:59	Name: dc Value: 1
.c.appier.net/	1970-01-20 13:25:59	Name: _gu Value: CAESEHekmP274nZhZSwWtKH1n9Q
.c.appier.net/	1970-01-20 21:28:23	Name: _auid Value: 80axFUKgA3e4Y5HEcS2TZA
.w55c.net/	1970-01-20 13:25:59	Name: matchgoogle Value: 5
.targeting.unrulymedia.com/	1970-01-20 21:28:23	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-ec8a09f1-09fe-47dc-8deb-60a9efac3cb2-003%22%7D
.pubmatic.com/	1970-01-20 14:52:23	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 14:52:23	Name: pp Value: 156498
.pubmatic.com/	1970-01-20 12:44:13	Name: PMDTSHR Value: cat:
.rfihub.com/	1970-01-20 22:04:23	Name: eud Value: H4sIAAAAAAAA_9vEyGtoZmFubGZuYGRqZmK5igWJb2hkDAAQxdvlIAAAAA
.weborama.fr/	1970-01-20 22:08:42	Name: AFFICHE_W Value: bwo6y80CWvNv61
.adform.net/	1970-01-20 13:25:59	Name: C Value: 1
.pubmatic.com/	1970-01-20 14:52:23	Name: KRTBCOOKIE_18 Value: 22947-5108559728343166208
.pubmatic.com/	1970-01-20 13:25:59	Name: KRTBCOOKIE_336 Value: 5844-6984261806563861649
.pubmatic.com/	1970-01-20 14:52:23	Name: KRTBCOOKIE_80 Value: 22987-CAESEKNwclUw68ELuBn7hfKwJeE&KRTB&16514-CAESEKNwclUw68ELuBn7hfKwJeE&KRTB&23025-CAESEKNwclUw68ELuBn7hfKwJeE&KRTB&23386-CAESEKNwclUw68ELuBn7hfKwJeE
.adform.net/	1970-01-20 14:09:11	Name: uid Value: 3753889245533002917
.linkedin.com/	1970-01-20 21:28:23	Name: bcookie Value: "v=2&e06e1ba1-b848-444f-871a-0a8b44b6ff75"
.linkedin.com/	1970-01-20 17:01:59	Name: li_gc Value: MTswOzE2ODczNjcwMjU7MjswMjESKsAmMk66+iT5YpiqQscIRA9fHakLiGPkC8ZQ/fT2OA==
.linkedin.com/	1970-01-20 12:44:13	Name: lidc Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2695:u=1:x=1:i=1687367025:t=1687453425:v=2:sig=AQF6hQUYHqhniAjode-W6oXwhqJZ05Ff"
.amazon-adsystem.com/	1970-01-20 22:18:47	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 17:22:08	Name: ad-id Value: A4JtAQ8VI0pRqk3DwnQ7Bfc
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s85198\|ZJMtd
www.correiodopovo.com.br/	1970-01-20 14:52:23	Name: dinTrafficSource Value: eyJ1cmwiOiJodHRwczovL3d3dy5jb3JyZWlvZG9wb3ZvLmNvbS5ici8iLCJyZWZlcmVyIjoiIn0=
www.correiodopovo.com.br/	1970-01-20 12:42:48	Name: ___ws_d_st Value: {}
.bing.com/	1970-01-20 22:04:23	Name: MUID Value: 1980ED05CA2A69DC0C71FE32CB2A68CA
.c.bing.com/	1970-01-20 12:52:51	Name: MR Value: 0
.c.bing.com/	1970-01-20 22:04:23	Name: SRM_B Value: 1980ED05CA2A69DC0C71FE32CB2A68CA
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 22:04:23	Name: MUID Value: 1980ED05CA2A69DC0C71FE32CB2A68CA
.c.clarity.ms/	1970-01-20 12:52:51	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 12:42:47	Name: ANONCHK Value: 0
.pubmatic.com/	1970-01-20 14:52:23	Name: DPSync3 Value: 1688515200%3A226_219_197_201_245_241_235_227
.quantserve.com/	1970-01-20 14:52:23	Name: d Value: ENUBDgGkKYEO-TA
.pubmatic.com/	1970-01-20 14:52:23	Name: KRTBCOOKIE_153 Value: 1923-3W1ZENk9VkDGYAUR2zpNFNpoARbGPFBF0jyffEEa&KRTB&19420-3W1ZENk9VkDGYAUR2zpNFNpoARbGPFBF0jyffEEa&KRTB&22979-3W1ZENk9VkDGYAUR2zpNFNpoARbGPFBF0jyffEEa&KRTB&23462-3W1ZENk9VkDGYAUR2zpNFNpoARbGPFBF0jyffEEa
.pubmatic.com/	1970-01-20 14:52:23	Name: KRTBCOOKIE_57 Value: 22776-5589260742170955798&KRTB&23339-5589260742170955798
.pubmatic.com/	1970-01-20 13:25:59	Name: KRTBCOOKIE_1101 Value: 23040-7247186184439789714&KRTB&23369-7247186184439789714
.zeotap.com/	1970-01-20 21:28:23	Name: zc Value: 43caeaa1-858f-44e8-7475-af105ff5b9b4
.pubmatic.com/	1970-01-20 13:25:59	Name: KRTBCOOKIE_22 Value: 14911-3792032271343893360&KRTB&23150-3792032271343893360
.rqtrk.eu/	1970-01-20 12:52:51	Name: browser_id Value: 1:b8c8b0ac-760a-4801-92d0-070feba4094d
.pubmatic.com/	1970-01-20 14:52:23	Name: KRTBCOOKIE_466 Value: 16530-1b2e4395-99bc-4397-9f27-8596723f56e1
.pubmatic.com/	1970-01-20 14:52:23	Name: KRTBCOOKIE_860 Value: 16335-TW1pEDX9XsNcY8UojiLEdCU6Ovg&KRTB&23334-TW1pEDX9XsNcY8UojiLEdCU6Ovg&KRTB&23417-TW1pEDX9XsNcY8UojiLEdCU6Ovg&KRTB&23426-TW1pEDX9XsNcY8UojiLEdCU6Ovg
.semasio.net/	1970-01-20 21:28:23	Name: SEUNCY Value: A1327313FA955776
.bidr.io/	1970-01-20 22:11:20	Name: bito Value: AAA-TU7JJlsAAB_GEcVJ2w
.bidr.io/	1970-01-20 22:11:20	Name: bitoIsSecure Value: ok
.onaudience.com/	1970-01-20 21:28:23	Name: cookie Value: bdde43eb43588a9d
.onaudience.com/	1970-01-20 12:44:13	Name: done_redirects104 Value: 1
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: ea7cef3b2f992068
.smartadserver.com/	1970-01-20 21:29:49	Name: csync Value: 127:AAA-TU7JJlsAAB_GEcVJ2w
.onaudience.com/	1970-01-20 12:44:13	Name: done_redirects161 Value: 1
.pubmatic.com/	1970-01-20 14:52:23	Name: KRTBCOOKIE_699 Value: 22727-AAA-TU7JJlsAAB_GEcVJ2w
.ctnsnet.com/	1970-01-20 21:28:23	Name: cid Value: 3131b43024724ca1ada970d64a43219c
.adsby.bidtheatre.com/	1970-01-20 12:52:51	Name: __kuid Value: c7450c6b-5486-4e5c-b766-34bf5986541f.456581030
.tribalfusion.com/	1970-01-20 14:52:23	Name: ANON_ID Value: apnvBNRkP6i6eCno78E9NWZdWfZb2mtK71DjFaec5p8ZawnZbvUTsiWYx94bUAV8bSpdnpZbiKZcn5FcvASjo5BePV1ScBy5He82qDjIApFeXDp3NS6fwmVwLG
.pubmatic.com/	1970-01-20 14:52:23	Name: KRTBCOOKIE_1305 Value: 23408-CA57F6AE-0E19-4326-BAA9-8F1794321670&KRTB&23413-CA57F6AE-0E19-4326-BAA9-8F1794321670&KRTB&23479-CA57F6AE-0E19-4326-BAA9-8F1794321670
.correiodopovo.com.br/	1970-01-20 12:42:47	Name: smeventssent_0d2ab486745b45cf991c8d91aa3e3e5f Value: true
.correiodopovo.com.br/	1970-01-20 14:09:11	Name: smeventsclear_0d2ab486745b45cf991c8d91aa3e3e5f Value: true
.ads.pubmatic.com/	1970-01-20 12:44:13	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 14:52:23	Name: chkChromeAb67Sec Value: 4
.pubmatic.com/	1970-01-20 12:44:13	Name: pi Value: 156498:3
.pubmatic.com/	1970-01-20 14:52:23	Name: SyncRTB3 Value: 1688601600%3A35%7C1688515200%3A22_81_220_7_254_46_13_233_56_55_71_234_238_8_176_204_3_251_166_21_99_165_161_214_88_249_54_243%7C1687910400%3A15_2_223%7C1692489600%3A69%7C1688169600%3A63%7C1689897600%3A203
ads.playground.xyz/	1970-01-20 12:52:10	Name: connect.sid Value: s%3ARldfjqmrBkW_Tu3DhoTvoiMwTSWUD1h_.59Jpb1UHLvr%2F02KM6p2luGa7Mg4drXm71Q2BnvL0H1M
.1rx.io/	1970-01-20 21:28:23	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-ec8a09f1-09fe-47dc-8deb-60a9efac3cb2-003%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/	1970-01-20 14:52:23	Name: KRTBCOOKIE_594 Value: 17105-RX-ec8a09f1-09fe-47dc-8deb-60a9efac3cb2-003&KRTB&17107-RX-ec8a09f1-09fe-47dc-8deb-60a9efac3cb2-003
.onaudience.com/	1970-01-20 12:44:13	Name: done_redirects200 Value: 1
.pubmatic.com/	1970-01-20 13:25:59	Name: KRTBCOOKIE_409 Value: 22966-woK5xk2lhQQnWYnhWYVSSgRQ
.pubmatic.com/	1970-01-20 13:25:59	Name: PugT Value: 1687367029

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://a.teads.tv/analytics/tag.js Message: Failed to load resource: the server responded with a status of 403 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
other	warning	URL: https://www.youtube.com/s/player/6ed0d907/www-widgetapi.vflset/www-widgetapi.js(Line 1135) Message: Unrecognized feature: 'web-share'.
security	error	URL: https://www.youtube.com/s/player/6ed0d907/www-widgetapi.vflset/www-widgetapi.js(Line 1143) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://www.correiodopovo.com.br').
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	warning	URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.v28TTIwVaSQ.O/m=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_RlEL4hWI2yLzSWbPbhr8owPMeLw/cb=gapi.loaded_0?le=scs(Line 416) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()
javascript	warning	URL: https://barra.r7.com/tailtarget/profiles.js Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
network	error	URL: https://bcp.crwdcntrl.net/map/c=11530/tp=RTRG/tpid=a3d22294-814c-48bd-a8b0-b47a487952db Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESECe8rBwOUgut2LkZHnRCdEQ&google_cver=1&google_push=ATf1kGNpgR2yKMInbUBueSFUOLieREZAe441AeiDwH3pDxB723uyljrcctrXtTdCMVd2cj5JsygpHF5vNW8hRtKIm8cz_XWCGdVU Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=CA57F6AE-0E19-4326-BAA9-8F1794321670&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0360c2d10175f4fb6b62cdeed6ab33ed.safeframe.googlesyndication.com
8019191.fls.doubleclick.net
a.audrte.com
a.c.appier.net
a.teads.tv
a.tribalfusion.com
a.vidoomy.com
aax-eu.amazon-adsystem.com
accounts.google.com
acdn.adnxs.com
ad.doubleclick.net
ad.lkqd.net
ad.mrtnsvr.com
ad.turn.com
ade.googlesyndication.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.travelaudience.com
ads.vidoomy.com
adservice.google.com
adv.office-partner.de
ajax.googleapis.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
analytics.webgains.io
api.retargetly.com
api.soclminer.com.br
api.webgains.io
apis.google.com
app.retargetly.com
assets.r7.com
b.t.tailtarget.com
barra.r7.com
bcp.crwdcntrl.net
bh.contextweb.com
c.bing.com
c.clarity.ms
c1.adform.net
c2.taboola.com
cc.adingo.jp
cdn.ampproject.org
cdn.jsdelivr.net
cdn.navdmp.com
cdn.retailads.net
cdn.stickyadstv.com
cdn.taboola.com
cdn.track.production.webgains.team
cdn.webspectator.com
cds.taboola.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cm.mgid.com
cm.t.tailtarget.com
cms-media-api.r7.com
cms.analytics.yahoo.com
cms.quantserve.com
connect.facebook.net
core.iprom.net
correiodopovo.com.br
correiodopovo.soclminer.com.br
cpm.denakop.com
cs.chocolateplatform.com
cs.lkqd.net
csync.loopme.me
d.tailtarget.com
d5p.de17a.com
dclk-match.dotomi.com
digital2.correiodopovo.com.br
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
gcm.ctnsnet.com
go.trvdp.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
hal9000.redintelligence.net
hal900012.redintelligence.net
hal900013.redintelligence.net
hal900014.redintelligence.net
hal90003.redintelligence.net
hal90006.redintelligence.net
i.ytimg.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
images.taboola.com
imprammp.taboola.com
ipac.ctnsnet.com
jnn-pa.googleapis.com
loada.exelator.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
medialead.de
msgws.webspectator.com
mwzeom.zeotap.com
nr-events.taboola.com
optimized-by.rubiconproject.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
paywall.correiodopovo.com.br
pips.taboola.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
platform.instagram.com
platform.twitter.com
plugins.soclminer.com.br
pm-widget.taboola.com
pm.w55c.net
pool.admedo.com
portal.correiodopovo.com.br
pr-bh.ybp.yahoo.com
prg.smartadserver.com
pubmatic-match.dotomi.com
pv.medialead.de
px.ads.linkedin.com
r.turn.com
receiver.posclick.dinamize.com
region1.google-analytics.com
retargetly-match.dotomi.com
rtb-csync.smartadserver.com
rtb.openx.net
rtb2-useast.e-volution.ai
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync.smartadserver.com
ssl.gstatic.com
ssum-sec.casalemedia.com
st.pubmatic.com
static.doubleclick.net
static.socialminer.com
stats.g.doubleclick.net
stg.truvidplayer.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.inmobi.com
sync.mathtag.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync2.navdmp.com
syndication.twitter.com
t.clarity.ms
t.lkqd.net
t.tailtarget.com
tag.navdmp.com
tagm.tchibo.de
tagmanager.alright.network
tags.bluekai.com
tags.cmp.tail.digital
tags.denakop.com
tags.t.tailtarget.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
trc.taboola.com
tt-9964-3.seg.t.tailtarget.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usr.navdmp.com
v.lkqd.net
vid-io-cle.springserve.com
vid-io-dub.springserve.com
vid-io-iad.springserve.com
vid-io-sin.springserve.com
vid.pubmatic.com
vidanalytics.taboola.com
vidoomy-d.openx.net
vidstat.taboola.com
vidstatb.taboola.com
vpaid.pubmatic.com
vpaid.springserve.com
webservices.webspectator.com
wf.taboola.com
wfpscripts.webspectator.com
ws.rqtrk.eu
www.awin1.com
www.clarity.ms
www.correiodopovo.com.br
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.instagram.com
www.more-and-more.de
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
a.audrte.com
ads.stickyadstv.com
cm-supply-web.gammaplatform.com
cs.chocolateplatform.com
cs.lkqd.net
fksnk.com
image6.pubmatic.com
loada.exelator.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
sync.srv.stackadapt.com
t.lkqd.net
v.lkqd.net
104.102.35.84
104.102.45.165
104.244.42.136
116.202.48.214
13.249.9.34
13.32.99.47
138.201.63.117
138.201.63.164
139.162.58.205
141.226.224.32
141.226.228.48
141.95.171.142
141.95.32.72
141.95.98.64
142.250.181.226
142.250.186.134
142.250.186.34
145.239.193.130
146.20.132.111
146.20.132.167
146.59.148.16
151.101.1.44
151.101.129.44
151.101.130.49
151.139.128.10
162.55.120.196
167.233.14.134
172.217.18.2
172.217.18.6
174.137.133.49
176.9.26.250
178.250.7.11
179.191.182.65
18.138.182.210
18.155.129.96
18.155.129.99
18.164.52.38
18.194.142.62
18.66.147.120
185.29.132.245
185.64.190.78
185.64.190.89
185.64.191.210
185.80.39.216
185.86.138.150
185.86.138.153
185.86.138.154
185.89.210.153
185.89.211.84
185.94.180.125
188.166.17.21
189.16.116.12
193.0.160.131
194.97.158.1
195.5.165.20
198.47.127.205
198.47.127.206
2.16.202.74
2.23.197.190
20.114.189.70
20.127.253.7
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
202.241.208.100
208.93.169.131
212.36.83.208
212.82.100.182
213.155.156.166
213.202.235.10
23.201.255.110
23.32.184.180
23.32.184.192
2600:9000:206f:e800:15:6f6c:b180:93a1
2600:9000:219c:2600:6:44e3:f8c0:93a1
2600:9000:223d:c400:19:c363:bec0:93a1
2600:9000:2450:7000:1b:5138:8a40:93a1
2602:803:c003:200::41
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:1857
2606:4700:10::ac43:8f4
2606:4700:1::6813:884e
2606:4700:20::ac43:4663
2606:4700:20::ac43:494b
2606:4700::6810:ef3
2606:4700::6812:160e
2606:4700::6812:18ad
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:21::14
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:802::200a
2a00:1450:4001:808::2002
2a00:1450:4001:808::200a
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2006
2a00:1450:4001:811::2016
2a00:1450:4001:813::2006
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::2008
2a00:1450:4001:82a::200d
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c0c::9b
2a01:4f8:d0a:2321::2
2a02:2638:3::c
2a02:fa8:8806:12::1400
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a03:2880:f276:e8:face:b00c:0:4420
2a03:2880:f277:c0:face:b00c:0:43fe
2a04:4e42:400::485
2a05:d018:d29:3605:6ce8:f044:1eeb:8f7f
2a0b:4d07:102::1
3.11.176.98
3.127.111.154
3.19.54.139
3.23.208.81
3.232.160.141
3.64.137.20
3.75.62.37
34.102.163.6
34.102.185.99
34.102.253.54
34.111.113.62
34.207.18.4
34.234.140.75
34.255.231.185
34.98.64.218
35.157.246.107
35.160.227.216
35.186.193.173
35.190.0.66
35.201.123.184
35.204.74.118
35.210.53.219
35.214.210.61
35.227.252.103
37.157.2.229
46.228.174.117
46.4.10.49
52.1.252.251
52.208.166.9
52.223.40.198
52.46.130.91
52.49.243.219
52.56.247.104
54.155.101.92
54.172.233.79
54.205.191.114
54.234.180.12
54.238.123.169
54.77.72.186
54.82.20.194
64.95.96.108
67.220.224.150
68.219.88.97
69.166.1.12
69.173.144.139
69.173.144.165
69.20.43.192
76.223.111.18
77.243.51.121
77.245.57.72
81.17.55.99
85.114.159.118
94.130.102.164
94.23.99.218
95.101.148.198
95.101.148.43
95.101.149.35
98.98.134.243
0065950453465563135f516963450dc674f95597c41ad178f646f29c9891be3a
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
014bdd8933f62e8a78fb2b79c514bf540092e441a6f1c0ab21c29c552a43df22
01d79204ede2b768d9062f837127163fe01977114de227204dac8302520f0468
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
04811388d3106d5a673727b66bfdd4e7648a17812338d6459455428b52dddc41
0650e20caafed8b318134c45e1fcb2b371616ab25ae80a05ce34bd7ad04ff0e8
068fb60fde199afd07fc016453b0de032f78b1d1973b3d42134110f73ce93a95
06a6c106280b18c23ff27d0434f1e5f80e0b78f075b79465531bc55c9c5cd9ce
074c03b0f1ab13908eed1baa9536573da30af6312ed93fe750de24997941bcff
074fe02ec73f484a3074bbbbd6f1b9070e6c417a6581ae0c78dad7d53c3f3b68
07a3391f6cdf18fd1fd8b39994ef4ed0d2583f56a6210624d1cf48a4ef606ba6
07c2b71790257b4f964b42e65ceacb4365d2cc26a22c191194c0dbaf89ff1a42
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
0a21a9a53d492505d1cbb9b4fe37ab63e0ba4ee852080e408fad10c4d49dda2d
0abf450a9add4756c42b6da8084f963afd5fe4cb4f2c6f34743ca5be7bb2e3f8
0ad05b126fe41d7078c3eeb15d27d6fb59ede2b60d852691a38a87852337fe00
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba4ebac0dda05b59ab9683ab66a686c1cef3e7d0bcd48f537aa04d268b72481
0c25b59c4c4973bdae51c5c45f4eacd8405791890b322db5d7b23cc382136607
0c4134c8bb7daf3ab651ddc864b206c7d2f8e21a1c88d988d30d27f1f6049746
0c52722acd658876392066c9606b7b8e9c380cfd452862448dee17960ae80b9f
0cfd7a9f5b0e61c7667f3a157f90e0f4d7b8b0f8f4bee90d224899140030cda0
0d89ab019fdc4db07a89ba39546aa0ef86110eb0478c636a033e8ac5e5fb6acb
0e5547d6050a97862284186a7f60dc1be4d24e7b219a63058aee2c0c9af5d296
0f266202b591aab2563e8ef52fcc7cf8d2358f48600ad7f52bc62462787dca01
1015b9c836089217f1a78686809d9445372477223e6c1703d143b71cbaaa10f3
1153729ef4c4198a17c7dd7920e28939e62559e7806c94b7510627ed0cf3e5ab
117919c761552beb697019c2e07f2c37ce1d0161a34ad486b830a41e307e5f33
11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069
11f6ef1e014c639d0d65d7c29018ec8b8ff116298a59bf3b7c1806ac7e72955b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
135841655f013ed61767c437a8438d9f7fef29b2e02e0eff79bc4654cb7f64b8
136a576886a9ae3b5d55278a3e69a1fcc0a2189dfbf77ec41787742f260e5526
14253c696f701bab73c8a9515a303bfca761284ee7c89ba828bd6a3d697ab74d
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
14a97d31c9782a3d435aade574180ddd34b27db4236c3357d6cedd753735b9b2
15905f8a3b00fd6262e5f4ab1fa3d88cbf9fd68e95c834734da87f01abb9143f
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16aab44d4aadf8ef1a74f17f0ef1430447f88dc76223f42a73630f517bd3aed1
17feceb42ef4b48f790946784ac7643a607ee672fb3aee094550142510d7645b
184de53a881ec8e4e218974c548e2fc8e0da4b8ddaff2e7bdc6267c6e70a8636
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
19ccc434efeea81dc7a8ec981c036cad9c15cf6844d66acf0ad59daa40b3ec91
1a0e5800bdc4bd7864e3657fa2f1b6637e8174914a53cea8e758b0dee0d05016
1ab7505ca4f1ddaa78434af8d18b9f0271adee7b6082593ac0e04196219925f2
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b0678babb056e8db180aac278ce7d4af6ea8a4616421b0c71e92b6e87266986
1b084d429d350edc68e28a4b0f291b97bfcc1a8ae416b5c16cf8b0d11e1e59fd
1b2aa5f23507f3a82266786b7eff810083d957cd9cb6293aadd6b4647237ecec
1cad39e7afafb16a80eeeebc15504c2cb21fd48f34d58319059be1cc748aceac
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1
1d9dd9255702a65fb1e002db15a9a4013bb940430a2b0c1133fe74087aa869f2
1da9518693fb277beca91eebf740b361a8bca168eb810742a2aa787b87b84e96
1edf4847ee858d0ab9cc84c0a3c4cc811bc738878a80c22f2b9032416a550dc4
1eed756af030ebd723f79b9b3e1635942a0c4453c3df08f0dee7cf2019c35f64
1f864616ae1b904251fc93ace9454e4578ec903d94b3c7cdc3d303a8273d84f8
22b074cdcfd5da73f9a8a3167965afae52b45d502fd0b89780560b079152de4d
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
23ad2826d08e47ac97b52fd6668c204603bbb78ff4da83fd0173d4ef08ee8524
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
25652460cd649583f820f9e09bf68e81ef4fd5a696f1639cfb62351629dae4a4
25a08246c06faeac92564a058d4b96baed8d09cbf540867475a24e21edbb0090
25c67ca4bf3665e14bcab7025dece229da5cbfaec9dd8fde9f1db8ccdf56b329
25e20ef523f209df8a3ebe6047b2ee96804e30ee14b269846463020e18569b37
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2709dcd48925c938d98757dd3cbc7708d9f49eb46212174d7954a68ff66390e2
27cb6c85ecd21d9e45716579598ccae9012eb329c1560af6521eecede1286da4
27f9c09cc57b50d18cbdcad3a8ab7b507a8799f264bedb3c3865f7327309a310
281ff524d25faadc640852c299a49d97a38a84d14e8caaa3be48018f09d20d43
28d460a92f80d93d9c90649d901c93f8501e6ded8d74987c1bea0d72917ed9a1
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
29943d672e2751b1ae9026caa3a7376157b88340b62cd40bc2c62d39c52ad635
29fc8c47a94d2164aa2cbedd171d0975dc9d2ba60921e36eb580467f0a68af13
2aabf798514f82b3cea662c76192b068af43f7d501b2d7a336495d9f809c949c
2ab1f394407ac6deb063dd103504124c15be65a02db67375a514f614be2111ab
2b566d22c0563b579149060354f5b869a6721f5b9543c07a7509928a8e6687d5
2b77aabe4e52b426d63d1cbefe605dc77adc5700d75e7e5362071fd0683df889
2b87ad2e3dbfb1efc89a89bc0da9f724824d1612ae8db8bf7e47dd337fdc7151
2baff115945cf8cfd43baf60a4f4008c917fc5ab6113a2111d02faada372775d
2d499f8833c3ce273cb3c3b7403493b47c7b5b1e765c3a41487fca788bd0ce64
2d831179e0be4bd6ada01e86ef55713e6ed07b99537328c0b8936233004f1762
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8fac6fa9527aaae83a3fc6200472418e1aa0cf42d9ed4422683e8e0192a861
2f18363fdebecf3ebd553e917a0048fd4644f33250cb98a12be9cf4597ea3919
2f42b3a57c656fe308f398180a400f6b7f687e8396b9e1adabd83e67e7143968
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
307f7b425be5f92185ae9899e004c3dd5181ebb15bdfc95dfd2d43f9876beb53
30c63a3eb07f8c29ab598f3d33bc7ba6f9bce3acdb6d7ed5ccba8ad70b23a303
30dd4d046ee0a560951014c2c3f71fb0b620af27279bd7c5ff8b4ac877214291
30f498910b63c17e41050ebdf6eab9e194629059253a95dcb4bdd57a24c73d3b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31c86114d8c9683bade57e627634f040284e99a601deb292b961108e5d831415
321dff29d00ae0d8f64edc6c8c6278f898de2985a66d7f7ebbc3e5899a8aa4bf
327f0669540533394b070367fed757e00b3ef7ed5a30a673904861dd219134f2
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32babb5aa74c35a0d3feff97cc25627ab536ef44d3b99d317aea296b31219a78
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
3416dbdb9c0ca2a9d8bce8f2efd97617262481e95bf18fc2b069b5eef79792f2
3506f53e87793153fed1feeea3b99c5aac1fcc390a005fa9e0fd7b046acb6d46
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
35d06a227e735a15331748fe618bd1fb4726cd522b91ef7fd3e3673d2c5b56d6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3775b2253694eeaf0214b74d44e271c33bb635a547c1e2c95a48285bac8ed152
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
37acf5f6aa181790c9f46f7a25b5c89ecc46c35603b9b62c3086228faf72b26d
3840c3650b0dc3f298d53ec0cad75b3e8c58fc41272a38b03ca7effb6c61484c
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3887f5e40b9d2a67b3af5a179b406684e53554ef953b4a288214e18ccc17415d
389957fc7a6964eecce57b9744f86c39f176ddb960622a6b436636c7833bd5a7
38c8cf532fa433d258c72dc8b5df1c1497720980a953c1072ec8538006fe79df
3923e7c182008b2e667b295342b146adace165e25a8993e73e8688288968ac1f
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
39f06d08040ae7e623e2cf7503909a9cf17029ef47661c6f50dc59e094698d8b
3c550cc6106b84782b282835ee72face4e1d2e527a895493d5aa0a47359fe63b
3c5ba6fdd40939b546a38f51e99f0ecbe52e17d7a42145d785bb4269944106b1
3c992d28464a38c69399b4a91f87dfa5f90f5dac2f22b06a7d23eb81de79438c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d7a16ff1ffd8d8507acd6f1ac3f27609a4e979b0a8e37474d3e0ba43e20fe3c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e4cf41484e16a8e99ea65620ecac036df5d23dc0b60adfa7ced3f7793f26f72
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eafc97a15eed2cf2d735bcc80d4e4ece7aad832779dcfab557a807d4a81e894
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f05b22972922c3ccd4dc1d4e637a837bf29f40ec9d428c727f6ca2b28e5c18e
3f3f19a91993489b6d73ffcd539452bc07a9f58bb6d7494c3669364350ca8406
3f9374f2b19469d298314096fde1b84c5a8defbabbe44f5a84ca948d30f874df
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
401c305a433d8f0ec7bcad2bf9acd9637e04aa91fe02d5c6ee4ffefafc8fd206
4046f5e2f75866f0984159941d8021810ed94a3a183b86ac7f171a6b40cdba85
4098e37d609132da2c85b7f9e1858c03b1705dfda087a0e81de54ac187b7f7fa
422b8ea6ee3c80f48094f9718eaa8b7ca5d9842e048f2e814bfa748191db8d5e
427653d8b0569e986b88bb7dca1852b627a034f69be1da68b150eb0d2bbacb5d
42ed8aca96bf1e9bb25a813a1176242c2f722734bf4d5048846278b95ae2ae2c
4362a2b21daa8185db1960d48bdfa4fc744b4144199df5bc9fad8fa49be876e3
44073ea2d6fef50d1b40d00e2c77ffdf7d9dd588a13ea79b45c5d12c47d57592
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660
44c5077c61856f6c7f40dae7dbf9b6d26d0ac9333990e49b8e7aab18dad5e780
44f6308a91eec4935a83a7edae1570a05be1d4029ac5765c48f7d585425b06dc
45352935afb3119009abbfa8ed5bf7b67fc4edf64e8b718a134975410823ace9
45365159db0dc224fee9b2ffc3998259d3bc756805da8b2a14962b6da9702a2a
45d3f554c05907fa70fa5124d741db47f4e7b387a5743cb34f61dbdc672a7515
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf
466acd3ef2156a1e8d6d03e52cce266d34fc3bcc6935dfaacd538ec88c0b198d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46cb66d8deb9c17c3c17514858963b4b74da7508a7c1b6db56bbf0ad31566429
47058153a2f8a8a2d3da8b5dc17505dae3e324cfdfbb8a9f9fa7e5f4a0e3675d
47e46aa045a0a89ae2d14c00d36ceff6b48f57d7cb97a2d2cf3c8a5104ecd3c5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4919854a8aa849c6160c25b288f01fd5a52d6b9901afbaadb32fcb5d6636eaa1
492253d2d2da0bebbef019e63d904ddb0b096f5a037c781a7cfda22c2332f692
49582fd71fd13d10cd0d8071d8ddbf9abc5f5292e5f2bf83ff4028cd99dc16ea
499861b6417beda06c09c4f8a4a4f3f37cf246782ff4bce5a3dd4a5bef5704b3
4a2a801c9c80fdddf923fc6b0c364467a102da2ca6a46afaffca59819f030539
4a44b80afa6090ac98f6c8d70ac42f94a76777f13eccadab352abbe9bd3f72b9
4a7f23140fdee7b942e103630d4000964fa40677974ca143f6e59a5afc477607
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c08d3cc821d5186822c4c4584a9fdcbbec527695b9d1d39c256b3300d68fbd8
4c4cf15138949e4aa75df8077642b14c35debd3700d2416f89a7bb4f98aab8a4
4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1506365f4aa837ff002b6c81b69b43eafa163624d62c52fb5cc95f1c30c6e7
4e369635987f4ee1f4bad20a4c30a6eeb4fc2afe3f185fa9f6a8ecb2c5131457
4e47726d712fa6a1f91150b1158dbf2e2bdedc1ac5c52523482897dd323c9588
4ef6a06537f719a3a9ba2806000ed45deff3f057e3b61a6d597863bebfb22826
4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f90beb9c5ce266d97c88013d263ba85320e90d5fc6f3ab016d42aafd330d70e
4f9fd83d65a6ad09005ec3e12537a23beb340cd017fce8749e138bfeb530da68
5024e3cca320577600386c33e3642f1dd299181481dfb195f3a21318bcc1b28c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5056ba26d0ea336346d69aa980999165d9463faec9fe3b0643ee3ba7dbbb28c7
508fba79123a7eca704546da35ebb132e46337686b8a5a67c4211e0a16e28e8e
51800285a1aa8a493c39a7d9bb3cedbda5a57df3d47cdd379a4fe120b011a8d6
51e6031eb24689187bae1f869b59f03ca7c697eb5d714e677282075305888f22
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
526c57a813d9dd1aeaf8df85aa6926eb71c5da577bad5543643741ae28ef2a49
532d1c95aba2f9c2c5f1f611b2451bab0e0cf9a3ae5fadc0ed81a94990f119e0
5378cdcad7b920a5ab73d5bf1ccf7b764042c37f4c064367b352b3fe1f8c25b7
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5421abebf1ea61ab4e1813ff86644f7f737864d06c61049a14c1239fbdb57d7e
544fed9092e26545359b1586b76bcca554329ecfc5f204beaf06bfa4fa6fd2fa
54521684094f49bf01d8965024cb845d0d69c555c2f750107243a61579953625
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57214cdcf15665a435ed82c94b38f24c078b11949eb3a706ad8ae67a3318be5a
5724c31fc9384c8062a6d8f9fb3bcab2e9e09beb0c67b4b23ac3231d0799ad30
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
58796af19f75520e2cba157b5be73cfdc03fbf4131f692d85066b0b9b63f1f4c
59758d6213ae16ffc0498f7ec1747b84047dd0cc9ff2c1da7aeb66b47f9bda5c
59b18cedd72766a0c2ab958a6683365999cd94563b2c1ed9387463b21a3edbbf
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b5162d6b97f345cfd804465e4d14daca858a512cb22798fbed634db82418203
5b70d8eb19ca32d244e29e759e816c343be893232978532c9d5943f838e60e0b
5b8e349fe54136e445a39b530704cf05270fb20a6c144ea0267bd8176eb3698b
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984
5db74c759e3864b51ba36327e383e4c5cae93cca9a5d6950ab174d5730f8b0f0
5f86eaa44bebd90324fd49d796ef010ec39f6af364018066d4e2ace0bab956fe
5f941ad006dd8a430228d6941f5e44c9de2f756d7526350172ed138bdc1290e8
6093fa05125a2ddaa0579896d3220cde2a3ae482ac434579b333be4eb6a76422
60f3a44d824e32d32acca30d7cd600f6e81abd775d6dffba33eaa89330344785
618b4922f965f69c26739e71c987ba027cfc607411dd74c2b0f0ccd53ad7bff1
619820b66421bddb8b87522fee81c348e519864ecc4da6cdb968851722b3de24
61ab59c913f7d6b1115009318e1a4d13c633148abf5c9f29f12934e21dc573fd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62423fcbf2902860443224b71ae3875de3531863942d9e9a43beab56f1088b82
627e2285e82e57d1ec9fcbbdf5935bf49cad56b2c3dc277c4fa49ac4246df1f1
62e8401c97fb76307bac29e33631c8775c9b9e15d7506ca0bda87fff66452420
6367e199afd61398c215442211ae2b2f73f26c27c72af45695a7202bc06e179e
639df2d960bb19b0abc1eeb0e98694b4036aee2248bb1e7cb704bed779f31b5c
63c076d57d5bef376bef5de9645d5122ef21cf1fbf06e3c6e006612bd43e69f8
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
64d41602eee2aa7d37aa60a1bac90f26d56b06d57c09071c36f97f4bf4b2b0b3
659e353d79e9c056607c464f393e017a6a4d37dd604bad873ea7d05f5b0fed94
65b19a5808c1a1d2593655c2b3c39ea52db2d0daa2a7cb3fbad3c2f71bef370b
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
66289d95d7634f47455d58ecb38c3db822d264ec7d7034edd93ed95570934673
66296b6fd0b852386b1c4e4e83bf4ad832596ea81717e7656e98738922f9419a
66623b0935ee7dfbc98fcace56472beb123f03c695a443c8793ae1d0f9c22b3b
66808bbe532e7ca8171cbbde461f786328063374cd61f0b9f79fb7d815dcf96a
66ffd086d029804d4cf280283f4f9205ecb4f92664edae096a59bc16151a83e0
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
683d6a9f4a61f98899a2f3dd94da480475a5804148cf4b18ed3a8836736d61e3
6861003bc1657baf57bfb25afe3d7c5199bd5fb9f35db55344008eb4abebb90b
6880cde99cda177d75b14cde4beef0fa9101f3f970bb69aff92b0940972662f1
6977ce9520f2f65449534c21693dc8ffe2b30b3237f2eef6838d6dfc38187e31
6ae2ea10b0448efd55a52068cbb016caa14e464974bae7f0ebbb72159d210648
6b80eaba8e2ef443fb35d5897e78180864636bd4a7591c7ec296dbc3ca839576
6ba812d3fec562dc1d59be15e34486a42cc71d4e543d8ceef57f74d80d27ce8c
6bb12857ae134a4e7167c7c9b4210aa0a6f17b88fdf672bbae8b9ca5dcaa3a0b
6bb3c7d3cd8b6ae6301a23cafa2167ed0fe548f5dc0826af8643c16844333c2e
6c53f12aeb4806782ab7903f42911bc63205cf2680f8d449d34f5ab27c2a920e
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6d864997c280fd4e975c2bc544311f41261a0e937978263bb4987c82a7d0af33
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d
6f49cc78249ddb5132767edc0c172fa8f6619918fcc1c09f325fa7776fdce799
6f88ad1b185e443ce4a39c76c65fa4b6f199c1521398535cc5452b19304d5f17
71b508240d05cc13eff98fd08fa682044ed8bd195e99b05d9f5057be89ef7050
720a5408fbc633873e7822becb9358ac24dbf644a9e10f6be4d930d962e35e68
73db2a2a4d0933294f7188230306bea80ad011455f5f3a34127d33cbb43eb1c9
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
74a0657d0916721948e2f27efa4bb974b5e2fac4e177c952a4a595d7e4a638e4
74c58dceae9cbe820cdf7d14bf41fd03a98f9e19cfc5a96327d0c13db2777390
74f8bb668af45bc33e9009c79f96d20f72b101b6aa2e54367ca1d57fee38376a
76822b21d8f8ffc353cc47cbdc6837f250a376a8e62c12334c12f1a2ebe3d18e
771aeb453e02f8f734dbaff7ed27a1df8637dc029571a3099bc1dd2da1edae69
778743466decd47a6ae1d0a4e85bfffd3ba15d4794ef23f391bc19b3d0b03178
77e817bc81e702b3af53fa6396d18fe393df867311dbcb3397292740b7145bea
7808b0a021a846cfe4ef6005d42843e8ac96a956a16a4423134e51f7cd5b81c6
78ac6beb4da15e1e9f06a07eeb39f8f7ea755cd4c3e5958fddb4aa14fc72e123
7973970cd66842aded3eea6392f3aad4178f1c2981d7bb482f3a92b4ebed8f4e
79a0706eec31da34bd5291706e124ebc199fb2e4251a09969aacf7804b5dd57b
79b2755fe82058c594d4715d0a503976bd00fd31ab5e082e1b0ecca282f256fa
7a1d9a7fdb9f6de569ac49bbaafa22ad4dbd395d58bd166ea1b3689113de7f0b
7a7a28bf8c915d81305c6d44cbc36843ea3590864050bcca51f89792f74f631a
7a9344144d755ac52f3d8405003feb8eab3b79aebc78e330537ea10861d6f32e
7ab05755223b4fa8febb2f840e6fc8ab3c5a2e7198830cedcfb9cbc50f8d6749
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7c957ee188059b207e4061701b709a9891d24321f6ad477b1671b10078cbc869
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7d96317f4b7bd6c910054274f8ff839b62d26f253810cb80fd3c887da280eec9
7e203cb6d4f4fefab123da73d0a7baf1947a9606badca5ead2896046c6342892
7e6e3ca2cda7602dded4601cb79552175be48233013dbe9cc61b78d89db81e77
7e799e3d850442c21ae62a2fe65ddc330b72cd8aa3dab8202c5c60214f0f6508
7e857891c95421c458c9b8cc4aadfe9b4a62362ca6a8d1e1f135c8331f79060e
7eb658ea2a6b25f8b93dab28d1230ddcbf34d51382a0365c86c7c293d1b5a111
7ed1947cb1ec4f11c68e3b281741c4214839a262843c339c1f1e3bc357434183
7f2ac17e08d2a1d593c1302488c40fcab6f1ba32fde1a7cb662787211c32b6b1
7f77ce3afcb4d662f955397388eb2730b542b7b83cbe6b68f09492167eaa8f82
7f98ff9434849daca0cadf865d4639a48d85a7ad473a30961680c7f285a885eb
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
800a2f1f8f64c8d4a7377690e68af0bc4522695148299151695d6a83c628be86
8018bdabb6b50a867ae921b22dedde1b24969f1308fa65f4600bbfac1368d1dc
80a6c8fd3fd83054bdd51a596217f806cec456cd5b176ec5e44a407201a82d2a
80fb9f2bd6e20f8daf288a593cc63977637524eb0305a2e3d787d547bb6265e6
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
81f4d7f296252bd5b876a86fc6208af36b36343540f2baac1a6f345b947cc9fc
8248af8592a78954b8050a4f78d12e1680a57a0f2a8884bae9eec06116d3d8c5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843e871d9460dfabc82da88aefab24171a4526fdaa9f34f0fcf6eb670b3ac288
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181
860638066f3fe8743863f7392a3de265a2e96519f8a0109cf79c4558feabb589
867068c46a5addf7c8061a851481ff99575cf72c38e20ad5edaecf3a62b75eaa
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
869083889eb786e85c227f2ce106d96b367de58bd6f8fb3f4151629bee44136b
869420f6c1c1b9386f2f692672336e1acd633cf38f595750ef02b6976bc401c2
870e64a4fd7176773074b9807542d0a03175666ca0dc0d7b07c96479730bdc95
87c88050417dac135e73defbde7fb301d7753d9c4c1365529f358e93f9cac0ab
87da683c9f06bca4c76b4b9152ce4bab044a03abf5a2bdb2121d27146c568d1a
887337067e7a29d58372012281ba625ba389277c5a7427ac952beeda7455420d
8955067cb54ed238c7cb08bd849d3eabc11e01295c00cfb9644143143a89d579
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a260f3124491308053529db6a764eb5ac31941cc6278c821b7dd630bbf26f04
8a91ee0324f5b4cce11d8e9914311d2f2705ee464309265234fece392e6df5e7
8bd2084f293973ae7aaa88c9a7176721f28ec814551a10e1208b196c2cfd5d3d
8c087f08d42aebe8faa158f3af9246766f3561948f91f073fda63459713bb7dc
8cba0effb5b2fe3741e8a4c0e81f3eec76b8d864e39d05b3c3182dcb427ce308
8d3214caeed12988dbd8280a99f7e718dd38ac9bc432b0652a92062018231d4e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7b1a3e07ff3f0b915760ae1ac63b8410592bee3a89553a3bf8f73a6423a93b
8d80a7a909a4a7342f71a54de2d95e04472d3ec71ad08e7bfea4634d8cd616fc
8dd2b33486d15e920d6c71a134be819cb5559c83d45e0016e52f7c9f8dc718e1
8de1758d33f2f42d6812a8c146fd5c785b12e4d071ecab06b9b05848072bb850
8df6acde652c14372290a20f0cf32a3d2d68569d75dc2876ba5528bd339616c9
8f22606167cd85d42f36495b550a21c461db75221a0edfaaf9ab9c67edf18c52
8f26c0f67145e2169d441f121ded92761a6cbcd1abcc58aa9ca5212994a09193
8fecc2c0b5f937995edcf47643341ffebb2354d8f6682f4931d79cf1bc1ee827
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
903a3e2adc8fbc98f06e44384eacfade5967c43376397fb2efc9a7dff9dcdd93
90616dca7ae72d7c64b6cfe5565724c1d2c220a7cca6f91b31ba69ed8e1583a1
90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7
923c7bc114115535d3859aa2a1ab45e35c6a674d7b221d6cb3b3520f6550d053
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
93a9f9a2e66e93dd4617984832cc6a8455a154525398dcf6f87944bcbe153428
943222bb540343366077d429e5e93cb3d407ef58e8cfe767810b4013729188a5
94b2c683ab690416e47f5adc49063b6f75d87068b94bbf1cef117e3e96561e73
952601ea2d50d1ed25402dd09ed8363a5c5ec2db978611902b938355cca3c30d
95650c9d81fe1c228f5a3485392bcd4a048d7ef3142b6fe8886896a18f4d262c
9639244213f83b30ccdc150e7b592be27b96d2d5eb06ce4753ad449ee4845a2c
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96e51785834f5f8d7725e321a0b023b9f27e02e5ddc397f94cabfe0ffac4a641
97c982c685bffd399186a8b168d5da818f4c9a34e3b7cd465ccebda48444894f
98344eec8842ef328890a29cd19a5d3b308eb9db3906b47e8146e5231d4a2eb0
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99ee3282868206b580da240fd53a08fc61397d8bffa93a011286071791d08bd8
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a877726a7ea75d3ff46da702d8e1efbf615f7af09763ac702b2fe96f3e6f998
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1b09e6761b2be855046ba8e16371f74bd0d963b795b8a590f463a6af811802
9bf949a6c0d150c592420aa355b8e4ce66705cdb2e5d4e8084fcc8c0ea6db44c
9c15145e1d34d89bb8c2161655f8ac4904dd367e359aa1fbf733aa021d7c862b
9c6e2c424d31156b33ee6196c0706e3f29cd4ac567703641adcdd364baf64488
9e2ac756b7d18a0715d66cff4a48f4ba89882b3bcec6cd4fda5455387eaff84d
9e9c026574e7090913e27138fa6e988abc55fd676e125917d1c1499d28224bb9
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ff5526fbe195ceaf4c14ad2a2adb2ebb1428fc3fade5a2bccc9a00a14bb24d8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a189a43e0708b32e11bf920a63842025eeb0f635bdd737c84be1a762d03d763c
a28b55f41413d16c71a76b7af3ff9f707323bb3906096b85f7a581415aaeff55
a3226ebe4e39bc1ddcc45093d268ce2fb898cd9d27ed7e75100a97602229169a
a34a081b7c69de64cde1874dfec92b71c56a7bf0b69c2fbf7bc3805146ecff85
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a4135cd61dfa379bb61b0718f3a20dc8b25d0b8f4e3f2e52ef4d0e5be736136c
a489e84a2c08ef29f50c7cfcee6be906820a85bbd1383a06a21bed02de76af0a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4aceed15e5c98c51b7cd1dbb17f43bd78f32f6062129b018e7112ce516787d8
a4b24f1ffd1ae8a2adcc35326436e4c656e8c6f6bcac7664fe203ba8442df558
a4d83f264f7c649b9353ba356a05f44ea4f5b9f2217a771eaf21c6f5e10a3213
a51d30b532fd6d11b67754b83e3af505df5fdc961fbbbe801afaa86e93841bab
a595181faeaf1543c3c96217ce69cc0c7c9b18a3bdd0e149c751efb76c7d2a75
a5ee7407276e16d1bc10890859b4ec13be6352a5b0d868961cea0b9bfdd4964a
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132
a6ae0528203cdcb007626769dc5e6895aebcf2968fb796adc874dc68bb3b480e
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a752ad4a6219ea21dec555f682ff9e49ed22c8c4c4e2d992312b13c8cebcec31
a7af7fefc3934b71b876137907cf778644492452f5069c1f5234eaf8063966c0
a821f5692e1660be62ea9036c3f5c8f5af9ee727dfd73b00c0d308e2b975f28a
a87d3499b2f0386ed5a7ed239deeaa39ac293f540c342c8a56ac5f826e02b801
a943f7c447599749195bad885b0ce42ae66e804a20724e7a9b697c69a7c3cc28
a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1
a9b6b360a4a4082d3c2e0f46fb72e6c7e25b65c5a64de12bf2da4ff54e603467
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa8c315a3b679b533985404a3dc8fc45074947ff69d1dade73b3f978a9b539cc
aaad17d860310d83cdb8c7cfc336143de3f08ea3c34ced5d880bd6c666247ebc
ab549b2a17aa136e9e241ee47e6458b61b43317c253c8e4f8eb4c123be533d45
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
acad24eec8f13d878f8bd904a7aeb7b561c18824125f88b3bfe894e1e84afd31
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad016fa6953f9da77a79e729a695316ab363e9a963699f919ce6af075456a41e
adf82705c87de97dcdf8ee3727786eda0b12927126ea40f1d4f3543d7f4a027f
adfa96addd2f15c727367329b69ee97707f45f85a53ff7eef4df5deef88bbeb5
ae0045ce4597701b918384c17402ad14e391fa44e44ea8f800d159d6aff62f96
ae1bf4ee157784b1a1c097f508d4f3127835ccc0c310bce913e6e6f5fa61e215
ae27969e2235dfa0c5d55347ee46055262af5ed8f06db630cac4734e3627ea32
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aefeadb883dd6e961e6735adac512916b7a43934199587bd492bcdb87d58ae2e
af1f381103707015c1efb1924b9104a024a2a78c7c9e8a94f374764d19e6529e
af205ab1bd00c28578f5a8358060f943210379041d1b4973d5b9cc4547a48d04
afdb84f077187542fa4631ce8c3cc8f56702ae9e1c738848620b72f47104258e
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b00491a19beeb528b083a3e42f9aa3e4443f799f4dda08307ed03d95c23216c7
b025a5491e27ce75f3563dc43053561d85f98645ca8fadd39e043b059d92dd31
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14cb8c4ff88ad4dea08a32f8616c41851cd076aad9dd146cfb886cd803c3f8d
b17ff8804a6e516a0ac8a75918b6a5d3a8145c39ce0d9fc5b759076c6b81aa15
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b2d383a226f68976ffc416884c5fd06905ec6bfe85f0175031b11f79731ca40f
b35c144a6235b9b87a61739cb176a661daa712da0f0afe7c1fad1c72690f457e
b4217f2c8e10b25a869b1a649dd5b15ca1fe010e85a912f6095a130a4606ea55
b5b1f8c0ce1ab29cca4050e19cdb04030d00671931d88126bc8f9c4ebb492aa9
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
b68b95b3d700404e71ae3085a4acf08a1fdae3ac041a5dc1f73f373b1341f0b2
b68c6f76784b3b53d018faab33edcc0f9a82c2e76ab042f00c253d3e75e2f74d
b68f94b247bdf17c5553b793534de4090357dc45268ddc559ad9e7b2c1960356
b6a9d79c1ddb2fa19e36c55b772b5bc03f28ff0ea32dbac5da27497d4490aec4
b715761e92524c9442ef612af378e2fdf19167f92492568f4961260e9f377a0a
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
b78a553f48722fc26fa9f8f3a4906222c3378fc89a2b6f0ed6207d8f95a8d9eb
b7d70dedd947222451c2f1d9c8f59eafecf8ec3598a687ebb03cc957416e6a38
b9d9c248d1c87f59c7f19b198c5ed7310a4bfd0f57759dd87d649b00ec9fdb5b
b9f5e056433e164037529c2fcbee837f7c02cabb05da79ba6074d2652da143bc
baaf1755cef4f723bbb9a937995c514586986cb21c2de4e1e21ee33d141732ef
bb00ac5c9563c3c1ff9543ccb12c8115843773b068f221a593965ff463a8760c
bb2709731f5398ffb835d8845f6f4c78f052d7b7792c810b14d443c0f2094724
bb2c0dbef3ae661b3cbd35fb9cc549ab8344fda2506ddbbf64a964f05b4cc9fd
bcae765ac486a3e70da95ae85b0e7ad86586df074cc96045b192ce3824a3c853
bdf181b1db70ad502993930ea4132877726262cbb063c357afdd7d5c0cfdb549
be3ec5f1725890958c7ef75833b5fcaf41aa692812557006dec25f664b77ce33
be735dbbce112db814813ebefa31710c76e242cce684d3daf6a9598bcac039f7
be97ade1a009ba58f04b22da4007db70e29ad3ecc437bede28f13a2481bc5536
c0bf64f7b623f300ce7265268576d2f3f2b2a82ead5fcf44f6fe67d227b5ce2c
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c29d3cfbb333f3612e8d9c53c25176c80cda8c3e3a1767c5e3d2875395fe749c
c3325fba4bc0b8a61018adb2d0bb0fa89a1ab92e7fb8459bc16d39209b82ad7f
c3c498f811bc404171ad11779e3c81f2da26f27b0e1179b1544c1487030b16e3
c3e4f366e39287cbd001252e6d300229b7c3a12b1fd4c26bf7e290f5b3162d7c
c4b232d51671f5df01a636853747e6b6cfad249aec89f56581b2b1fada74b7e3
c4ff75a4db240a0e91feb2f1016cbe04a8e31664bc42b09e9249aaa02a44797c
c65dc23c9b6d7bdf0633746c5c48ab5fab0074c5087cfb6f2a814a426fd62273
c740d8dd4494a96507134e544fb09e2d7e7812ded83f4978c7e5878188414647
c758017cdcbef7a1b8c3f280d560d6844b079effc62e2b7eaaea43dc18dd8093
c7cec5c8a3656d674590fc4ba0ac008a2b39b4f9770f312ee7216383afb7e62e
c8029009dd2a58a3903f200eb1dce076f4d8a7940f9fcd29f9fbb32b2c4bdaa5
c8163d8f7a418da8d361c6d638e6b014f1f4221c6091b989eead42affb46bfe8
c83a0aa34db53034150f203e727698bfe2535ef3f4cffd3f03ef9ea988960e55
c8be74ac4dc355f0a46acec8e7ab86091eca59c2eaac5d21a0b403bd6241291e
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
c9376b2125484f8070da81334a1b302bc2385e58401716c04bf8c1304a8c6e51
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9996338cf56895fe00f9ce9bd9733fbc484e636442a6c6917ee959cad2bcf85
c9ef226218315b5804f91c7ae1b34352194e14f1dac157c814325d179dbcc25d
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
ca63afb0e71483df7df157ce614ab53be07a421d957e362af170af4a9ea2697a
caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150
cb8645e0bd04e1ff25faa1c0e956ad2f12f35d752d55ba2ae97cee37d37e2836
cc329246e5214b6ed164ded83b65a7a55f5af3c93662c5f2cd75d9a5583a2474
ccb44d93ca50cb084fca43467ae1de08e52ab6ea22694c49c266cec825a1fdb5
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
ce52949e9b1d83b7909932a5a0893e2f7aa0a447c853e21956cf91bc7fbc902d
ce64739515c1fb2b75b61cce955a1843453d21819cf66f3a05e1d3771103994f
cea21c6f10bb7f3d4eb1f37a72c11dd739323cc93da215d62294ae91f6be667c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfcc22d197db65b2991542ddb35450493e299781d1491c95015d0f8537ccdf4f
cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10
d032e1a4d0eb7fd845634e0e5084138defda69daef9aaba446aba289e14da921
d0a482c4012f74c5d80d9a17fd4ca6d0c1d5f924994920167d754285e5c63f8a
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07
d3674fcd1c65192a32ebf67cc37b9aa3dbd5a83b1f67b590c7e2d08d30eae1d4
d36aab54aba6ebd5a1d06f251cb08e6a22c08580c7b4e6df22036f21dbe9fd73
d3fe567af6ef23cadaf5d33e9bcb1ccf73dc194f3f1bad537dca5f26a303959c
d409b82d13b5eb41064d86f329f78d9465da653e1d7dad24dbc9ff93c34e8828
d46864d02182a24eef45e0437d744a667d4ee1209279629029525db3a721b410
d471b85115174ef1f00629f7b09127e04d599cc7421fcfc7884dcc4b2eb20cf0
d4852e0c1e28302c1d482a7afe0c0cd2caf3207aa83bb34cdfa182dd2e6386ae
d4f2f7c03ea64cf3b86b0838dd4677e3fb3b6aa573cbb57024e68ec0dba758e0
d4f83f55f617fa865a7c70118da3068a1ae9c27b185fa951c5d0d3b572fdc6be
d5f2d13db868a6b7494f192452ea87aeab881e5380b0e9f30b17217a2211f5f0
d62add71db97d1781ed9a2886c8919590c6a785d5e666757fb3e76cbcef2f43b
d685e85051851e605c182bf42de95aa5e04c0993015c7919ecb460feb7da6725
d6a1eeeb676341ec776da6ddcb440fb7609605304c10323e4cef2c2ff30f37bb
d6ab2b6887ee695de39eb759a4d0396c47bb69f811c17c8c78c141c60201039c
d6c906925b8d82d84cb2cfa4adc4caac30c7f7d012419e13641be6d141be94c4
d70f50943c120adb73de29c6270d9244084ab60159bab3c7be5f362734db7055
d7b361b911f3975f84793313e0b87bb3a9968bc3db3eef81b1221f0ae4c5d0d0
d7d4cd9ed83ea5d53fb154f71155e1bb3b6ee04d14933b8c16d43a0d41bcbcee
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7ef4122ede36edd7be87b56ba3db970e3c0cb051a4563423bbfdab2bc696c3a
d7fe105df580cce96d45b9bc85002706eea3c7819da56f035cff5a4b47576c1a
d8958ea091fd848175b17f574bc266a363fff00a0b6ab142725a4f515fb4a4c3
d8b8ffb2ed949f2ec3126e84eb7c20da59f51f38bf678c3bd72ab8143b7528aa
d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8
d96bf2ef1a5908977152408d330b39b94d961285f86db4a17e9e53497804edcb
d97edfe6552e3143d0007b5e8103f3b39a3dd32898a97c20cb7337978feaf83f
d9b92c1cb9ffb0e233e928d7cb3804c51b97f07096c2f6bf3ad7d4f5df6df1ea
dab6b7f1ee6fdf63279ca4d2f48e63b2f295af1ac7d73a59b1151b4244c52c7f
db4243fcb42af79e27f42ebeb09f99e3ef5b4e0ea12f99cbd10d29e28e6966fd
dbc5ba73705106055d8e9dba6660e92221f0c0420466770f49d39139259145f8
dbfe96d32f1d35aad0632a2c6798aa25bbe710a71bd615fc29b94c04a9bf70b3
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
dd738da797655cbde0f1241879f9a20bf4cd3214bbf46338492d7465578c9483
dd8ef56243d389be44d8777269f653fdd1df8e6fd0f6f40b24121e2efb2c6a9c
de03e97b14da79c775be2e4938e7021b8ac0bdfbfbf8dade8d2c2c00b91af689
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deaa8c25f96a0b2b3f348a5f55da84b402621e4a4be31baeb56ba3de133c99d6
decd63a0a791cb423f6e763edef7277f0858b3844412b9264682cb58a8321a86
df535666d20fc7234eb96b579c5aa70010492b5e220c55b45692ed60d38dfabf
dfaff480d3d69518a9293729aeb2d9c8c651d4bf6f1a38d1d64afab8566ed817
e00636ae85753830f398b2024f479648576821eb66d1d5dc0955b120e60cf2c5
e0a652a1bd36b70149fa3c6fdb4bd8641593273e261f2c43ae5e5309fa98bd56
e10903b1e36b3713d8272128121e7453439c89947befd7869b479b3090990ada
e110353336c27db196d1afdff49d38748b06ca8d33bdb809e1d4af0711f9e4ae
e1525da0eb146a3c688ebfdb6c6e70e0488f8e39fbc4c61a7fbd62c906dd0747
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e285b99cc5eaac789ead9d531f0517c2cc86df8d19767d5c9996e4c69f567590
e2d9bd9f5ffc43461e3a39c12001ed9c90664a090e83eb7985434dd93c283e21
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dc940e1e8941a2b95f07719a2243ab472affc7327fe0cb72f53710cbd8c651
e49cd8db55085beb92c21f48e62bcd2147cbfec7b562cab651e34e56e556cb36
e51ec66132b6fdddc66732cf551f2126732f4712e3a87f69f21cb97d46e1ce12
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e7259511931fbdb6fa52b5119c2c4bf68804ff635cb6efc4c139ed1204dead04
e75149e29642ec2de5cb6a5936bfcd7c2c6d390d997365345f71ea71d7085d00
e791577c143893614d07a011f8b12ea70b5f7fa09a5a28372f9a6fd185d04e11
e7ac0a03182f70ef699b787b11078f3f979c6cea50fa6abe991e7d2d211ff2ad
e806b89824c1ecfbf38c5d0bf9b01b1b49e5dadbd9aac34bb678e2514a7f107f
e887cde188c26215d44e608578d19c5b3d3075e6b2fb084ef8c65e5ed60c8c6e
e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90
e9a50c3fbd67964dcbfc166909d19e96f25f32c40ad50d656899f2aa381973b0
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ebfc176d185cf573669ebc639112b7597f935f87fa9609a7456ac5b6207b7752
ec0be287a1c00dfa85378c4066214e1c2992e22352cb4f8e070f68d5724efde1
ec42b120fd452ff1de08eb3bbe9eaa8cc689b35d9a49725b9fe8db1c16c1900e
eca965f18f3bf501516fd5bdd7343363c6c8d002531d573a7461ad3281a27aa8
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ed67662fd632fb92b8d08a105b8908d065ed19b7e199e7779d94af7fc9e7ffac
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee35020849ff3b061d9281af944309fa2a45f1c9dd6ed71b0c22849e6e3d2bc0
ee888bc3e7a166fe422eb4ba38421559ac0d86114235822d5ee02d8c5bdd7d63
eea50ecdeae6bf31e52884b6fa50a910698276fbe02cfeffc3394723c554bbd8
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef13b0253a986d36b9de961b9d657b6735fc409299b451d1e9a1454f66ce2fec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc99f83529377390af3004d4aa5412cff3f99555c0da889e3eb630dc7cd3cee
f02195fcd75f1c3503631ba8f472b9d4ee136f9e4e2f60b2dc6a09d7e12e3f8e
f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8
f2b3d7c74c827a66f1f2458bcebc7425ae86fede8f16819ce037e4f83f3f3ac3
f31c78f74821e02758ea1d59bc0e942f847c631cb9e91d6643b1bfdf48851178
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f4a852bdf0dfa921e7144308a4c48b1aed1695389eb76bdd71d4a48799441052
f4d59fdeef8ad1e68d7ee5b85f2d1045a443ef33c48d882805aa57f391267508
f4eb6a953c9d46684297105d831672bcc209864e48f21326f9214d2bd0a0487f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7a939d43320bc1e8606404dfb97b3ac8cd6c32bb3f821d47112c36f343f3109
f9c8ddd85a4328e3ff24a089c1ceee312c68dad1952a4e442b2c6d55bad09dfa
fa1d2a3344f33b8b08c24f13651c2fd7c9e5c0896b742aec9b038ac44edeaec0
fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e
faf1732350f309773abd157ee54880b49d8d7fc43f2201076c3a13729a8bb0f6
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb6230434956416a3e8aa6e98dbf5a287e7a221d22ef5c52c8e2bd37f56b1243
fb66d50466654410ed1aba9e24bb40f3e64594968136cfc472c1afd1eb180dba
fbd1edd661c3eeeae3650b9b6511e253dfe96ea8b4d016407025d439d40def1a
fca1cecbb79ec1a111a8704840209211403a227b6d36818224dd490926077583
fcc64316c5f3a1f5a4adb8183f9bdb4cf1c1e95713781e63c9ae243877f62128
fcc96e861b10e641a1f75d6d2961482ff19608ba15156820ac4d5d4dd1c50067
fcec4e2c905c1cae1550f5cccbdf6531de48ef2fe09c2876d3d09fb543825df1
fe0b943e69b36c68789170c04f5f1436d5b44d110d555ecba91fe0d96342278b
fe55f6306326e8e0ae4495684d8d742eeb3565d40bc0c9d95e0c6f557a65e64c
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

www.correiodopovo.com.br Open in urlscan Pro 179.191.182.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

1293 Requests

90 %HTTPS

30 %IPv6

121 Domains

227 Subdomains

154 IPs

16 Countries

16362 kBTransfer

38672 kBSize

180 Cookies

32 Outgoing links

Page URL History

Redirected requests

1293 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 21 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.correiodopovo.com.br Open in urlscan Pro
179.191.182.65 Public Scan

Screenshot
Live screenshot

Full Image

1293
Requests

90 %
HTTPS

30 %
IPv6

121
Domains

227
Subdomains

154
IPs

16
Countries

16362 kB
Transfer

38672 kB
Size

180
Cookies

1293 HTTP transactions
21 data transactions