urlscan.io logo urlscan.io
SecurityTrails logo

www.estadao.com.br Open in urlscan Pro
2a02:26f0:12d::17d9:6a0b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hroicloudflareekalilta.best/
Effective URL: https://www.estadao.com.br/
Submission: On June 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 88 IPs in 12 countries across 85 domains to perform 324 HTTP transactions. The main IP is 2a02:26f0:12d::17d9:6a0b, located in Berlin, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.estadao.com.br. The Cisco Umbrella rank of the primary domain is 142368.
TLS certificate: Issued by R3 on May 16th 2023. Valid for: 3 months.
This is the only time www.estadao.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
30 2a02:26f0:12d... 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2.17.100.216 20940 (AKAMAI-ASN1)
1 2a02:26f0:310... 20940 (AKAMAI-ASN1)
4 2a03:2880:f08... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:249... 16509 (AMAZON-02)
1 151.101.192.114 54113 (FASTLY)
2 2600:9000:237... 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 18.66.112.14 16509 (AMAZON-02)
1 54.209.165.221 14618 (AMAZON-AES)
2 54.185.165.208 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.41.54.47 16509 (AMAZON-02)
4 2a03:2880:f17... 32934 (FACEBOOK)
1 2a02:26f0:12d... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 16 37.252.171.85 29990 (ASN-APPNEX)
12 2602:803:c004... 26667 (RUBICONPR...)
12 185.86.138.16 201081 (SMARTADSE...)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 2a04:4e42:600... 54113 (FASTLY)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2600:9000:225... 16509 (AMAZON-02)
1 99.84.88.34 16509 (AMAZON-02)
1 162.19.138.119 16276 (OVH)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
2 35.190.39.111 15169 (GOOGLE)
1 108.128.250.26 16509 (AMAZON-02)
1 2 2a02:2638:d::d 44788 (ASN-CRITE...)
1 178.250.7.13 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 22 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.244.159.8 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:400... 54113 (FASTLY)
10 18.66.192.8 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
8 2a02:2638:3::7 44788 (ASN-CRITE...)
9 216.52.2.16 32475 (SINGLEHOP...)
16 172.67.10.198 13335 (CLOUDFLAR...)
1 9 37.157.3.20 198622 (ADFORM)
8 185.64.189.112 62713 (AS-PUBMATIC)
1 18.66.192.95 16509 (AMAZON-02)
2 144.126.250.218 14061 (DIGITALOC...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 23.201.255.110 16625 (AKAMAI-AS)
1 151.101.65.108 54113 (FASTLY)
2 23.32.184.192 16625 (AKAMAI-AS)
2 3 185.64.190.78 62713 (AS-PUBMATIC)
1 1 185.29.132.245 30419 (MEDIAMATH...)
11 185.64.189.110 62713 (AS-PUBMATIC)
1 1 193.0.160.131 54312 (ROCKETFUEL)
8 185.64.190.80 62713 (AS-PUBMATIC)
1 1 178.250.7.11 44788 (ASN-CRITE...)
2 2 213.155.156.183 1299 (TWELVE99 ...)
3 5 67.220.226.232 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
5 5 54.195.20.254 16509 (AMAZON-02)
7 9 172.217.16.194 15169 (GOOGLE)
1 1 208.93.169.131 46244 (WEBMD-IDC...)
1 1 185.86.138.154 201081 (SMARTADSE...)
1 2 151.101.130.49 54113 (FASTLY)
1 1 54.205.93.130 14618 (AMAZON-AES)
1 72.251.241.196 32475 (SINGLEHOP...)
1 35.186.193.173 15169 (GOOGLE)
1 1 52.220.229.2 ()
1 195.5.165.20 44968 (IPROM-AS)
1 1 141.94.161.190 16276 (OVH)
2 2 141.94.171.216 16276 (OVH)
2 2 34.254.143.3 16509 (AMAZON-02)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 1 35.214.193.52 15169 (GOOGLE)
1 46.51.163.206 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 52.44.244.58 14618 (AMAZON-AES)
3 3 37.157.4.23 198622 (ADFORM)
1 35.204.74.118 396982 (GOOGLE-CL...)
2 3.33.220.150 16509 (AMAZON-02)
2 2 3.75.62.37 16509 (AMAZON-02)
1 198.47.127.20 62713 (AS-PUBMATIC)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
3 3 18.194.57.28 16509 (AMAZON-02)
2 2 54.228.185.250 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 98.98.134.241 21859 (ZEN-ECN)
2 2 2001:678:cb4:... 56396 (AMOBEE)
1 1 134.122.57.34 14061 (DIGITALOC...)
1 2 157.90.211.246 24940 (HETZNER-AS)
4 4 69.173.144.138 26667 (RUBICONPR...)
3 5 69.173.144.165 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 3 52.46.151.131 16509 (AMAZON-02)
4 4 213.19.147.45 3356 (LEVEL3)
2 2 188.42.191.196 7979 (SERVERS-COM)
2 8.2.108.194 46636 (NATCOWEB)
1 1 184.24.77.60 20940 (AKAMAI-ASN1)
1 18.197.12.252 16509 (AMAZON-02)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
324 88
1    2606:4700:3032::ac43:cb7e (United States)

ASN13335 (CLOUDFLARENET, US)
hroicloudflareekalilta.best
30    2a02:26f0:12d::17d9:6a0b (Berlin, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.estadao.com.br
4    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.google.de
2    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2.17.100.216 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-216.deploy.static.akamaitechnologies.com
acesso.estadao.com.br
meu.estadao.com.br
statics.estadao.com.br
1    2a02:26f0:3100:795::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
4    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:82a::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
estadao-bi-ga360.appspot.com
9    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
14    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
contributor.google.com
fundingchoicesmessages.google.com
1    2600:9000:2490:dc00:16:3843:2d40:93a1 (United States)

ASN16509 (AMAZON-02, US)
ivccftag.ivcbrasil.org.br
1    151.101.192.114 (United States)

ASN54113 (FASTLY, US)
cdn.evgnet.com
2    2600:9000:237d:3c00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2a02:26f0:3500:11::215:14ca (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
websdk.appsflyer.com
4    2606:4700::6810:ff3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
6    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    18.66.112.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-14.fra56.r.cloudfront.net
assets.zephr.com
1    54.209.165.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-165-221.compute-1.amazonaws.com
ping.chartbeat.net
2    54.185.165.208 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-185-165-208.us-west-2.compute.amazonaws.com
saoestadodespaulo.us-7.evergage.com
1    2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
1    2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    52.41.54.47 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-54-47.us-west-2.compute.amazonaws.com
ivccf.ivcbrasil.org.br
4    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a02:26f0:12d:48a::11a6 (Berlin, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
2    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
16    37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
12    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
12    185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
2    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
5    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    2600:9000:2250:8a00:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    99.84.88.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-34.muc50.r.cloudfront.net
tags.crwdcntrl.net
1    162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
1    108.128.250.26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-250-26.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
6bedb7dd84afcb3244a5088949c0b1f1.safeframe.googlesyndication.com
22    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
banner.boostbox.com.br
dspl.incvaluex.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
6    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a04:4e42:400::282 (United States)

ASN54113 (FASTLY, US)
cdn.polyfill.io
10    18.66.192.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-8.muc50.r.cloudfront.net
hitbip.com
3    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
8    2606:4700:20::681a:b19 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.adpone.com
8    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
9    216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
16    172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
9    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
cm.adform.net
8    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    18.66.192.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-95.muc50.r.cloudfront.net
redcarpat.com
2    144.126.250.218 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
tags.fulllab.com.br
3    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
11    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
8    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.183 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
5    67.220.226.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    85.114.159.93 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
5    54.195.20.254 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-20-254.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
9    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
cm.g.doubleclick.net
1    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    185.86.138.154 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    54.205.93.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-93-130.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    72.251.241.196 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    52.220.229.2 (None, )

ASN- ()
cm-supply-web.gammaplatform.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    141.94.161.190 (France)

ASN16276 (OVH, FR)
PTR: bixel-2.cloudy.ovh
green.erne.co
2    141.94.171.216 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh
pixel-eu.onaudience.com
2    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loada.exelator.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    35.214.193.52 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 52.193.214.35.bc.googleusercontent.com
csync.loopme.me
1    46.51.163.206 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-163-206.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    52.44.244.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-244-58.compute-1.amazonaws.com
a.audrte.com
3    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
2    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    2a05:d018:d29:3601:4d53:e3a9:9bb3:651 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    18.194.57.28 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-57-28.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    54.228.185.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-185-250.eu-west-1.compute.amazonaws.com
r.scoota.co
1    2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    157.90.211.246 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.246.211.90.157.clients.your-server.de
sync.richaudience.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
5    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    213.19.147.45 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    8.2.108.194 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
1    184.24.77.60 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-24-77-60.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    18.197.12.252 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-12-252.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
Apex Domain
Subdomains		 Transfer
37 estadao.com.br
www.estadao.com.br — Cisco Umbrella Rank: 142368
acesso.estadao.com.br — Cisco Umbrella Rank: 536795
meu.estadao.com.br
statics.estadao.com.br — Cisco Umbrella Rank: 549398
839 KB
33 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 541
ads.pubmatic.com — Cisco Umbrella Rank: 540
image6.pubmatic.com — Cisco Umbrella Rank: 762
simage2.pubmatic.com — Cisco Umbrella Rank: 690
image2.pubmatic.com — Cisco Umbrella Rank: 899
image4.pubmatic.com — Cisco Umbrella Rank: 1135
33 KB
23 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 523
eus.rubiconproject.com — Cisco Umbrella Rank: 614
token.rubiconproject.com — Cisco Umbrella Rank: 605
pixel.rubiconproject.com — Cisco Umbrella Rank: 362
19 KB
21 google.com
contributor.google.com — Cisco Umbrella Rank: 15954
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1888
www.google.com — Cisco Umbrella Rank: 3
adservice.google.com — Cisco Umbrella Rank: 103
58 KB
17 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 239
acdn.adnxs.com — Cisco Umbrella Rank: 617
36 KB
16 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 6128
csync.smilewanted.com — Cisco Umbrella Rank: 3024
static.smilewanted.com — Cisco Umbrella Rank: 10979
17 KB
16 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 221
stats.g.doubleclick.net — Cisco Umbrella Rank: 111
cm.g.doubleclick.net — Cisco Umbrella Rank: 231
164 KB
14 incvaluex.com
dspl.incvaluex.com
3 KB
13 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1498
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 595
7 KB
12 adform.net
adx.adform.net — Cisco Umbrella Rank: 4102
dmp.adform.net
c1.adform.net — Cisco Umbrella Rank: 598
cm.adform.net — Cisco Umbrella Rank: 1224
6 KB
12 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 416
mug.criteo.com — Cisco Umbrella Rank: 2331
bidder.criteo.com — Cisco Umbrella Rank: 748
dis.criteo.com — Cisco Umbrella Rank: 587
9 KB
10 hitbip.com
hitbip.com — Cisco Umbrella Rank: 109572
38 KB
10 googlesyndication.com
6bedb7dd84afcb3244a5088949c0b1f1.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
41 KB
9 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 718
4 KB
9 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
21 KB
8 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1001
s.amazon-adsystem.com — Cisco Umbrella Rank: 318
6 KB
8 adpone.com
hb.adpone.com — Cisco Umbrella Rank: 20756
977 KB
8 boostbox.com.br
banner.boostbox.com.br
295 KB
6 google.de
www.google.de — Cisco Umbrella Rank: 5230
adservice.google.de — Cisco Umbrella Rank: 8155
1 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 579
3 KB
4 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 315
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 452
2 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2137
3 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
249 B
4 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 24956
usr.navdmp.com — Cisco Umbrella Rank: 29683
cdn.navdmp.com — Cisco Umbrella Rank: 6902
7 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 165
242 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 601
2 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 340
1 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24405
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 22269
898 B
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 249
13 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1372
google-bidout-d.openx.net — Cisco Umbrella Rank: 1466
678 B
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 995
bcp.crwdcntrl.net — Cisco Umbrella Rank: 871
sync.crwdcntrl.net — Cisco Umbrella Rank: 844
12 KB
3 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1448
creativecdn.com — Cisco Umbrella Rank: 484
3 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1661
mab.chartbeat.com — Cisco Umbrella Rank: 2563
25 KB
3 gstatic.com
fonts.gstatic.com
69 KB
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 2974
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1691
1 KB
2 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1995
422 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 952
952 B
2 scoota.co
r.scoota.co — Cisco Umbrella Rank: 32217
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 365
529 B
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 26243
2 KB
2 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 13828
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 702
771 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5220
562 B
2 fulllab.com.br
tags.fulllab.com.br — Cisco Umbrella Rank: 787913
3 KB
2 polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 3355
1 KB
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 1552
315 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 797
id5-sync.com — Cisco Umbrella Rank: 429
18 KB
2 evergage.com
saoestadodespaulo.us-7.evergage.com — Cisco Umbrella Rank: 463271
1 KB
2 ivcbrasil.org.br
ivccftag.ivcbrasil.org.br — Cisco Umbrella Rank: 539840
ivccf.ivcbrasil.org.br — Cisco Umbrella Rank: 126110
25 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1253
c.go-mpulse.net — Cisco Umbrella Rank: 566
50 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
184 KB
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 548
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 611
676 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
481 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 382
648 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2357
555 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 681
187 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3405
104 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 870
610 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 993
225 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2588
308 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 17896
412 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5932
277 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com
650 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5538
369 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1442
283 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 732
940 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 616
664 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1588
524 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 773
589 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 859
795 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 518
734 B
1 redcarpat.com
redcarpat.com — Cisco Umbrella Rank: 84420
36 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 205
55 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1445
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 367
878 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 569
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1496
8 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1273
201 B
1 zephr.com
assets.zephr.com — Cisco Umbrella Rank: 44632
16 KB
1 appsflyer.com
websdk.appsflyer.com — Cisco Umbrella Rank: 6365
12 KB
1 evgnet.com
cdn.evgnet.com — Cisco Umbrella Rank: 3991
51 KB
1 appspot.com
estadao-bi-ga360.appspot.com — Cisco Umbrella Rank: 484071
499 B
1 hroicloudflareekalilta.best
hroicloudflareekalilta.best
748 B
324 85
Domain Requested by
30 www.estadao.com.br www.estadao.com.br
assets.zephr.com
16 ib.adnxs.com 1 redirects www.estadao.com.br
hb.adpone.com
acdn.adnxs.com
14 dspl.incvaluex.com banner.boostbox.com.br
13 fundingchoicesmessages.google.com www.estadao.com.br
12 prg.smartadserver.com www.estadao.com.br
hb.adpone.com
12 fastlane.rubiconproject.com www.estadao.com.br
hb.adpone.com
11 simage2.pubmatic.com ads.pubmatic.com
10 hitbip.com banner.boostbox.com.br
hitbip.com
9 cm.g.doubleclick.net 7 redirects
9 ap.lijit.com hb.adpone.com
csync.smilewanted.com
9 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
8 image2.pubmatic.com ads.pubmatic.com
8 hbopenbid.pubmatic.com hb.adpone.com
8 adx.adform.net hb.adpone.com
8 prebid.smilewanted.com hb.adpone.com
8 bidder.criteo.com hb.adpone.com
8 hb.adpone.com www.estadao.com.br
hitbip.com
8 banner.boostbox.com.br 1 redirects www.estadao.com.br
banner.boostbox.com.br
7 csync.smilewanted.com hb.adpone.com
csync.smilewanted.com
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
banner.boostbox.com.br
6 securepubads.g.doubleclick.net www.estadao.com.br
securepubads.g.doubleclick.net
banner.boostbox.com.br
5 pixel.rubiconproject.com 3 redirects
5 match.prod.bidr.io 5 redirects
5 aax-eu.amazon-adsystem.com 3 redirects ads.pubmatic.com
5 adservice.google.com securepubads.g.doubleclick.net
5 adservice.google.de securepubads.g.doubleclick.net
5 acesso.estadao.com.br www.estadao.com.br
acesso.estadao.com.br
4 token.rubiconproject.com 4 redirects
4 a.audrte.com 3 redirects ads.pubmatic.com
4 www.facebook.com www.estadao.com.br
4 connect.facebook.net www.estadao.com.br
connect.facebook.net
3 sync.1rx.io 3 redirects
3 s.amazon-adsystem.com 2 redirects
3 x.bidswitch.net 3 redirects
3 image6.pubmatic.com 2 redirects ads.pubmatic.com
3 cdnjs.cloudflare.com tags.fulllab.com.br
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 fonts.gstatic.com www.estadao.com.br
2 creativecdn.com 2 redirects
2 us.ck-ie.com csync.smilewanted.com
2 ads.betweendigital.com 2 redirects
2 sync.richaudience.com 1 redirects csync.smilewanted.com
2 ad.turn.com 2 redirects
2 r.scoota.co 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 ups.analytics.yahoo.com 2 redirects
2 match.adsrvr.org ads.pubmatic.com
2 c1.adform.net 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 loada.exelator.com 2 redirects
2 pixel-eu.onaudience.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 ads.pubmatic.com hb.adpone.com
ads.pubmatic.com
2 eus.rubiconproject.com hb.adpone.com
eus.rubiconproject.com
2 tags.fulllab.com.br banner.boostbox.com.br
tags.fulllab.com.br
2 cdn.polyfill.io banner.boostbox.com.br
2 gum.criteo.com 1 redirects static.criteo.net
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 oajs.openx.net 1 redirects www.estadao.com.br
2 www.google.com www.estadao.com.br
tpc.googlesyndication.com
2 saoestadodespaulo.us-7.evergage.com cdn.evgnet.com
2 tag.navdmp.com www.estadao.com.br
tag.navdmp.com
2 static.chartbeat.com www.estadao.com.br
2 www.googletagmanager.com www.estadao.com.br
www.googletagmanager.com
1 match.sharethrough.com csync.smilewanted.com
1 ads.stickyadstv.com 1 redirects
1 cm.adform.net 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 px.ads.linkedin.com
1 match.adsby.bidtheatre.com 1 redirects
1 pixel-sync.sitescout.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 image4.pubmatic.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 green.erne.co 1 redirects
1 core.iprom.net ads.pubmatic.com
1 cm-supply-web.gammaplatform.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 cms.quantserve.com 1 redirects
1 dis.criteo.com 1 redirects
1 p.rfihub.com 1 redirects
1 sync.mathtag.com 1 redirects
1 static.smilewanted.com csync.smilewanted.com
1 acdn.adnxs.com hb.adpone.com
1 statics.estadao.com.br
1 redcarpat.com www.estadao.com.br
1 google-bidout-d.openx.net oa.openxcdn.net
1 www.googletagservices.com securepubads.g.doubleclick.net
1 6bedb7dd84afcb3244a5088949c0b1f1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cdn.navdmp.com tag.navdmp.com
1 mug.criteo.com www.estadao.com.br
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 id5-sync.com cdn.id5-sync.com
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 usr.navdmp.com tag.navdmp.com
1 www.google.de www.estadao.com.br
1 c.go-mpulse.net s.go-mpulse.net
1 ivccf.ivcbrasil.org.br www.estadao.com.br
1 stats.g.doubleclick.net www.google-analytics.com
1 mab.chartbeat.com static.chartbeat.com
1 ping.chartbeat.net www.estadao.com.br
1 assets.zephr.com acesso.estadao.com.br
1 meu.estadao.com.br www.estadao.com.br
1 websdk.appsflyer.com www.estadao.com.br
1 cdn.evgnet.com www.googletagmanager.com
1 ivccftag.ivcbrasil.org.br www.estadao.com.br
1 contributor.google.com www.googletagmanager.com
1 estadao-bi-ga360.appspot.com www.estadao.com.br
1 s.go-mpulse.net www.estadao.com.br
1 hroicloudflareekalilta.best 1 redirects
324 127
Subject Issuer Validity Valid
estadao.web.arc-cdn.net
R3		 2023-05-16 -
2023-08-14		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
estado.com.br
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-31 -
2023-11-01		 a year crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-05 -
2024-04-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-03-15 -
2023-06-13		 3 months crt.sh
*.appspot.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.ivcbrasil.org.br
Amazon RSA 2048 M02		 2023-04-29 -
2024-05-27		 a year crt.sh
cdn.evergage.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-06 -
2024-03-04		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
*.appsflyer.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-22 -
2023-09-24		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-04 -
2024-05-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
assets.zephr.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-26		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
*.us-7.evergage.com
Amazon RSA 2048 M01		 2023-02-07 -
2023-09-29		 8 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-05-28 -
2023-08-26		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-04-28 -
2023-07-28		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-05-18 -
2023-08-16		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-05-17 -
2023-08-15		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-10 -
2024-01-11		 a year crt.sh
hitbip.com
Amazon RSA 2048 M02		 2023-02-24 -
2023-08-27		 6 months crt.sh
boostbox.com.br
GTS CA 1P5		 2023-04-21 -
2023-07-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
redcarpat.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-01-24		 a year crt.sh
tags.fulllab.com.br
R3		 2023-04-17 -
2023-07-16		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-05-23 -
2023-08-21		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2022-11-12 -
2023-12-14		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh

This page contains 54 frames:

Primary Page: https://www.estadao.com.br/
Frame ID: 415F31ECEC8F3FC7C4FDE7CD9EEE5DA3
Requests: 132 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.estadao.com.br
Frame ID: F40FEEE02CC5E752042F359E1A43F3C0
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 25A8FB1722671FB1B970E0592D6E4E0E
Requests: 1 HTTP requests in this frame

Frame: https://6bedb7dd84afcb3244a5088949c0b1f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 53D4694149A1D56F62B8155E3557F6FA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcyH05_toj1oamJqCtYzfTStsJQB51bhtDSBZLNCtbLUbp73Ax5xDtJ3OGJqwcuNTErZvC33-QLfKvEuKmxAzq85ikmEhre2DD8PxcalnVDxx-yRUbgHNh5qkWwjm0uA3ZRv31SRaAaYv55nPP__FVp9WruFf_6UJAuUpoQ-srWtndAcdg4BvMkOy4PdZUSGXAYmqDwkyDbgRL0Fu6WyURd6KjZFiyVxX9bxOudaZWBWnsWTEnsdTwbff3LSkxuuW1LNJ_JHnG9SPT9jsJw346kSGvXKjLyV3mFN_qY8cZO1mX6cxL3Kpb51uhZUg3ey3-n7u5Ew&sai=AMfl-YS8WRaZcIJDCYPT8H76FH9Mtfx23LOpZJwPGj2s0wTT_Qh47tXRbCLT-4nmCjdjAV2N3qR_uNksHmr8OUdt8cF_a3f6W_JVPq0iFtFatHLt3mZ5kcE-YgxVw0stF8vraDrQ6XxkzprfGPdYGQU&sig=Cg0ArKJSzPLnI5nBcKTSEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 10CABA86A5D3A8871BA7575DC0D31A82
Requests: 18 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: FA8E37764D42D07EF63C093CF33ECAE1
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 5131E37D5D61D2D218F33D4BF6A53F20
Requests: 1 HTTP requests in this frame

Frame: https://banner.boostbox.com.br/banners/b011a71ddc6eaf10c1f5a171
Frame ID: 1CD4EEE114BEB8CE1EED02B7953056A5
Requests: 7 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: E04709D3709A663E3E8F47174EE40F41
Requests: 9 HTTP requests in this frame

Frame: https://hitbip.com/r/p.html?f=cvcgvqpoj&e=1504677494333
Frame ID: 8F6B5DA9EF02C60F13835A34E3B99634
Requests: 10 HTTP requests in this frame

Frame: https://hitbip.com/r/p.html?f=adirvjin&e=1504677494333
Frame ID: 32AFB5A061DAF33EF090B31B47C0D491
Requests: 10 HTTP requests in this frame

Frame: https://hitbip.com/r/p.html?f=twmjghke&e=1504677494333
Frame ID: 2723D04CC7AC6B2AEC0BC3BF190E9175
Requests: 10 HTTP requests in this frame

Frame: https://hitbip.com/r/p.html?f=pxuoevzn&e=1504677494333
Frame ID: B36ACFC77AC38DD5438D11A484E81C81
Requests: 10 HTTP requests in this frame

Frame: https://hitbip.com/r/p.html?f=cyymippo&e=1504677494333
Frame ID: 97C0B66E2C134E10CF883B2B7A2CDC4E
Requests: 10 HTTP requests in this frame

Frame: https://hitbip.com/r/p.html?f=oknk&e=1504677494333
Frame ID: 8D1CD2C11362ECB6FDE67DF923FEA1B3
Requests: 10 HTTP requests in this frame

Frame: https://hitbip.com/r/p.html?f=fqrcjinsc&e=1504677494333
Frame ID: 749726681E3A67D2C6275294E24BB189
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8EA2DE5326ABBFB85E99251A54C0382B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 366BA91779F6D81586D72466CE676F13
Requests: 2 HTTP requests in this frame

Frame: https://redcarpat.com/a/728x90.png
Frame ID: DC803C42F9E76B7345AD071030D95D77
Requests: 1 HTTP requests in this frame

Frame: https://tags.fulllab.com.br/safeframe
Frame ID: 0431161CA2AD32932633B900B3C7052A
Requests: 4 HTTP requests in this frame

Frame: https://acesso.estadao.com.br/paywall/modal_lgpd/build/
Frame ID: D476B60CC72D9072C174267DBF37D3EB
Requests: 4 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: DDBED165FD4800D92EF1123565C680D4
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A4C5164E1DA1A86DC497B3B94E2E3DA0
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FBACDA4E1CFF5D82198C1B0B01A5C868
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: FD327B70457BE187F1D7C0AA96D0E997
Requests: 18 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: AC6AB3B115179DF88EF8F09245B68BCA
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 2EE889BA9BBBD16CA59AC9D38C876026
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2a98647f-04e2-4600-b1f7-0f7566f62e46&gdpr=0&gdpr_consent=
Frame ID: 474ADEE9A015073C25AEB0FE54D145A5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322326787056427
Frame ID: 2126237BD6C88B0FC05ECE96094AFAF7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 5AFF77C815FAF6E43D5A72C89ACBE17E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7797055540750413310
Frame ID: A8B6A949C0277D10C8422EC9DF68B98D
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=06C4B25A-20EF-45D1-94E6-E9C96856DB7C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: BF3DB765025D36D897D23B190077D9BA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=N-LUETHihkUs54BDNOfORjG3hkQs49JGZbPrN4H9
Frame ID: BB30FFE78BA6AFF9FF20960F40AE2A11
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3931163274102045951&gdpr=0&gdpr_consent=
Frame ID: 63E77E24CBE26560F53A4000797AF879
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7241512094548031629&gdpr=0&gdpr_consent=
Frame ID: 51827FE7F579C05CB8CD30367D368822
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACs907I_goAACFzuhuQzg&gdpr=0&gdpr_consent=
Frame ID: ED1B0C2FDF3862DF79C542AB49A9DF67
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZH8E4gACgcfyvQBR
Frame ID: D5069CEA02629270244122C9E2B8B73D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FeVGqeltUCdT8eymih_UWiU6Ovo&gdpr=0&gdpr_consent=
Frame ID: EA37B3942DD57A227F238D1349C6669E
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 30C9FC6E7C0C2719CD48558804355A8A
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: E00C4D0CE597569CB8BAE596A465BD18
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=a3v0l3l281gx
Frame ID: C9BA30051A58FA332FE33751568EC098
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: B2C4B7AB2F4C76BFED806FF51FE510FD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRaXbaXTSThbYXYVW&gdpr=0&gdpr_consent=
Frame ID: 7CA2879F359BD8CEA9D0EB41B27BD54A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=06C4B25A-20EF-45D1-94E6-E9C96856DB7C&gdpr=0&gdpr_consent=
Frame ID: EFF2C9B0881BA6E6A3DA7EDD9B20DC99
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 2842CC43A0FA109E429456756DB15F81
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: 9721AD0951DF3F49887D0441BEDC79FA
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-c33a1430-eba3-4f17-a568-3cd929f37ce3-003
Frame ID: 3B3F976F81EC16CAF14EA1D9E42148D5
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/f5c60a5f-4a7e-529d-99f3-2276fd8c2694
Frame ID: D197FB2457EF16806E2A62A4A2A8F560
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 178632932CA272B978B988EC18238A2F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/6035221509773553240
Frame ID: 0DE65377D63DA6660500E0ED159EDCB8
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/85b9bccc2231b4a3f76c1168065e063?gdpr_consent=&gdpr=0
Frame ID: 7415178AD0E1668A5210D38312D853A1
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 8CA6D5B700ACD6AEB69D50E6CE24D19B
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 92750EEC9E42BC7A51EC5C81C31BDA7F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/97qKh7Pv1f1EVtSb6Mtt?pi=smilewanted&tc=1
Frame ID: A82BAF9A1EEB68C94312DC36F71D5BF0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Estadão | As Últimas Notícias do Brasil e do Mundo - Estadão

Page URL History Show full URLs

  1. https://hroicloudflareekalilta.best/ HTTP 302
    https://www.estadao.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

324
Requests

94 %
HTTPS

36 %
IPv6

85
Domains

127
Subdomains

88
IPs

12
Countries

3441 kB
Transfer

11460 kB
Size

129
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hroicloudflareekalilta.best/ HTTP 302
    https://www.estadao.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 99
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.estadao.com.br%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.estadao.com.br%2F&rid=esp&cc=1
Request Chain 109
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=estadao.com.br&sn=ChromeSyncframe&so=0&topUrl=www.estadao.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=I-OSmHw2QzlXNHlxQy9yWEliWkdJbVRXcnl3MjRiQ0V5Q0RnL1VmUFFGcnNPaWI3MGV2OHhxazQ2amJHdk5JYmViS0FZdkFieTd0czBZOGNiaG1YbmJ3Z3V6dTZ0OWgxOUtLaHIwbVorWWIraHMxM0pzalpNQ1l0MVFPbHpWOUJNQUZlTWtMbHNMaDlIVVBOWnp6ZVlaT1h2Y0orZ2JrRFZBQmRTdnFzQkZ1bGVROE9NdTdobWVoRHZoSEl3MHgzSmdZTWFMM3U5VlJCekZrMFJoS05ibi8yKzlUN2MvcC9ySVFmMEY4YzJ3RHErR1JJNTVwa1NMNjNZWmpZbDdid3dFQ3BiQXQ2SWdhOXVjbzA5MUxSYkVPU2gwTHd0dUlHeWwwMjJEUjVtdlhUU0N0ST18&cppv=2
Request Chain 119
  • https://banner.boostbox.com.br/integrations/script.js?token=b011a71ddc6eaf10c1f5a171 HTTP 301
  • https://banner.boostbox.com.br/integrations/script/b011a71ddc6eaf10c1f5a171.js
Request Chain 273
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2a98647f-04e2-4600-b1f7-0f7566f62e46&gdpr=0&gdpr_consent=
Request Chain 274
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322326787056427
Request Chain 275
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 276
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7797055540750413310
Request Chain 277
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=06C4B25A-20EF-45D1-94E6-E9C96856DB7C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=06C4B25A-20EF-45D1-94E6-E9C96856DB7C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 278
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=N-LUETHihkUs54BDNOfORjG3hkQs49JGZbPrN4H9
Request Chain 279
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3931163274102045951&gdpr=0&gdpr_consent=
Request Chain 280
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7241512094548031629&gdpr=0&gdpr_consent=
Request Chain 281
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDczkwN0lfZ29BQUNGenVodVF6Zw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACs907I_goAACFzuhuQzg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACs907I_goAACFzuhuQzg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACs907I_goAACFzuhuQzg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8960058707774070119&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACs907I_goAACFzuhuQzg&gdpr=0&gdpr_consent=
Request Chain 282
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZH8E4gACgcfyvQBR
Request Chain 283
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FeVGqeltUCdT8eymih_UWiU6Ovo&gdpr=0&gdpr_consent=
Request Chain 286
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=a3v0l3l281gx
Request Chain 288
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253Dtk2EoAPtRaXbaXTSThbYXYVW%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253Dtk2EoAPtRaXbaXTSThbYXYVW%2526gdpr%253D0%2526gdpr_consent%253D&xl8blockcheck=1 HTTP 302
  • https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=526b9234dbdb7d02c200cf46315b1b59&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3Dtk2EoAPtRaXbaXTSThbYXYVW%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRaXbaXTSThbYXYVW&gdpr=0&gdpr_consent=
Request Chain 289
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=06C4B25A-20EF-45D1-94E6-E9C96856DB7C&gdpr=0&gdpr_consent=
Request Chain 290
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 291
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BsSyWiDvRdGU5unJaFbbfA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 293
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2032789585 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=06C4B25A-20EF-45D1-94E6-E9C96856DB7C
Request Chain 294
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=06C4B25A-20EF-45D1-94E6-E9C96856DB7C HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ODRtQmpYLTZxaExRY2FycEJ1OUY5YWlEUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=6035221509773553240&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 295
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDZDNEIyNUEtMjBFRi00NUQxLTk0RTYtRTlDOTY4NTZEQjdD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 296
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPovUIvcdpdmRTf4TO-IgMc&google_cver=1
Request Chain 298
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6035221509773553240
Request Chain 300
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=06C4B25A-20EF-45D1-94E6-E9C96856DB7C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=06C4B25A-20EF-45D1-94E6-E9C96856DB7C&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_9lkctpE2uU9_HEPIrwG2sFzPkUY1Jk-~A&gdpr=0
Request Chain 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=353aab2d-36f7-4938-bb2d-2361f2273570&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f62e8b20-b6f7-4903-9aa4-a3e97b35c84b&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 305
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2878514284395438275&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 306
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:7e67489b-71a6-4c38-aa16-560b481f03de&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 307
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Request Chain 308
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTFlOGExNWZlZDI1MDY4ZTMwMDdhZjIxZmNmMTc0MmRhMTk0OTcxNw
Request Chain 309
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElLNDdGTzYtMTUtQVZLMw== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECxLilywzrMyXFuvWdPg3HM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElLNDdGTzYtMTUtQVZLMw==&google_push=
Request Chain 310
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEADXyaio1oAyBr_f2gCaZZo&google_cver=1
Request Chain 311
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=1d-TPFlySJqn-msOcZOymw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=1d-TPFlySJqn-msOcZOymw
Request Chain 312
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIK47FO6-15-AVK3
Request Chain 313
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/xRx67PJBiYY4_sVSaf8jGcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-SuJREMVE2oLpFNSqc.Dh_qEYGotBUDUQtoRQYQ--~A
Request Chain 315
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=pyoKViN1SoiNQEAbOeqVGw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=pyoKViN1SoiNQEAbOeqVGw
Request Chain 316
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1686045922302 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=3533755628 HTTP 302
  • https://sync.1rx.io/usersync/turn/2878514284395438275?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c33a1430-eba3-4f17-a568-3cd929f37ce3-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-c33a1430-eba3-4f17-a568-3cd929f37ce3-003 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-c33a1430-eba3-4f17-a568-3cd929f37ce3-003
Request Chain 317
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/f5c60a5f-4a7e-529d-99f3-2276fd8c2694
Request Chain 319
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/6035221509773553240
Request Chain 320
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/85b9bccc2231b4a3f76c1168065e063?gdpr_consent=&gdpr=0
Request Chain 323
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/97qKh7Pv1f1EVtSb6Mtt?pi=smilewanted&tc=1

324 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.estadao.com.br/
Redirect Chain
  • https://hroicloudflareekalilta.best/
  • https://www.estadao.com.br/
1 MB
219 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.estadao.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
6ada3ee5a327db68c4bf41e0237a2ac1281ddc3b7481b045f42a598f8c046841
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

akamai-true-ttl
-1
cache-control
private, max-age=60
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Tue, 06 Jun 2023 10:05:14 GMT
etag
W/"10dce3-TKgIeqg/2lI9WQ46aRGslx8yA6M"
expires
Tue, 06 Jun 2023 10:06:14 GMT
last-modified
Tue, 06 Jun 2023 10:05:14 GMT
server
openresty
server-timing
cdn-cache; desc=REVALIDATE edge; dur=125 origin; dur=370 ak_p; desc="468346_400124423_1870061026_49495_6525_14_0";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 221281 0 pmb=mRUM,2
x-arc-pb-request-id
3f4e89e4-2571-4eb8-8b67-2e465125f0a9
x-arc-request-id
0.076ad917.1686045913.6f76dde2

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7d2fd5ed3b1092b3-FRA
content-type
text/html; charset=UTF-8
date
Tue, 06 Jun 2023 10:05:13 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://www.estadao.com.br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhdth%2FsEDL8J6y%2FkxX%2By%2BG6p0ZBOSGl%2Bqa8Nj533ArMS50tZeLhT4IY%2BJPa6wx7AJSqOGBr%2BlLPWWlpyKhEDGuRRib5s9%2F4H5EOdN0LdqtknTBWyMNcILpx5NBIqTKHwc1ZE7a8RqRRIiICWps51slDJe6E3C7vOXH4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.estadao.com.br/
Origin
https://www.estadao.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 15:41:45 GMT
x-content-type-options
nosniff
age
239010
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Jun 2024 15:41:45 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.estadao.com.br/
Origin
https://www.estadao.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 17:00:48 GMT
x-content-type-options
nosniff
age
579867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 May 2024 17:00:48 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.estadao.com.br/
Origin
https://www.estadao.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 13:31:10 GMT
x-content-type-options
nosniff
age
246845
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Jun 2024 13:31:10 GMT
react.js
www.estadao.com.br/pf/dist/engine/ 		265 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.estadao.com.br/pf/dist/engine/react.js?d=772
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
6b8199baa87dfd343d3a0bbf4d705c3e6aa5492b0116510767560c10252eedc4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
VV9RPA2W0VD6XN8M
x-amz-server-side-encryption
AES256
x-arc-request-id
0.076ad917.1686045915.6f76e634
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468346_400124423_1870063156_20_5773_13_0";dur=1
content-length
82723
x-amz-id-2
4JnkJisi3SXg3YbsfcPQt6gVlWNJeH1M/ZQont3W7xMsHmATHYewDHNHD3HkgtxdF4sHHaeQS1E=
last-modified
Mon, 05 Jun 2023 17:15:49 GMT
server
openresty
etag
W/"ee0ce013dc97016e5cbb81811fa107e7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Wed, 05 Jun 2024 10:05:15 GMT
default.js
www.estadao.com.br/pf/dist/components/combinations/ 		801 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.estadao.com.br/pf/dist/components/combinations/default.js?d=772
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
68b02e9e0a035ffd79599b19bed758609b991d4c922b7f46dcfa6517ed9c9e36
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
VV9N6JGHX2QGHW91
x-amz-server-side-encryption
AES256
x-arc-request-id
0.076ad917.1686045915.6f76e635
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468346_400124423_1870063157_21_5751_13_0";dur=1
content-length
189836
x-amz-id-2
AjXghrTOe+9/ztjm0zQmmkxqJYCtcp8mHL7Ldhrh5n7r4qoX6bfO9oa0qXjxYj0WgbiwzSeP2rc=
last-modified
Mon, 05 Jun 2023 17:15:49 GMT
server
openresty
etag
W/"b5a65edbf18408de4a2626fdeed68699"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Wed, 05 Jun 2024 10:05:15 GMT
2SEWSTKS2JBSDFVPCHYGVCTYIE.jpg
www.estadao.com.br/resizer/PzLUq3nT5PDKljM-9oRedY2ZVtQ=/848x475/filters:format(jpg):quality(80):focal(955x17:965x27)/cloudfront-us-east-1.images.arcpublishing.com/estadao/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.estadao.com.br/resizer/PzLUq3nT5PDKljM-9oRedY2ZVtQ=/848x475/filters:format(jpg):quality(80):focal(955x17:965x27)/cloudfront-us-east-1.images.arcpublishing.com/estadao/2SEWSTKS2JBSDFVPCHYGVCTYIE.jpg
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
500ef3226ceb64ecf81d5cbfc6206ae823bd8a84abd573b42f5ad5271fd62ee9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Tue, 06 Jun 2023 10:05:15 GMT
last-modified
Tue, 06 Jun 2023 06:18:23 GMT
server
Akamai Image Manager
etag
"4fbd0dc7c2b7a7893c907faf1fc1110500804abc"
x-arc-request-id
0.076ad917.1686045915.6f76e636
content-type
image/avif
cache-control
private, no-transform, max-age=31522468
server-timing
cdn-cache; desc=HIT, edge; dur=10, ak_p; desc="468346_400124423_1870063158_1002_9107_13_0";dur=1
content-length
18520
expires
Wed, 05 Jun 2024 06:19:43 GMT
gtm.js
www.googletagmanager.com/ 		532 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M4LH38R&l=dataLayerEstadao
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9cea4d570f86daa6f6e12419c9f9e94fe4d7e7d4976171ccbcd93ef1215780cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139079
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Jun 2023 10:05:15 GMT
pwz.js
acesso.estadao.com.br/paywall/v2/paywallZephr/dist/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acesso.estadao.com.br/paywall/v2/paywallZephr/dist/pwz.js
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-216.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1fe3cbd3a0a75dbc39d33dfbf7548779fad190189ca7bbd8867233349d78f24b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
gzip
last-modified
Wed, 31 May 2023 14:22:03 GMT
server
Apache
etag
"618a8-89bb-5fcfe0b2dd8c0"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
access-control-allow-credentials
true
accept-ranges
bytes
content-length
12991
J2G3L-SMB6G-B69RJ-UUV35-4GCDX
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/J2G3L-SMB6G-B69RJ-UUV35-4GCDX
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3100:795::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
br
last-modified
Mon, 15 May 2023 20:17:27 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
truncated
/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f85bf1c0f06f7d2001c671e1055cd03a38b07261b51c971d5f4904590522385

Request headers

Referer
Origin
https://www.estadao.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
font/woff2
191.chunk.js
www.estadao.com.br/pf/dist/components/combinations/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.estadao.com.br/pf/dist/components/combinations/191.chunk.js?d=772
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/default.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
2291dcfb7561d193527a814c23a311fba01d006119426715cd38fe3f1b654609
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
6KJSM46ZH5WGX7MD
x-amz-server-side-encryption
AES256
x-arc-request-id
0.076ad917.1686045915.6f76e733
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468346_400124423_1870063411_159_8595_19_0";dur=1
content-length
1220
x-amz-id-2
+KuUvzZzhF4wiAxZRm16/XHk8taZEfInMVzzNIt0I19T9Eup60ASkOQyz9+fS2MvchutG1guRnE=
last-modified
Mon, 05 Jun 2023 17:15:47 GMT
server
openresty
etag
W/"f447beffc7f3af5518739d1605a7a2c4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Wed, 05 Jun 2024 10:05:15 GMT
network.php
acesso.estadao.com.br/paywall/v2/ 		56 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://acesso.estadao.com.br/paywall/v2/network.php
Requested by
Host: acesso.estadao.com.br
URL: https://acesso.estadao.com.br/paywall/v2/paywallZephr/dist/pwz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-216.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4ff752324e06cef049f49cbf4d2a0d504e62e15352c06a44a6e131e3ab992411

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:15 GMT
server
Apache
vary
Origin
access-control-allow-methods
POST, GET, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.estadao.com.br
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
56
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0caf64bbe8954fe9c2166955ec4e1842b2f0780fb0cbb76ed7d60ea0dc59dddd
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 06 Jun 2023 10:05:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27549
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Ptv5qzI+htwSi3K+Yih+eUW/0IpYJ5xjQYj4cxF33qQCHhr2nRMFm3m5O29hM9mF0jLs2iqdCHjld2V0Yudlbg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
estadao-bi-ga360.appspot.com/ 		55 B
499 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://estadao-bi-ga360.appspot.com/
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
455f62ff5cae59f4aa0cc528fdd29029d90f936eee4065e1a28c9164c66ded52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:15 GMT
server
Google Frontend
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.estadao.com.br
x-cloud-trace-context
85b8bb5fe2f730a0c43b1dcd153d6dba
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
content-length
55
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Jun 2023 10:05:15 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4LH38R&l=dataLayerEstadao
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Jun 2023 08:35:27 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
5388
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Tue, 06 Jun 2023 10:35:27 GMT
js
www.googletagmanager.com/gtag/ 		124 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8865799
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4LH38R&l=dataLayerEstadao
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ea8bf757152b639724eb75efbec07c973ecc2c1eee7eb265988e939d2e065b61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49263
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Jun 2023 10:05:15 GMT
loader.js
contributor.google.com/scripts/4bf17be8bde94e5a/ 		0
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://contributor.google.com/scripts/4bf17be8bde94e5a/loader.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4LH38R&l=dataLayerEstadao
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4PvnyBfZEKFePU74B0az7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorContributorHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorContributorHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorContributorHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
script-src 'report-sample' 'nonce-4PvnyBfZEKFePU74B0az7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorContributorHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorContributorHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorContributorHttp/cspreport
x-content-type-options
nosniff
date
Mon, 05 Jun 2023 12:14:33 GMT
age
78642
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Tue, 04 Jun 2024 12:14:33 GMT
ivc.js
ivccftag.ivcbrasil.org.br/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ivccftag.ivcbrasil.org.br/ivc.js
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:dc00:16:3843:2d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 21:13:37 GMT
content-encoding
gzip
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
last-modified
Fri, 23 Aug 2019 20:50:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
46360
etag
"cdaa61cbc24c48191196b45b31a7e18b"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
24321
x-amz-cf-id
etH8wt6EkDU_YMYlDNSK7zyo_RF8DwWupdjAEsIYIfFwadVKRVeqRQ==
x-amz-meta-s3b-last-modified
20190823T204654Z
evergage.min.js
cdn.evgnet.com/beacon/saoestadodespaulo/estadao_prod/scripts/ 		274 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.evgnet.com/beacon/saoestadodespaulo/estadao_prod/scripts/evergage.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4LH38R&l=dataLayerEstadao
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9bcf66e65c9276354c8addb9b0933243f1bbe6e3defd3653a3e9bce8f775e6ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
HbyGi6cjoSumpkE.ZgKw9bGm0NPZ8KxC
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 06 Jun 2023 10:05:15 GMT
x-amz-request-id
XXFQBPHJENWDSRYJ
age
87
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-replication-status
PENDING
content-length
51974
x-amz-id-2
1nEMq4tyN6NAWwamEjQQh7t6rR0083ttdcsCPZEck+Zcgc54lKvMUfhKsxIGp4V+J84HOXkGLjA=
x-served-by
cache-iad-kcgs7200176-IAD, cache-fra-eddf8230066-FRA
x-amz-meta-evergage-sum
457f1a029a36bc0d7e830d2b2e251beb95cc546c
last-modified
Mon, 15 May 2023 22:40:21 GMT
server
AmazonS3
x-timer
S1686045916.722330,VS0,VE1
etag
"1f1e8c542a66275d436ec2ecef930bb0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=120
accept-ranges
bytes
timing-allow-origin
*
x-amz-meta-evergage-beacon-ver
16
x-cache-hits
189406, 1
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:3c00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 00:57:30 GMT
content-encoding
gzip
via
1.1 f212784a4dc77817b66a91a042658fa6.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:25:10 GMT
server
nginx
x-amz-cf-pop
MUC50-P2
age
32865
etag
W/"63921df6-9377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
4JBN3NdMkOZ57cVS0Z-yGDoozsiXPJs5O2yS5g-k_m2sz_CiLFOEQw==
expires
Wed, 07 Jun 2023 00:57:30 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:3c00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 01:35:12 GMT
content-encoding
gzip
via
1.1 f212784a4dc77817b66a91a042658fa6.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
x-amz-cf-pop
MUC50-P2
age
30603
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
Ylezv82pxREJcenrWQFu2e4oBLIiImyS2X8QOIfdxQOsAA8W9gm0Bw==
expires
Wed, 07 Jun 2023 01:35:12 GMT
/
websdk.appsflyer.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://websdk.appsflyer.com/?st=banners&
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14ca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2dcc31514ac522e9afa01055f8a5da512739c809ad6fafe45cabaff1021a21e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 10:05:15 GMT
Content-Encoding
gzip
x-amz-request-id
GM4B1NQNW0ZJMM9G
x-amz-server-side-encryption
AES256
Connection
keep-alive
Server-Timing
ak_p; desc="1686045915668_399430986_39827486_12_894_6_53_-";dur=1
Content-Length
11777
x-amz-id-2
JUY4j2JQX6TmU6BfVXbpccqoGID27l36CQFfMD6inuaUAB38jcEySYT575muiF30e82k/ReTr0U=
Last-Modified
Thu, 26 Jan 2023 08:01:29 GMT
Server
AmazonS3
ETag
"b0e78687523f348c2240034a51df837d"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=519
Accept-Ranges
bytes
Expires
Tue, 06 Jun 2023 10:13:54 GMT
64.chunk.js
www.estadao.com.br/pf/dist/components/combinations/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.estadao.com.br/pf/dist/components/combinations/64.chunk.js?d=772
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/default.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
075b4c0629bf7939a0246f27a6c7bf4261d86d5a52f84e2dfa8eea21198dc714
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
5M59T04SWJTEQHF1
x-amz-server-side-encryption
AES256
x-arc-request-id
0.076ad917.1686045915.6f76e82c
server-timing
cdn-cache; desc=HIT, edge; dur=22, ak_p; desc="468346_400124423_1870063660_2204_6723_18_0";dur=1
content-length
2409
x-amz-id-2
agKj83qeQrODy0rfg+OQRjAiS90lyy1Nf5M1wV49397DbVfdv2xkYOJ+uwj1XuLU7C5RDOME6EE=
last-modified
Mon, 05 Jun 2023 17:15:48 GMT
server
openresty
etag
W/"81b363aa9a9e5c3d5267d2360c00cdb5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Wed, 05 Jun 2024 10:05:15 GMT
1.chunk.js
www.estadao.com.br/pf/dist/components/combinations/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.estadao.com.br/pf/dist/components/combinations/1.chunk.js?d=772
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/default.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
45b72058336e30776196d4e99b4d1fa5ca5e8feb82e431c62580046339b43d73
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
5M51Z8DR5MGX6JX1
x-amz-server-side-encryption
AES256
x-arc-request-id
0.076ad917.1686045915.6f76e834
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468346_400124423_1870063668_77_8344_18_0";dur=1
content-length
14087
x-amz-id-2
PWv34T/YB5ha0Cl6k+yrm/1ha52HycxFROt6DWuoq7Ha1VZSvouhIr6s4OcyRB+utt7eCVXt6IQ=
last-modified
Mon, 05 Jun 2023 17:15:47 GMT
server
openresty
etag
W/"6829fa02869eddd981c04e6b1841e306"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Wed, 05 Jun 2024 10:05:15 GMT
20.chunk.js
www.estadao.com.br/pf/dist/components/combinations/ 		71 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.estadao.com.br/pf/dist/components/combinations/20.chunk.js?d=772
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/default.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
361c0d27d0df2509db9f8b32232918949a5b0fd23b696dd33c8a67539dff7fa5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
6KJJ55QN7E55E5DS
x-amz-server-side-encryption
AES256
x-arc-request-id
0.076ad917.1686045915.6f76e835
server-timing
cdn-cache; desc=HIT, edge; dur=11, ak_p; desc="468346_400124423_1870063669_1628_7732_18_0";dur=1
content-length
18984
x-amz-id-2
Mie0Q14Wm5QtV+yVWFtB4kEMmMMbZlHPX59/UZkJikOftiQ9b3TATqW1rLlc4xKXUPBxdbwNoCA=
last-modified
Mon, 05 Jun 2023 17:15:47 GMT
server
openresty
etag
W/"4e1c260cae07458df6333ca12a61fbab"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Wed, 05 Jun 2024 10:05:15 GMT
272.chunk.js
www.estadao.com.br/pf/dist/components/combinations/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.estadao.com.br/pf/dist/components/combinations/272.chunk.js?d=772
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/default.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
50f9eb3321713fe39248e398910103635c08d68c5fdf1dffa83c627bbcafd6aa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
TVE98Q8ZYRTHTFHX
x-amz-server-side-encryption
AES256
x-arc-request-id
0.076ad917.1686045915.6f76e836
server-timing
cdn-cache; desc=HIT, edge; dur=16, ak_p; desc="468346_400124423_1870063670_1597_6325_18_0";dur=1
content-length
4696
x-amz-id-2
lhcDzv/YOb+D70w8qXj2qWktuxDJI6kCpUr2O9VE7VwoOhz2phkvtGUJ82J2bFzwRe/nxfPiuj9xiWnGxXUtXoLnnSWy/KVohBHREgxNrgU=
last-modified
Mon, 05 Jun 2023 17:15:48 GMT
server
openresty
etag
W/"38e46fff15f45de1f5781fff81345699"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Wed, 05 Jun 2024 10:05:15 GMT
282.chunk.js
www.estadao.com.br/pf/dist/components/combinations/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.estadao.com.br/pf/dist/components/combinations/282.chunk.js?d=772
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/default.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
d43964b3c04dcd0ae6777a5d5303fcaeea833d55eae52b2269c8f0dea887a5d5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
5M5FC97CCB6XYJAR
x-amz-server-side-encryption
AES256
x-arc-request-id
0.076ad917.1686045915.6f76e846
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468346_400124423_1870063686_65_6784_18_0";dur=1
content-length
6614
x-amz-id-2
13vucCWsVRFJRYEyGhKcAOGVnu35AJjMI9WajnBayLTrYKQkMwHOpC/B5UQR0AuIhfTokW404yhRwKNus1HRVigfVZjIh2JO2nmdpiMwq3E=
last-modified
Mon, 05 Jun 2023 17:15:48 GMT
server
openresty
etag
W/"b2b6bcf3ba447cdb9b52e4c3ce7e7839"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Wed, 05 Jun 2024 10:05:15 GMT
284.chunk.js
www.estadao.com.br/pf/dist/components/combinations/ 		239 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.estadao.com.br/pf/dist/components/combinations/284.chunk.js?d=772
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/default.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
40a1034eaa4ea8e9a8675a15b8ebb6bc2cf1c1a6a18c80091d544b314f48284d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
5M5CR8MHTHMW8K4B
x-amz-server-side-encryption
AES256
x-arc-request-id
0.076ad917.1686045915.6f76e847
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468346_400124423_1870063687_202_6726_18_0";dur=1
content-length
77123
x-amz-id-2
vXjBBLCs0EJDzf9shlPQimpkEmFd6gY438wW2nL6Ff2fakh8TdT9SDTNK805gwg6WzJXCEfPbzo=
last-modified
Mon, 05 Jun 2023 17:15:48 GMT
server
openresty
etag
W/"89d1b381b6327d1ce45e093e65375908"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Wed, 05 Jun 2024 10:05:15 GMT
275.chunk.js
www.estadao.com.br/pf/dist/components/combinations/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.estadao.com.br/pf/dist/components/combinations/275.chunk.js?d=772
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/default.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
6f2e6676e8ac771791e3bf7c2ec97273bbe40d2013193c6c5d752d439d28a659
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
5M5C1281Z0P4HJBZ
x-amz-server-side-encryption
AES256
x-arc-request-id
0.076ad917.1686045915.6f76e848
server-timing
cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="468346_400124423_1870063688_349_6705_18_0";dur=1
content-length
3898
x-amz-id-2
kCGCYwDKgR6XZklh6ERmtJ9BJE2CaF2iEBO2yIekOQL5u/513e9PupT5B/jT5EUENV0AzJ0voHc=
last-modified
Mon, 05 Jun 2023 17:15:48 GMT
server
openresty
etag
W/"68f385530e37d4a218a65aa05b86d7ab"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Wed, 05 Jun 2024 10:05:15 GMT
0.chunk.js
www.estadao.com.br/pf/dist/components/combinations/ 		62 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.estadao.com.br/pf/dist/components/combinations/0.chunk.js?d=772
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/default.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
56ede843515485268cdb2eb05dd591db6cd62188db25805295d056ce37078e10
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
5M51G95SCNTRMV9A
x-amz-server-side-encryption
AES256
x-arc-request-id
0.076ad917.1686045915.6f76e849
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468346_400124423_1870063689_68_6707_18_0";dur=1
content-length
15820
x-amz-id-2
i4QwPnIpOtqHmC27HhEuN6jg7nkBET3y4GOit9WhcGLrNZM6bq06m/QjcqMtVwB1uDllxJqiSjT99evr/5bGrg==
last-modified
Mon, 05 Jun 2023 17:15:47 GMT
server
openresty
etag
W/"01a0ffe100b61c6d2ef48b9e9349ef5e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Wed, 05 Jun 2024 10:05:15 GMT
5.chunk.js
www.estadao.com.br/pf/dist/components/combinations/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.estadao.com.br/pf/dist/components/combinations/5.chunk.js?d=772
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/default.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
b8a6be2cc4a85e865a60627c58b9e1b55e76f137dd4877808bc89aef427de705
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
TVE09FT1GZ03M557
x-amz-server-side-encryption
AES256
x-arc-request-id
0.076ad917.1686045915.6f76e84a
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468346_400124423_1870063690_95_6680_18_0";dur=1
content-length
6251
x-amz-id-2
mWERchCT2bBVIqFNBU9Ycg/S9KPtr20SJhxYfOovIpBfVsp/ql7yrIwa/VLZ+F8pdh8jWhrbU2Amn69kq7yYKAZrwX+bNeXXDVd+xI5PspI=
last-modified
Mon, 05 Jun 2023 17:15:48 GMT
server
openresty
etag
W/"040c0ea13612e646cf59025abb8d7829"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Wed, 05 Jun 2024 10:05:15 GMT
140.chunk.js
www.estadao.com.br/pf/dist/components/combinations/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.estadao.com.br/pf/dist/components/combinations/140.chunk.js?d=772
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/default.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
7c2cdb2e5e76478fd17ba76b8fd25003652b0696fc17a7871403896be0e2f3d6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
FKFD633XHTSFEE5K
x-amz-server-side-encryption
AES256
x-arc-request-id
0.076ad917.1686045915.6f76e84b
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468346_400124423_1870063691_66_6760_18_0";dur=1
content-length
4083
x-amz-id-2
Um5dIMvbJzD8MNQxk4uxoZ+Kk0r0h4Ci5YAax6KimORVgWSksnqaBi7Xkqb3+LnLm0MGGRx+7W8=
last-modified
Mon, 05 Jun 2023 17:15:47 GMT
server
openresty
etag
W/"c5640c32d529114f061165d6aa6698da"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Wed, 05 Jun 2024 10:05:15 GMT
246.chunk.js
www.estadao.com.br/pf/dist/components/combinations/ 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.estadao.com.br/pf/dist/components/combinations/246.chunk.js?d=772
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/default.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
1e8b15b871cbe15d5dfaffc376b8dec1837f171bb451f960b378396bad9fc601
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
TVE968K8WC5W26B2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.076ad917.1686045915.6f76e84c
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468346_400124423_1870063692_83_6555_18_0";dur=1
content-length
7701
x-amz-id-2
9Y61LpjmwpxA9djK1Ye4byXQhtDtRwvKbKNOJtxBxDR0tH4t3YPOCKzFglMUP6nybOISMflE0x4=
last-modified
Mon, 05 Jun 2023 17:15:48 GMT
server
openresty
etag
W/"b0102b3753e248f12d95218b55edd63f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Wed, 05 Jun 2024 10:05:15 GMT
65.chunk.js
www.estadao.com.br/pf/dist/components/combinations/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.estadao.com.br/pf/dist/components/combinations/65.chunk.js?d=772
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/default.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
1a06b1d0c16ab8546ef110355aef80d5c7f4403b6a134dc7139f7287407ba3a9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
5M566NWDPWTGJRD5
x-amz-server-side-encryption
AES256
x-arc-request-id
0.076ad917.1686045915.6f76e84d
server-timing
cdn-cache; desc=HIT, edge; dur=5, ak_p; desc="468346_400124423_1870063693_530_6656_18_0";dur=1
content-length
1579
x-amz-id-2
Jz7AwD/l+QZu9/VbCE3SF3YjP8KmenzswhXwAa3zHOmj0bg2Dm32otfUie7oKgpvcBwAc00rTis=
last-modified
Mon, 05 Jun 2023 17:15:48 GMT
server
openresty
etag
W/"a6ca89960e3d24510dd22f9ef816628c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Wed, 05 Jun 2024 10:05:15 GMT
menu.js
meu.estadao.com.br/static/js/ 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://meu.estadao.com.br/static/js/menu.js
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/20.chunk.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-216.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34 /
Resource Hash
0faa22f0acefd48573d0c6966f96522c8c51f71081b46454b422dcdc8e7f6c87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
gzip
last-modified
Fri, 02 Jun 2023 13:47:54 GMT
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
etag
"cee4-5fd25ccc778c6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
17971
expires
Tue, 13 Jun 2023 10:05:15 GMT
28.chunk.js
www.estadao.com.br/pf/dist/components/combinations/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.estadao.com.br/pf/dist/components/combinations/28.chunk.js?d=772
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/default.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
624fcfb3cff1ea68bad06801e24d5e241c7e45858d7185ebab3b94de4f240731
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
SBKD3A0Q5YF3V6FR
x-amz-server-side-encryption
AES256
x-arc-request-id
0.076ad917.1686045915.6f76e8d3
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468346_400124423_1870063827_62_6307_17_0";dur=1
content-length
5939
x-amz-id-2
/THx8b063U3NBPjd8J3ErJaTk9zhayRm+bAthJ6L9JCuKK1RccTWNvy9D/kp4k39he0X8Zh08LwO8SGlvftBR/KyoEtWl8NLMLadO+mZeKs=
last-modified
Mon, 05 Jun 2023 17:15:48 GMT
server
openresty
etag
W/"d61d950f94169edfd954790052b9f455"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Wed, 05 Jun 2024 10:05:15 GMT
31.chunk.js
www.estadao.com.br/pf/dist/components/combinations/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.estadao.com.br/pf/dist/components/combinations/31.chunk.js?d=772
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/default.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
ab41cfdce037c0f61ccd28dca33e140833caa31a94c27b52845797c887b7b120
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
SBKEM8TNQY491ZZE
x-amz-server-side-encryption
AES256
x-arc-request-id
0.076ad917.1686045915.6f76e8d4
server-timing
cdn-cache; desc=HIT, edge; dur=8, ak_p; desc="468346_400124423_1870063828_794_6214_17_0";dur=1
content-length
3335
x-amz-id-2
wKzHAQ0uJqSAt00wVlvQBaRPISWluoEm5Y78/tF9mFXR255qHgRhiHH8aU2QS+MtLwCaXO37SQ0=
last-modified
Mon, 05 Jun 2023 17:15:48 GMT
server
openresty
etag
W/"3797e2f03edd609dc71fb8e3d7bc328e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Wed, 05 Jun 2024 10:05:15 GMT
46.chunk.js
www.estadao.com.br/pf/dist/components/combinations/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.estadao.com.br/pf/dist/components/combinations/46.chunk.js?d=772
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/default.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
80c6bd0a6ff23a71f72cb8cbef1f71297d777c49e006726b24bc9880ca331ece
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
SR1MMSRM98WR7KX3
x-amz-server-side-encryption
AES256
x-arc-request-id
0.076ad917.1686045915.6f76e8d5
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468346_400124423_1870063829_95_6190_17_0";dur=1
content-length
986
x-amz-id-2
805drqOZD3pqVyeJBoLi+JhjfUYk3KNXynoSwqsKcm+Rgi3XyMGhN/TrKUeQaGrdbN8ALIGQ56c=
last-modified
Mon, 05 Jun 2023 17:15:48 GMT
server
openresty
etag
W/"ac96b5c3c464e8aa2c68e07e745e598d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Wed, 05 Jun 2024 10:05:15 GMT
53.chunk.js
www.estadao.com.br/pf/dist/components/combinations/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.estadao.com.br/pf/dist/components/combinations/53.chunk.js?d=772
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/default.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
2d89270e19b76a700b610dcc3a59954f5256bf0db238973b5409cf9f42705eac
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
SBK1Z2HXPV39SWEB
x-amz-server-side-encryption
AES256
x-arc-request-id
0.076ad917.1686045915.6f76e8d6
server-timing
cdn-cache; desc=HIT, edge; dur=7, ak_p; desc="468346_400124423_1870063830_706_6203_17_0";dur=1
content-length
4221
x-amz-id-2
8qWqjURpyRhurfSoIa95eR5OqJ0fRseZwSP3oThTHrF3kSYjEd1ceepYNfP3G7OhFoG23c8Fk/g=
last-modified
Mon, 05 Jun 2023 17:15:48 GMT
server
openresty
etag
W/"32024d4429bd6dbc7e86b787150b2eea"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Wed, 05 Jun 2024 10:05:15 GMT
63.chunk.js
www.estadao.com.br/pf/dist/components/combinations/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.estadao.com.br/pf/dist/components/combinations/63.chunk.js?d=772
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/default.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
754c4cf9e7f8d5dfcaf4add60d0abae70c772e4c8c0f69155e37445a5656a4d9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
6KJYEAANEFA8TTA1
x-amz-server-side-encryption
AES256
x-arc-request-id
0.076ad917.1686045915.6f76e8db
server-timing
cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="468346_400124423_1870063835_180_5910_17_0";dur=1
content-length
745
x-amz-id-2
qijycKygdsPmz2fphpCd/AQdD5B7VM8hm4IOfvySDK4++1kyOQJAanIh+5oLj1kOVTiWjHRUH7ShXhETL1nw175q1ERzelOzgt2qzYOjBy4=
last-modified
Mon, 05 Jun 2023 17:15:48 GMT
server
openresty
etag
W/"55f5de03b1aeb4c72b1030338661ee18"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Wed, 05 Jun 2024 10:05:15 GMT
279.chunk.js
www.estadao.com.br/pf/dist/components/combinations/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.estadao.com.br/pf/dist/components/combinations/279.chunk.js?d=772
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/default.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e37dbcfee5733a2bf7373f38c01bf585f11257d7a6b575f93036a940f5527061
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
P4FFB2XM508WN84Y
x-amz-server-side-encryption
AES256
x-arc-request-id
0.076ad917.1686045915.6f76e929
server-timing
cdn-cache; desc=HIT, edge; dur=9, ak_p; desc="468346_400124423_1870063913_914_5662_17_0";dur=1
content-length
2142
x-amz-id-2
nKhI8qEpXPfGPW8+Aqsk7A+ftn+ljQygCKSryuIeJpUUdVfyW+LnXu66RdOCsAsJrTm6cwSI2SQ=
last-modified
Mon, 05 Jun 2023 17:15:48 GMT
server
openresty
etag
W/"331a8766c792cfe89e917f08224fe225"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Wed, 05 Jun 2024 10:05:15 GMT
276.chunk.js
www.estadao.com.br/pf/dist/components/combinations/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.estadao.com.br/pf/dist/components/combinations/276.chunk.js?d=772
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/default.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
b875c3331173223018e6f1ec5a0367e87aa2f530cbdab46f3236ad2305c0ade6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
2J955ERRG500WV5F
x-amz-server-side-encryption
AES256
x-arc-request-id
0.076ad917.1686045915.6f76e930
server-timing
cdn-cache; desc=HIT, edge; dur=4, ak_p; desc="468346_400124423_1870063920_392_5965_17_0";dur=1
content-length
1938
x-amz-id-2
gWF5+oi8mrDJs9aTpA34Xtfm6V8f5h7savGrmDvNqK02u3bJ8nmTLmQIsCDV5XXJ5f8UvWHic3I=
last-modified
Mon, 05 Jun 2023 17:15:48 GMT
server
openresty
etag
W/"ebbfdf26dbd60fa3f8dd463c00d95e00"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Wed, 05 Jun 2024 10:05:15 GMT
273.chunk.js
www.estadao.com.br/pf/dist/components/combinations/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.estadao.com.br/pf/dist/components/combinations/273.chunk.js?d=772
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/default.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
0d814ed3f95624259b86207a3197e8c9a443398e10c3b8c6935e04cf1281b61a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Tue, 06 Jun 2023 10:05:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
6JKK5SDC407NF4NC
x-amz-server-side-encryption
AES256
x-arc-request-id
0.076ad917.1686045915.6f76e93c
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468346_400124423_1870063932_40_6241_17_0";dur=1
content-length
3813
x-amz-id-2
4qNcoAzf8QUGuzYfS7mplYrygkP/KiUijcbxtJmHqJQd+V/fhm5jfV9M+ionHthQbe4Jwr8ZpZY=
last-modified
Mon, 05 Jun 2023 17:15:48 GMT
server
openresty
etag
W/"25a940944f90734fd8fd134e610d03f8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Wed, 05 Jun 2024 10:05:15 GMT
universal.min.js
tag.navdmp.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/universal.min.js
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 05 Apr 2023 20:59:24 GMT
server
cloudflare
age
2000
etag
W/"642de12c-36d1"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7d2fd5ffbe079a05-FRA
expires
Tue, 06 Jun 2023 10:31:56 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/282.chunk.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c17b34145c5298cd94a9deb17dad2d3099e45103ad3014b0786abce530e12b02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25223
x-xss-protection
0
server
cafe
etag
647 / 19514 / m202306010101 / config-hash: 435238587681776568
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 06 Jun 2023 10:05:16 GMT
collect
www.google-analytics.com/j/ 		4 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=96594070&t=pageview&_s=1&dl=https%3A%2F%2Fwww.estadao.com.br%2F&ul=en-us&de=UTF-8&dt=Estad%C3%A3o%20%7C%20As%20%C3%9Altimas%20Not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo%20-%20Estad%C3%A3o&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAEKC~&jid=928562958&gjid=1842873278&cid=1948286254.1686045916&uid=0&tid=UA-166963-24&_gid=992799289.1686045916&_r=1&_slc=1&gtm=45He35v0n81M4LH38R&cd1=0&cd2=Anonimo&cd3=Home%20Estad%C3%A3o&cd4=Estad%C3%A3o%20%7C%20As%20%C3%9Altimas%20Not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&cd5=Estad%C3%A3o&cd6=&cd8=0&cd16=&cd17=Estad%C3%A3o&cd18=&cd19=&cd21=Not%C3%ADcia&cd22=&cd26=ativo&cd54=Home%20Estad%C3%A3o&cd62=&cd64=www.estadao.com.br%2F&cd68=ativo&cd79=Not%C3%ADcia&cd80=false&z=612849617
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.estadao.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
111 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.estadao.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
100 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.estadao.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
100 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.estadao.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
100 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.estadao.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
100 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.estadao.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 06 Jun 2023 10:05:16 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20722
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
/IoUlhzCqw5pLmc5M2CLFKdwXC9n/EfqhEFmKBEIyBO1fBapCLVh2aGCZqX/nK45rPWEoCtdctz0BrNfvWnrMg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
1659995760901982
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1659995760901982?v=2.9.106&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
35026e6d3d5278e8f572b8138a619ae9c37aa630fb411ead9199685b97435e6f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 06 Jun 2023 10:05:16 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110035
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
UvVhUT6UYEfA/bxVpekBN0dS/8DpMVjOaoqzGpOkjvQWJtrfiBF8AriD8oe/ZoLOjCqw+bxzXmxcKypXiBcnDA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
zephr-browser.umd.js
assets.zephr.com/zephr-browser/1.3.10/ 		39 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.zephr.com/zephr-browser/1.3.10/zephr-browser.umd.js
Requested by
Host: acesso.estadao.com.br
URL: https://acesso.estadao.com.br/paywall/v2/paywallZephr/dist/pwz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-14.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d98f3c146304d61e34da5e04cb32b628c58b401b7c01576d6c47f8f1ca6bea02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 15:05:43 GMT
content-encoding
gzip
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
last-modified
Wed, 10 Nov 2021 11:00:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
68374
etag
W/"55053cbc5cf4062ebe713185efced2ca"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
ilmo22MCn5PZGX5esNdfCLjEOAVhGtd9aZdsQAo7Oy4Ys8oa33KATA==
AGSKWxUYoYcYnOxognK-4kN0mzj5J5x1csxKBRoEF4uH0pt2iyJkgs51ZSeVfBosc6ColMsPn3C0TObyn2TvaUKPTcY=
fundingchoicesmessages.google.com/f/ 		140 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUYoYcYnOxognK-4kN0mzj5J5x1csxKBRoEF4uH0pt2iyJkgs51ZSeVfBosc6ColMsPn3C0TObyn2TvaUKPTcY=
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d920c16b54246e96d7003318332f4b7260da092bdad1c2720cfee879b6894c3d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-3q3At_-KD0SBxdZD5fRqig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:16 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-3q3At_-KD0SBxdZD5fRqig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=estadao.com.br&p=%2F&u=5l_ybQq_yHDabnZl&d=estadao.com.br&g=50621&g0=estadao.com.br&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=11616&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.estadao.com.br%2F&b=3135&t=D_Z6YbDpEw8SNb8V7Cv_FuaJhyV&V=139&i=Estad%C3%A3o%20%7C%20As%20%C3%9Altimas%20Not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo%20-%20Estad%C3%A3o&tz=0&_acct=anon&sn=1&sv=Cv8PtnCutH_pBSLTaABYGFXwCO_xPZ&sd=1&im=067b0fff&_
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.165.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-165-221.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Jun 2023 10:05:16 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
estadao_prod
saoestadodespaulo.us-7.evergage.com/api2/event/ 		137 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://saoestadodespaulo.us-7.evergage.com/api2/event/estadao_prod?event=eyJzb3VyY2UiOnsicGFnZVR5cGUiOiJob21lcGFnZSIsInVybCI6Imh0dHBzOi8vd3d3LmVzdGFkYW8uY29tLmJyLyIsInVybFJlZmVycmVyIjoiIiwiY2hhbm5lbCI6IldlYiIsImJlYWNvblZlcnNpb24iOjE2LCJjb25maWdWZXJzaW9uIjoiMTk0IiwiY29udGVudFpvbmVzIjpbImNhbXBhaWduX2lkX2xvY2FsX3N0b3JhZ2UiLCJtb2RhbF9jYW1wYWlnbiIsImN6X3VzdWFyaW9fYWIiLCJob21lX3JlY3MiXX0sInVzZXIiOnsiYW5vbnltb3VzSWQiOiI2YTJhNjU4MGE5OTljYjM1In0sImludGVyYWN0aW9uIjp7Im5hbWUiOiJIb21lcGFnZSBFc3RhZGFvIn0sInBhZ2VWaWV3Ijp0cnVlLCJjb25zZW50cyI6W3sicHVycG9zZSI6IlBlcnNvbmFsaXphdGlvbiIsInByb3ZpZGVyIjoiRXhhbXBsZSBDb25zZW50IE1hbmFnZXIiLCJzdGF0dXMiOiJPcHQgSW4ifV0sImFjY291bnQiOnt9LCJfdG9vbHNFdmVudExpbmtJZCI6IjkxOTU5NTQzODI5NzM0NTIiLCJleHBsYWluIjp0cnVlfQ%3D%3D
Requested by
Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/saoestadodespaulo/estadao_prod/scripts/evergage.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.185.165.208 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-185-165-208.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
1db9ec9ad08b811405f3bbdd65a11035a33fe9198c84a92f31a9cde6808e1f98
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.estadao.com.br
access-control-allow-credentials
true
timing-allow-origin
*
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		159 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=estadao.com.br&domain=estadao.com.br&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
be45eeffe221ed0b800d06a1291f053ce5ea8838276c8cd65aa1f3c20ec53afe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits
1
date
Tue, 06 Jun 2023 10:05:16 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
1796
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
123
x-served-by
cache-fra-eddf8230054-FRA
x-timer
S1686045916.444773,VS0,VE1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sun, 04 Jun 2023 09:35:20 GMT
327.chunk.js
www.estadao.com.br/pf/dist/components/combinations/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.estadao.com.br/pf/dist/components/combinations/327.chunk.js?d=772
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/default.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
8265e4e2d0c56544cca08095561aa823acfc3976159d4468c21887356985236a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 06 Jun 2023 10:05:16 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
6KJQ515W1XSZVHAZ
x-amz-server-side-encryption
AES256
x-arc-request-id
0.076ad917.1686045916.6f76ebf2
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468346_400124423_1870064626_41_9176_17_0";dur=1
content-length
1292
x-amz-id-2
E5MuHgYFMG0SutDBsINeXPE7jhCmyqLRxof4qs9IqgmRH88DiUjVM0IlWNmDrf+uG9Nh/fYJcOxmYo/fprL+qXgodWptpA06QEK5obrljpg=
last-modified
Mon, 05 Jun 2023 17:15:48 GMT
server
openresty
etag
W/"19523fdbc78d2854fa9311531597d176"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Wed, 05 Jun 2024 10:05:16 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-166963-24&cid=1948286254.1686045916&jid=928562958&gjid=1842873278&_gid=992799289.1686045916&_u=YEBAAUAAAAAAACAEKC~&z=1258156576
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 06 Jun 2023 10:05:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.estadao.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
23902
tag.navdmp.com/u/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/u/23902
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73b6fb0b978f8ea0d1b40c1250fa30179e99d36a4dce4381d51e14bd979c9d4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:16 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Wed, 05 Apr 2023 19:36:42 GMT
server
cloudflare
etag
W/"642dcdca-108b"
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7d2fd601d8e19a05-FRA
expires
Tue, 06 Jun 2023 11:05:16 GMT
i
ivccf.ivcbrasil.org.br/ 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivccf.ivcbrasil.org.br/i?stm=1686045916492&e=pv&url=https%3A%2F%2Fwww.estadao.com.br%2F&page=Estad%C3%A3o%20%7C%20As%20%C3%9Altimas%20Not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo%20-%20Estad%C3%A3o&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=4&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=e9ffdfc3-d11b-4e68-a1d4-bf96a1ceea88&dtm=1686045916488&vp=1600x1200&ds=1600x11616&vid=1&sid=851b8282-ac3f-49a7-b4a4-839b542333ee&duid=7abb4424-89e0-4ac9-afba-14cef822eadd&fp=2089822997&uid=login_do_usuario
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.41.54.47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-54-47.us-west-2.compute.amazonaws.com
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 10:05:16 GMT
Server
Apache/2.4.51 () OpenSSL/1.0.2k-fips
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
44AOFZWNEZBN5LJCXTIPAR6S7U.JPG
www.estadao.com.br/resizer/aqOGQUgiwge3KSPJ5vBSxRMRSmo=/404x228/filters:format(jpg):quality(80):focal(3492x1235:3502x1245)/cloudfront-us-east-1.images.arcpublishing.com/estadao/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.estadao.com.br/resizer/aqOGQUgiwge3KSPJ5vBSxRMRSmo=/404x228/filters:format(jpg):quality(80):focal(3492x1235:3502x1245)/cloudfront-us-east-1.images.arcpublishing.com/estadao/44AOFZWNEZBN5LJCXTIPAR6S7U.JPG
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
b47cb26cc6c5b06c2eb05ca33610f6f5081f24f9608c0b92662f7d2b83c3d40f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Tue, 06 Jun 2023 10:05:16 GMT
last-modified
Tue, 06 Jun 2023 06:18:57 GMT
server
Akamai Image Manager
x-serial
1327
x-check-cacheable
YES
etag
"3820be3f9a179883e2e256e2c99427b6126e7df0"
x-arc-request-id
0.076ad917.1686045916.6f76ecee
content-type
image/avif
cache-control
private, no-transform, max-age=31522407
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468346_400124423_1870064878_62_12998_16_0";dur=1
content-length
5328
expires
Wed, 05 Jun 2024 06:18:43 GMT
2ILEAB4M7BCSLBPNSK37PQTBWE.jpeg
www.estadao.com.br/resizer/IrRUqo5XgmX2vOG5w0DcF7ktWdg=/404x228/filters:format(jpg):quality(80)/cloudfront-us-east-1.images.arcpublishing.com/estadao/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.estadao.com.br/resizer/IrRUqo5XgmX2vOG5w0DcF7ktWdg=/404x228/filters:format(jpg):quality(80)/cloudfront-us-east-1.images.arcpublishing.com/estadao/2ILEAB4M7BCSLBPNSK37PQTBWE.jpeg
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
a7344e2195cba594b121cc0c4de2c5c2686aa9c42546a83571c165ac903cded8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Tue, 06 Jun 2023 10:05:16 GMT
last-modified
Tue, 06 Jun 2023 09:27:20 GMT
server
Akamai Image Manager
etag
"98c5e7f5b52499a335929dd39c0467760bcb8562"
x-arc-request-id
0.076ad917.1686045916.6f76ecef
content-type
image/avif
cache-control
private, no-transform, max-age=31533714
server-timing
cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="468346_400124423_1870064879_152_12894_16_0";dur=1
content-length
6625
expires
Wed, 05 Jun 2024 09:27:10 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/ 		406 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d69c318c5a18ce860870df13878596d3d7bb7efd57b77a0f32b5478d1cfe1c52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 09:26:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
2356
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128351
x-xss-protection
0
server
cafe
etag
10410007902637205610
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 05 Jun 2024 09:26:00 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		1 KB
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.estadao.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
438fcfd0955ec329b6ec54c4da63ed607fe8b8924993a4f74fdad9bdb13f41d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
456
x-xss-protection
0
expires
Tue, 06 Jun 2023 10:05:16 GMT
821886085397456
connect.facebook.net/signals/config/ 		300 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/821886085397456?v=2.9.106&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
69618a1494956d7752234a4f1ab8b328372758cbf56f7f3ccfcbddc253d75784
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 06 Jun 2023 10:05:16 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88040
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
4giiCjYQSQDx9Uhf0zN4k2kWfUdVltl4zfduBtcKOKZdINr9JiJgSbuC0YVx8ftvGjGhtAG9ai5u6Ry5f5Jsrw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1659995760901982&ev=PageView&dl=https%3A%2F%2Fwww.estadao.com.br%2F&rl=&if=false&ts=1686045916598&sw=1600&sh=1200&v=2.9.106&r=stable&ec=0&o=30&fbp=fb.2.1686045916595.426151011&cs_est=true&it=1686045916211&coo=false&rqm=GET
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 06 Jun 2023 10:05:16 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
config.json
c.go-mpulse.net/api/ 		51 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=J2G3L-SMB6G-B69RJ-UUV35-4GCDX&d=www.estadao.com.br&t=5620153&v=1.720.0&sl=0&si=09fd7806-6312-49a7-8e0c-6c1e3baf28f9-rvttcp&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=765515
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/J2G3L-SMB6G-B69RJ-UUV35-4GCDX
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:12d:48a::11a6 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8ac1ca14f9c577606b731b8e32d5c885a157f46448c3cec74f5abdc712e42d5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 10:05:16 GMT
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Server-Timing
ak_p; desc="1686045916649_3088707422_2993098_22635_2176_16_20_-";dur=1
Timing-Allow-Origin
*
Content-Length
51
AGSKWxUaGcFWDRBASYfG00ukzf4MVR6zgtjP9fHQQf94IPnrSZQT1U06paIaC3AZzBOROm2ddiJ_r6Vz7GtM3RkqlYM=
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUaGcFWDRBASYfG00ukzf4MVR6zgtjP9fHQQf94IPnrSZQT1U06paIaC3AZzBOROm2ddiJ_r6Vz7GtM3RkqlYM=?pvid=F06DA701-0FD1-43BE-AD97-49B8426431C6
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.MDReK-njVkc.es5.O/d=1/rs=AJlcJMyiB1OBejj1GNTS5W8t0p5LRwTsaA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SvRZWTjypusAEkVlPPG63w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Jun 2023 10:05:16 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SvRZWTjypusAEkVlPPG63w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.estadao.com.br
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWh6wX_n9dmOwT7UNdOvMO5x5DTcN7g1Cm5G8NyyIhAEAqCZg23nSVytdmvOd-Nz4F5Gx_Fyvj9GGpABNpBIyY=
fundingchoicesmessages.google.com/f/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWh6wX_n9dmOwT7UNdOvMO5x5DTcN7g1Cm5G8NyyIhAEAqCZg23nSVytdmvOd-Nz4F5Gx_Fyvj9GGpABNpBIyY=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg2MDQ1OTE2LDY1NTAwMDAwMF0sIkYwNkRBNzAxLTBGRDEtNDNCRS1BRDk3LTQ5Qjg0MjY0MzFDNiIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3LmVzdGFkYW8uY29tLmJyLyIsbnVsbCxbWzgsIk1EUmVLLW5qVmtjIl0sWzksImRlIl0sWzE2LCJbMSwxLDFdIl0sWzcsIjAiXSxbMTEsIltbXSxbXSxbXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.MDReK-njVkc.es5.O/d=1/rs=AJlcJMyiB1OBejj1GNTS5W8t0p5LRwTsaA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
26fc52c3b08aeb46d9e6d05b64889fca0edd84517ed242ef4caf0c408a7b9141
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-W6tN0GK2OGNvlTedg925Xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:16 GMT
content-security-policy
script-src 'report-sample' 'nonce-W6tN0GK2OGNvlTedg925Xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-166963-24&cid=1948286254.1686045916&jid=928562958&_u=YEBAAUAAAAAAACAEKC~&z=459502968
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-166963-24&cid=1948286254.1686045916&jid=928562958&_u=YEBAAUAAAAAAACAEKC~&z=459502968
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
features
www.estadao.com.br/zephr/ 		245 B
959 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.estadao.com.br/zephr/features
Requested by
Host: assets.zephr.com
URL: https://assets.zephr.com/zephr-browser/1.3.10/zephr-browser.umd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
CloudFront /
Resource Hash
fd77a3cad927539289590c62656a603a6028917e2edb9e7d2ef716783bcb8289
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

akamai-true-ttl
-1
date
Tue, 06 Jun 2023 10:05:17 GMT
content-security-policy
upgrade-insecure-requests
x-blaize-request
ffffffffdd08379f
server
CloudFront
x-amz-cf-pop
HAM50-C3
x-arc-request-id
0.076ad917.1686045916.6f76ed59
content-type
application/json; charset=UTF-8
cache-control
private, no-cache, no-store, no-transform
server-timing
ak_p; desc="468346_400124423_1870064985_64538_7870_14_0";dur=1
content-length
245
x-amz-cf-id
8CJz4ACP_0dk6flth03iCfsLGU5BRoxXNfda3a82BESokeJ_ftIqWg==
expires
Tue, 06 Jun 2023 10:05:17 GMT
usr
usr.navdmp.com/ 		75 B
305 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=7&acc=23902&u=1&new=1&wst=0&wct=1&wla=1&dsy=0
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47fbd79c0812f3224213d4e7a6c9dd6658bde9c400de95664d23e855c9eec803

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
public
date
Tue, 06 Jun 2023 10:05:17 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
cf-ray
7d2fd6037aeb9a05-FRA
expires
Tue, 06 Jun 2023 11:05:17 GMT
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/284.chunk.js?d=772
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a783ec3c6ac26287653f9cd32aa7c482b7eb74d2ec99aafd436760a40786244d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 10:05:17 GMT
AN-X-Request-Uuid
3f8c41b5-0493-4cf0-b28c-1545f733cc11
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.estadao.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		415 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14044&site_id=70010&zone_id=334044&size_id=15&alt_size_ids=15%2C2%2C2%2C19%2C19%2C43%2C43%2C44%2C44%2C55%2C57&rf=https%3A%2F%2Fwww.estadao.com.br%2F&tg_v.assinante=false&tg_i.page=https%3A%2F%2Fwww.estadao.com.br%2F&tg_i.domain=estadao.com.br&tg_i.adUnit=%2F118650305%2Fgeral%2Fhome&tg_i.pbadslot=%2F118650305%2Fgeral%2Fhome&tk_flint=pbjs_lite_v7.19.0&x_source.tid=7080dc2f-1be9-4757-b0a2-cf0c7f5598be&l_pb_bid_id=471b3446e1b56f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F118650305%2Fgeral%2Fhome&slots=1&rand=0.6477353438497178
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/284.chunk.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
264dfa80472fdd83ee9e97974728469877af782bffec3009db5ed2470be8bc42

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:16 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.estadao.com.br
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
415
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/284.chunk.js?d=772
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:16 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.estadao.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/284.chunk.js?d=772
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:16 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.estadao.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/284.chunk.js?d=772
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6af8795bcbbac59303187b7d433b91bffe951dfac6be765c3383a804178d793b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 10:05:17 GMT
AN-X-Request-Uuid
553ecfa7-fc25-47b7-85e0-3b2d4918c148
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.estadao.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
v1
prg.smartadserver.com/prebid/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/284.chunk.js?d=772
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:16 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.estadao.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		415 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14044&site_id=70010&zone_id=334044&size_id=15&alt_size_ids=15%2C2%2C2%2C19%2C19%2C43%2C43%2C44%2C44%2C55%2C57&rf=https%3A%2F%2Fwww.estadao.com.br%2F&tg_v.assinante=false&tg_i.page=https%3A%2F%2Fwww.estadao.com.br%2F&tg_i.domain=estadao.com.br&tg_i.adUnit=%2F118650305%2Fgeral%2Fhome&tg_i.pbadslot=%2F118650305%2Fgeral%2Fhome&tk_flint=pbjs_lite_v7.19.0&x_source.tid=076ef7ba-8c13-41ed-9ad8-fd7a7c1bc704&l_pb_bid_id=16b1b7a6fb41dc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F118650305%2Fgeral%2Fhome&slots=1&rand=0.3288548998637908
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/284.chunk.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
20235ab2ff67b3d7408fc8b0ab29b3573a7f6ee40b5c3a95562e75f1485af601

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.estadao.com.br
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
415
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/284.chunk.js?d=772
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
501f3f2b006d154e68a17ed5dd9de04c84210b9c5303946eab87232a21da684c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 10:05:17 GMT
AN-X-Request-Uuid
a62cce11-4746-423f-81ac-406313dcd6ae
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.estadao.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/284.chunk.js?d=772
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:16 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.estadao.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		407 B
970 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14044&site_id=70010&zone_id=334044&size_id=15&alt_size_ids=15%2C19%2C43%2C44%2C282&rf=https%3A%2F%2Fwww.estadao.com.br%2F&tg_v.assinante=false&tg_i.page=https%3A%2F%2Fwww.estadao.com.br%2F&tg_i.domain=estadao.com.br&tg_i.adUnit=%2F118650305%2Fgeral%2Fhome&tg_i.pbadslot=%2F118650305%2Fgeral%2Fhome&tk_flint=pbjs_lite_v7.19.0&x_source.tid=5d356a32-c983-4b6c-b539-b0cab8a9d2c4&l_pb_bid_id=22e15f5669d4217&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F118650305%2Fgeral%2Fhome&slots=1&rand=0.11168980788986604
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/284.chunk.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
95a9f78175dab8d5985655a5696818f7ca60993c14dd4388b22e4139c7610c73

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:16 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.estadao.com.br
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
407
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/284.chunk.js?d=772
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f08994b70b784f24623446e579cc92b6015943a3db60f72acbe946a2cf8eddc1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 10:05:17 GMT
AN-X-Request-Uuid
514ba628-64ff-47b4-b12f-29c3de97e387
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.estadao.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.estadao.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.estadao.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 20 May 2023 09:30:55 GMT
content-encoding
gzip
age
1470862
x-guploader-uploadid
ADPycdulo62n1Oz3OsP18omM7Whzc8GGJLsUOW8hRKueo04UFAsHphh0sQrfyUH2LYgBzdVpvOez23Ksj_TnHOEACBWSrQ7WPdtv
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sun, 19 May 2024 09:30:55 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 31 May 2023 13:09:50 GMT
server
nginx
etag
W/"6477471e-a980"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Jun 2023 10:05:17 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
878 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 06 Jun 2023 10:05:16 GMT
x-content-type-options
nosniff
content-encoding
br
age
38744
x-jsd-version
master
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230124-FRA
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
esp.js
cdn.id5-sync.com/api/1.0/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
S9JX37CDGCGPM1K6
age
1354
etag
W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7d2fd6051cf79280-FRA
x-amz-id-2
LEZHPh/M8YcieToZefnLggoRbQozK4vyVBqIFpM92t9ZTc/REr8IBauyCTgZhZVB0tZvCJ65eXcvzpRqF9ZCgw==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 09:23:16 GMT
via
1.1 google
age
2521
x-guploader-uploadid
ADPycdumkp2_d4R86S-iylLhMe6QrCF0ehNFiSgZi4EaQfycgztdpDQxl7OXxG9FqMIMeURRIArlxUTWCB_izz4Q_pOhmB-ywnU0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1938
last-modified
Thu, 27 Apr 2023 19:53:17 GMT
server
UploadServer
etag
"0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation
1682625197861193
x-goog-hash
crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
1938
accept-ranges
bytes
expires
Tue, 06 Jun 2023 10:23:16 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:8a00:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 05:58:55 GMT
Via
1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
14783
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
IgqOm2FYoCy1WCNETY_LVU7JrM0qWhPu6cSf0quwiMB7gvWfwch2Zw==
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-34.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 20:50:11 GMT
content-encoding
gzip
via
1.1 fc6dca2df1221c0bec817610bc20e504.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:33 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-C1
age
47707
x-amz-server-side-encryption
AES256
etag
W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
iV-4cmrxTqEHpNOdZOnvPE_esKZ6D-jZ94Xi_B0cegq5WSdwzK-SFg==
pr
saoestadodespaulo.us-7.evergage.com/ 		0
441 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://saoestadodespaulo.us-7.evergage.com/pr?.top=695&action=Homepage%20Estadao&.tt=646&.ttdns=54&.dt=2317&.btdns=18&.bv=16&_ak=saoestadodespaulo&_ds=estadao_prod&.scv=194&channel=Web&_r=091734&.anonId=6a2a6580a999cb35&_anon=true
Requested by
Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/saoestadodespaulo/estadao_prod/scripts/evergage.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.185.165.208 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-185-165-208.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.estadao.com.br
date
Tue, 06 Jun 2023 10:05:17 GMT
x-content-type-options
nosniff
timing-allow-origin
*
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=821886085397456&ev=PageView&dl=https%3A%2F%2Fwww.estadao.com.br%2F&rl=&if=false&ts=1686045916981&sw=1600&sh=1200&v=2.9.106&r=stable&ec=0&o=30&fbp=fb.2.1686045916595.426151011&it=1686045916211&coo=false&rqm=GET
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 06 Jun 2023 10:05:16 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
increment
id5-sync.com/api/esp/ 		0
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.estadao.com.br
date
Tue, 06 Jun 2023 10:05:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.estadao.com.br%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.estadao.com.br%2F&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.estadao.com.br%2F&rid=esp&cc=1
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
8241defb65626705329e2e6e6b19eeeb6738ec84f3eb1be9ac41e429bc2a6564

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:17 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-XK880/7RyqGRh2WC3OtPOPltxkI"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.estadao.com.br
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Tue, 06 Jun 2023 10:05:17 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.estadao.com.br
location
/esp?url=https%3A%2F%2Fwww.estadao.com.br%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
encrypt
esp.rtbhouse.com/ 		221 B
315 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
098a33c0b1816d65a330a72638964ce895c157b848d0f9394a437e8e3fc296ee

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Jun 2023 10:05:17 GMT
via
1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
2ea0f48e69c850cd3adcd773dd369fb4
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
221
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.estadao.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.estadao.com.br
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Tue, 06 Jun 2023 10:05:17 GMT
server
Google Frontend
vary
Origin
via
1.1 google
x-cloud-trace-context
3e053e1ce5dc3ffded42837dd5d775ba
map
bcp.crwdcntrl.net/6/ 		60 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.250.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-250-26.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
1286fa6ae80b71f1d063e228e153dee0e32f0baa407af4ce1ef7932256b72712

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:17 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.estadao.com.br
cache-control
no-cache
x-server
10.45.16.142
access-control-allow-credentials
true
content-length
60
expires
0
syncframe
gum.criteo.com/ Frame F40F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.estadao.com.br
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.estadao.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 10:05:16 GMT
server
Kestrel
server-processing-duration-in-ticks
426297
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/284.chunk.js?d=772
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b4ed0763299385d25544aa45bdc0d50890c090d816abfb056b17d89e7509e9c2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 10:05:17 GMT
AN-X-Request-Uuid
668f6af3-1e85-4010-add8-04d4fd69b17b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.estadao.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		412 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14044&site_id=70010&zone_id=334044&size_id=2&alt_size_ids=2%2C19%2C43%2C44%2C55%2C57&rf=https%3A%2F%2Fwww.estadao.com.br%2F&tg_v.assinante=false&tg_i.page=https%3A%2F%2Fwww.estadao.com.br%2F&tg_i.domain=estadao.com.br&tg_i.adUnit=%2F118650305%2Fgeral%2Fhome&tg_i.pbadslot=%2F118650305%2Fgeral%2Fhome&tk_flint=pbjs_lite_v7.19.0&x_source.tid=c3e05a50-4778-4cc7-9f34-c8e47eedaab6&l_pb_bid_id=28af3c0eabb8a2d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F118650305%2Fgeral%2Fhome&slots=1&rand=0.5009747463309926
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/pf/dist/components/combinations/284.chunk.js?d=772
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
eb21d172c20392fcc85472786afcd4d6814991eea434b1bf04527c3719de0f9e

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.estadao.com.br
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
412
expires
Wed, 17 Sep 1975 21:32:10 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.estadao.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.estadao.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
/
www.facebook.com/tr/ Frame 25A8 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.estadao.com.br
Referer
https://www.estadao.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.estadao.com.br
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 10:05:17 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
sid
mug.criteo.com/ Frame F40F
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=estadao.com.br&sn=ChromeSyncframe&so=0&topUrl=www.estadao.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=I-OSmHw2QzlXNHlxQy9yWEliWkdJbVRXcnl3MjRiQ0V5Q0RnL1VmUFFGcnNPaWI3MGV2OHhxazQ2amJHdk5JYmViS0FZdkFieTd0czBZOGNiaG1YbmJ3Z3V6dTZ0OWgxOUtLaHIwbVorWWIraHMxM0pzalpNQ1l0MVFPbH...
431 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=I-OSmHw2QzlXNHlxQy9yWEliWkdJbVRXcnl3MjRiQ0V5Q0RnL1VmUFFGcnNPaWI3MGV2OHhxazQ2amJHdk5JYmViS0FZdkFieTd0czBZOGNiaG1YbmJ3Z3V6dTZ0OWgxOUtLaHIwbVorWWIraHMxM0pzalpNQ1l0MVFPbHpWOUJNQUZlTWtMbHNMaDlIVVBOWnp6ZVlaT1h2Y0orZ2JrRFZBQmRTdnFzQkZ1bGVROE9NdTdobWVoRHZoSEl3MHgzSmdZTWFMM3U5VlJCekZrMFJoS05ibi8yKzlUN2MvcC9ySVFmMEY4YzJ3RHErR1JJNTVwa1NMNjNZWmpZbDdid3dFQ3BiQXQ2SWdhOXVjbzA5MUxSYkVPU2gwTHd0dUlHeWwwMjJEUjVtdlhUU0N0ST18&cppv=2
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c895952f513ee38f2dafa11bc2a0692b28faf8067d5d2efc9a797369c820bb28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:17 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1328676
expires
0

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=I-OSmHw2QzlXNHlxQy9yWEliWkdJbVRXcnl3MjRiQ0V5Q0RnL1VmUFFGcnNPaWI3MGV2OHhxazQ2amJHdk5JYmViS0FZdkFieTd0czBZOGNiaG1YbmJ3Z3V6dTZ0OWgxOUtLaHIwbVorWWIraHMxM0pzalpNQ1l0MVFPbHpWOUJNQUZlTWtMbHNMaDlIVVBOWnp6ZVlaT1h2Y0orZ2JrRFZBQmRTdnFzQkZ1bGVROE9NdTdobWVoRHZoSEl3MHgzSmdZTWFMM3U5VlJCekZrMFJoS05ibi8yKzlUN2MvcC9ySVFmMEY4YzJ3RHErR1JJNTVwa1NMNjNZWmpZbDdid3dFQ3BiQXQ2SWdhOXVjbzA5MUxSYkVPU2gwTHd0dUlHeWwwMjJEUjVtdlhUU0N0ST18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
339975
content-length
0
expires
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.estadao.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.estadao.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
req
cdn.navdmp.com/ 		6 B
77 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=7&id=12cfebdc42ce085f6f56009a4510%7C0&acc=23902&tit=Estad%25E3o%2520%257C%2520As%2520%25DAltimas%2520Not%25EDcias%2520do%2520Brasil%2520e%2520do%2520Mundo%2520-%2520Estad%25E3o&url=https%253A%2F%2Fwww.estadao.com.br%2F&upd=1&new=1&h1=Estad%25E3o%2520-%2520Portal%2520do%2520Estado%2520de%2520S.%2520Paulo
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7d2fd606aed39a05-FRA
content-length
6
content-type
application/x-javascript
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.estadao.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.estadao.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2631452890274016&correlator=1949005366424403&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fifs&iu_parts=118650305%2Cgeral%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=1&adks=301164229&didk=362481273&sfv=1-0-40&prev_scp=publisher%3Darc%26formato%3Dhtopo%26assinante%3Dfalse%26cluster%3Danonimo%26page_url%3Dwww.estadao.com.br%2C%26title-keyname%3DEstad%25C3%25A3o%2520%257C%2520As%2520%25C3%259Altimas%2520Not%25C3%25ADcias%2520do%2520Brasil%2520e%2520do%2520Mundo%2520-%2520Estad%25C3%25A3o%26pg_tipo%3Dhome&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1686045917273&lmt=1686045914&dlt=1686045915178&idt=1527&adxs=315&adys=375&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.estadao.com.br%2F&frm=20&vis=1&psz=1000x257&msz=970x0&fws=4&ohw=1600&ga_vid=1948286254.1686045916&ga_sid=1686045917&ga_hid=96594070&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY6f2rgYkxSABSAghkEhkKCnB1YmNpZC5vcmcYzf6rgYkxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGOn9q4GJMUgAUgIIZBLCAQoIcnRiaG91c2USrAFEb002TDdFaG1yVFlxU3VDM3RIQ2lVRngzdHJzSFd2SXFSNm1tTkJjeGFZekFtNDlvUklFSnRuL0VCNVprSDcxYm1pOGxJcGRObVV0TFZJaWIrdGExTTlyL1NMRC9sSmFOMzFXVFBqRnhJdU5JempSYlpkL2c4MTlBNDlhKzE2RFNFbStFaHVacXVmSGxvbDhKYWhuS0IyUDYwWXYzSXh4ZFlIK3dwWmxXNDA9GMz_q4GJMUgAEhQKBW9wZW54GOn9q4GJMUgAUgIIZBIZCgp1aWRhcGkuY29tGOn9q4GJMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Ysf-rgYkxSABSAghq&cbidsp=CnEIARIZCghhcHBuZXh1cxDKASACUghhcHBuZXh1cxIWCgdydWJpY29uEGsgAlIHcnViaWNvbhgCIiRjM2UwNWE1MC00Nzc4LTRjYzctOWYzNC1jOGU0N2VlZGFhYjYqBAgDIAAyB3Y3LjE5LjBAvAVKAA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7188ac20eb2c53f42443f03697e9afb6f2d3034cab150b5c99c54aaa2ba12014
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11571
x-xss-protection
0
google-lineitem-id
6275671676
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138430161781
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.estadao.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6bedb7dd84afcb3244a5088949c0b1f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 53D4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6bedb7dd84afcb3244a5088949c0b1f1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.estadao.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 10:05:17 GMT
expires
Wed, 05 Jun 2024 10:05:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
feature-decisions
www.estadao.com.br/zephr/ 		11 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.estadao.com.br/zephr/feature-decisions
Requested by
Host: assets.zephr.com
URL: https://assets.zephr.com/zephr-browser/1.3.10/zephr-browser.umd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::17d9:6a0b Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
847f4070489596cc07dd074e1eade2f31684c5affe739bfe11e55d3a77ca8549
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept
application/json
Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json

Response headers

akamai-true-ttl
-1
date
Tue, 06 Jun 2023 10:05:18 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
HAM50-C3
x-arc-request-id
0.076ad917.1686045917.6f76f0ec
expires
Tue, 06 Jun 2023 10:05:18 GMT
server-timing
ak_p; desc="468346_400124423_1870065900_65605_4295_17_0";dur=1
content-length
3315
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.estadao.com.br
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-amz-cf-id
KxBplBungm6tEwXf-LtSErhiV66jiJKsMlUYB9Vgyxyt6zHr4WXBwg==
x-blaize-request
2b3212ed
view
securepubads.g.doubleclick.net/pcs/ Frame 10CA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcyH05_toj1oamJqCtYzfTStsJQB51bhtDSBZLNCtbLUbp73Ax5xDtJ3OGJqwcuNTErZvC33-QLfKvEuKmxAzq85ikmEhre2DD8PxcalnVDxx-yRUbgHNh5qkWwjm0uA3ZRv31SRaAaYv55nPP__FVp9WruFf_6UJAuUpoQ-srWtndAcdg4BvMkOy4PdZUSGXAYmqDwkyDbgRL0Fu6WyURd6KjZFiyVxX9bxOudaZWBWnsWTEnsdTwbff3LSkxuuW1LNJ_JHnG9SPT9jsJw346kSGvXKjLyV3mFN_qY8cZO1mX6cxL3Kpb51uhZUg3ey3-n7u5Ew&sai=AMfl-YS8WRaZcIJDCYPT8H76FH9Mtfx23LOpZJwPGj2s0wTT_Qh47tXRbCLT-4nmCjdjAV2N3qR_uNksHmr8OUdt8cF_a3f6W_JVPq0iFtFatHLt3mZ5kcE-YgxVw0stF8vraDrQ6XxkzprfGPdYGQU&sig=Cg0ArKJSzPLnI5nBcKTSEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 06 Jun 2023 10:05:17 GMT
b011a71ddc6eaf10c1f5a171.js
banner.boostbox.com.br/integrations/script/ Frame 10CA
Redirect Chain
  • https://banner.boostbox.com.br/integrations/script.js?token=b011a71ddc6eaf10c1f5a171
  • https://banner.boostbox.com.br/integrations/script/b011a71ddc6eaf10c1f5a171.js
353 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banner.boostbox.com.br/integrations/script/b011a71ddc6eaf10c1f5a171.js
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0c5b41177fc9061603faf620c6882eaa7221158cddf0f9d1164a9c4262beae0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:17 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
65941
etag
W/b011a71ddc6eaf10c1f5a171-b9d7bdbbbb937a8f83c30d55e3e4e8a9
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4QMMz9%2B%2BLHnLzb4LUiImFknWaHGOmilalIKfHmWd5YqHT3ldkfGPCh4j3zSqVe1XWBrORK9%2Bf273hd36cijb9sRI73msO8MEvdVfYwkd0muxLYQWIGvERSWUl8wJ2w0nH51peOUfKmzs8GMX8rUnwTDDXzl"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=30, s-maxage=86400, stale-while-revalidate=1800
cf-ray
7d2fd60a9f5c5b68-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 06 Jun 2023 10:05:17 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m35W%2BX7aRK4dTqSjLuRp%2BWyCpGnbWRXrL%2F4J%2FyBRdUeAqHVxZfSzdOhoVVyPw2glkKy%2F7fM%2BUYRAzsNrlVguSGDMKTxfwEZ9mv2izz8ijddRO6%2Bnp1D1KCEGKkUtuNHhlf2n9aZQyRJNrl8YZQFw4Yl8g7Ko"}],"group":"cf-nel","max_age":604800}
location
/integrations/script/b011a71ddc6eaf10c1f5a171.js
cf-ray
7d2fd6082d7f5b68-FRA
alt-svc
h3=":443"; ma=86400
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 10CA 		173 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55245
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685965250302189"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Jun 2023 10:05:17 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame FA8E 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.estadao.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 06 Jun 2023 10:05:17 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.estadao.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.estadao.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
/
www.facebook.com/tr/ Frame 5131 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.estadao.com.br
Referer
https://www.estadao.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.estadao.com.br
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 10:05:17 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
master_counter
dspl.incvaluex.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dspl.incvaluex.com/master_counter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.estadao.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-origin,content-type,x-requested-with
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PATCH, PUT
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d2fd60b6f6937de-FRA
content-encoding
br
content-type
text/plain
date
Tue, 06 Jun 2023 10:05:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnYX2%2BwCnVczktAvZyDkLaaK%2Ff9UFNOMQzFN4zbxsq7H1rZ4qBgHVChCw5aLhrGhxNmkPDtU3qLpfXiOLlnAhsEL4cxLL2ovkemHzZTcsi5prIa%2By00AR9XUXmValQRWQosp8HhsjRnWvRZkOevgers%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
master_counter
dspl.incvaluex.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dspl.incvaluex.com/master_counter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.estadao.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-origin,content-type,x-requested-with
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PATCH, PUT
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d2fd60b6f6a37de-FRA
content-encoding
br
content-type
text/plain
date
Tue, 06 Jun 2023 10:05:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=swppzu1SYGe9lTLP1vLdFmuFS3oehdh55CEyqMJay5hIfDB5Pm%2BX%2BsAaMBLfXxrF4vv5rhe12suqy5iRFNCZoN9G%2Bs5Qlz6Mu6fEjeRn2xybW22ilFtDK4cUX3lOoeuTuDv9pLkU8RTzN%2BwazRLeUkU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
master_counter
dspl.incvaluex.com/ Frame 10CA 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dspl.incvaluex.com/master_counter
Requested by
Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/integrations/script.js?token=b011a71ddc6eaf10c1f5a171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.estadao.com.br/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PATCH, PUT
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVyfw%2FRPX3FGi1nVj%2Bn0otDKdyJGtWZZunoHKHOPNCuX44589vGORavBE9W0sBmte8mNrJAtmGECAnFT7LrJ6zpONHOFqHOEdLJxoWZnCalzZYj%2BiTRm3XccAjJ3z%2BvPQcEv1js%2B2IU%2B8T9tGxnHXQ0%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cf-ray
7d2fd60c184737de-FRA
alt-svc
h3=":443"; ma=86400
master_counter
dspl.incvaluex.com/ Frame 10CA 		0
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dspl.incvaluex.com/master_counter
Requested by
Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/integrations/script.js?token=b011a71ddc6eaf10c1f5a171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.estadao.com.br/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PATCH, PUT
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3Mndli4jnhS6UWtLZCgcOBy2iPnWTEKlxEtFvfSdmwFXQTWi58NYr5DulHgPbXFgahvKDiTBkL6MnU7EeOZwdDrNbHBAnTNGZJAVZrxnUb%2B8pjx0M%2Buq8F1n6OvumTa80UWhW6kpqNcNwfnuZgKlFg%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cf-ray
7d2fd60c184c37de-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ Frame 10CA 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4f4ae405a403a37898641788347e71cbb0ffa29a5777b6ab0cfb9b5cabf26a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 10CA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9Ex2O7ZNOgFchJk9iJuMlFBK6cXD0gTuRYjH5NFe_KzB2_fvWxjFkbASVgReuKvLjjxwyqtCe3iG-0Cx409DhhdmrbHRuT3l6pSv0_8pvbmjnvXnvoOwmF2uLuNOUXp9r55uxUM-gxDo1Vzc4-cqF1fkf7C-gR0sgWJtP-lNflpGc63Rmpj2I5gVleHvsApTBwf7ad0Z1m8zGa8oNAeqx3YevtqWQ7Pq73WStjFRfV4H116JznYxU0cEMizBzeR4YNEwp1NjbU1ADx9KvBI1XcA9FH3bFHwqcGDxPKYdW-RAtB0WJKXcSVftgw9tltmctt2B0bdYK&sai=AMfl-YTPG-VZucBvIyhMk3V6ppKcCMnvgZzSURFC3kP_Iwic0OpiE4OmFe8-zc8WBBGR70ba1YAe2LNnkownBcbWe9feIseqpF3HByuR2WNW9RF-w2yXxKbPi1qX9EdNVvp_ADlRU5hSidJS26F6480&sig=Cg0ArKJSzLB2TI0_bqW1EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/integrations/script.js?token=b011a71ddc6eaf10c1f5a171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 06 Jun 2023 10:05:17 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306010101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3cc9e1e5f6d6001d31be48d15dcf86820aef7a6ffd2b46f266b8e048a85d2e69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11279
x-xss-protection
0
polyfill.min.js
cdn.polyfill.io/v2/ Frame 10CA 		422 B
895 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?callback=window.loadApp&features=es6,fetch,Object.values,Array.prototype.includes,IntersectionObserver,IntersectionObserverEntry,URL
Requested by
Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/integrations/script.js?token=b011a71ddc6eaf10c1f5a171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7860f086cdfc66e11ba5de52f71c671b537883dfb6a6f0de8a9dfe9f41c88b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Jun 2023 10:05:18 GMT
age
1549046
detected-user-agent
Chrome Mobile/114.0.0
useragent_normaliser
chrome/114.0.0
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=2
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
327
referrer-policy
origin-when-cross-origin
last-modified
Wed, 03 May 2023 00:17:37 GMT
fastly_service_version
195
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/114.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=0.9826505126421576
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yrXmKMB9rG_g703qi_PxcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
content-security-policy
script-src 'report-sample' 'nonce-yrXmKMB9rG_g703qi_PxcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=5.91445492346217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-NnmSxJxq5lgQqfWK5mLipA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-NnmSxJxq5lgQqfWK5mLipA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
master_counter
dspl.incvaluex.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dspl.incvaluex.com/master_counter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.estadao.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-origin,content-type,x-requested-with
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PATCH, PUT
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d2fd60bafb737de-FRA
content-encoding
br
content-type
text/plain
date
Tue, 06 Jun 2023 10:05:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTqdP5PTW3d9DvbAD6C74S5q6YqqWwEF6dqdDNyunBIMFnyRI3Xu5ljcc67oocKuYE66q%2ByKXDa9YIEecAUcbtsgKfqvsCG8LOLGSh3lnPZqmifHbydKdoUla%2FEyRA9CETaI4hTpD1YR3pRXtr4axdw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
master_counter
dspl.incvaluex.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dspl.incvaluex.com/master_counter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.estadao.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-origin,content-type,x-requested-with
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PATCH, PUT
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d2fd60bafc637de-FRA
content-encoding
br
content-type
text/plain
date
Tue, 06 Jun 2023 10:05:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJftPj0mMIYNlRONNMU7JMpZT3cgwDS%2B%2BKayifoUbmCFGAdMSMXuM7FJ64Xg%2F%2BArkzZPzId86P80ogkBy%2BTKPII4KqTVLB8%2BwgQPIKYVKIkF2dHUrd9WfhLpX7hnWKgyvtEl4s2zNjc7gleVmZ76Po8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
master_counter
dspl.incvaluex.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dspl.incvaluex.com/master_counter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.estadao.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-origin,content-type,x-requested-with
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PATCH, PUT
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d2fd60bafc937de-FRA
content-encoding
br
content-type
text/plain
date
Tue, 06 Jun 2023 10:05:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6GQAzB1ootBR78tqB%2BjBGLvIdh1Oefszu2p%2FCpPuQJd3gl5%2FtnHT5eX7PvrIU%2FkipKza%2FMZcga%2FR0fJiPFYS1xkuausl48L74Dhq9flaIWX23nqp8CeSgr9HKTKoY4Ef65x1R56mzpER3s%2BcTEUNBI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
master_counter
dspl.incvaluex.com/ Frame 10CA 		0
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dspl.incvaluex.com/master_counter
Requested by
Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/integrations/script.js?token=b011a71ddc6eaf10c1f5a171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.estadao.com.br/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PATCH, PUT
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72TIwezRsBWC1fryA9U5PsjCgGhZPQOjs9TWwBifvzscornqPERsKS3iiqwCEDmbBgISsch%2FOKtT43nuJ%2BaEazy73erl%2FWj4U1Xo2zOpCxVkW%2BBxHjIBHnMGPKwA3xCqzHc7bdp1eQj3Olkq1gOikzE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cf-ray
7d2fd60c6c9418e1-FRA
alt-svc
h3=":443"; ma=86400
t.js
hitbip.com/ Frame 10CA 		65 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hitbip.com/t.js?i=i6vz4ajxvop5x5oh9jc0u&cb=5369531686045918019
Requested by
Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/integrations/script.js?token=b011a71ddc6eaf10c1f5a171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-8.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2cf823ebd1e2d7b0649b99673b599eda7de0e6f83e2ef0d09531576709b0ec8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
R1D2s3Kk5zdoPZnfOnKtnRrfDKgJdfzA
content-encoding
gzip
via
1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
date
Mon, 05 Jun 2023 16:42:21 GMT
last-modified
Mon, 29 May 2023 16:40:15 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
62591
x-amz-server-side-encryption
AES256
etag
W/"79d67edd63b460a375a4fe1a6b64d45f"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
LuUZGsxKae-_mhRulv5fi5dLLe_OOezJkoDC6yWUBeePZXd-5Jkc1Q==
master_counter
dspl.incvaluex.com/ Frame 10CA 		0
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dspl.incvaluex.com/master_counter
Requested by
Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/integrations/script.js?token=b011a71ddc6eaf10c1f5a171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.estadao.com.br/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PATCH, PUT
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCLQOq1YYXV7TsLPkY1LzO8z5nn0AZTodV2qZQl%2BsLW6uGnycN%2FcQMVoLTRoV4kihMc2yv3jA5M1C6GvX8PB0knMEX60bjs8wUaIg4jjwAdALATumiKH9qao7mlN6SKk6aa2XSLx22TLY4ergT4OUVc%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cf-ray
7d2fd60c5c8d18e1-FRA
alt-svc
h3=":443"; ma=86400
master_counter
dspl.incvaluex.com/ Frame 10CA 		0
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dspl.incvaluex.com/master_counter
Requested by
Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/integrations/script.js?token=b011a71ddc6eaf10c1f5a171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.estadao.com.br/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PATCH, PUT
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87JaEKqoi4g81AUe71yNb4g4RbLa2X19NM4ydThcsytiPTVEwwfJY2zJwnKGl2zicO1T4kh%2BdJmdS1ynSiXh4%2F1LzUlm%2B5uUDYQ5NJL4LCj05OSbYjMtR4tFhD%2F6NfPiMeSuTl9R6c4rv%2FhTqjMi5Qs%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cf-ray
7d2fd60c5c7c18e1-FRA
alt-svc
h3=":443"; ma=86400
bbPbjs-e6e7c0a63a2084883f992a55699efbf8.js
banner.boostbox.com.br/prebid/ Frame 10CA 		174 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banner.boostbox.com.br/prebid/bbPbjs-e6e7c0a63a2084883f992a55699efbf8.js
Requested by
Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/integrations/script.js?token=b011a71ddc6eaf10c1f5a171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5b16299d0a5df077ced1c539f488357e144dcebe92da1ab311f5ab3496c429d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 13 Dec 2020 18:17:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4732
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NX%2FVCzNKb5QFWPT2bTOcoYuzwyNFDv%2BA3vSSDprg%2BlMoOEAMS5VzNQsV15iZMyokCEfl0M3ol4aEoJGOe%2BPdNyNNmjJ%2FY6Ksd7gYVtnId9IYtX0v13dpSZZqrZxNzzxX%2BG%2FnMNjs4nFdX%2Bh%2BONC5cHNRp4lN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
7d2fd60bae1a903a-FRA
alt-svc
h3=":443"; ma=86400
b011a71ddc6eaf10c1f5a171
banner.boostbox.com.br/banners/ Frame 1CD4 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://banner.boostbox.com.br/banners/b011a71ddc6eaf10c1f5a171
Requested by
Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/integrations/script.js?token=b011a71ddc6eaf10c1f5a171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936b123c0f4a337c56b077fd7cae0a0a4d58a88e4f4dfc514b4fec1baf2ad8c9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.estadao.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
58586
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=30, s-maxage=86400, stale-while-revalidate=1800
cf-cache-status
HIT
cf-ray
7d2fd60bce2e903a-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 06 Jun 2023 10:05:18 GMT
etag
W/b011a71ddc6eaf10c1f5a171-aa82ba9c6e754d7333c7e7b2bbc498af
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hg2AE2YL6ksc%2F%2F%2FSf8QH7Tlh1%2FyoyDSinA9pMNbNKOPuT2fIl8kv0MidVWyHIW1mfmOOxAHDmN5LyWEm0fBiEjKfT1Wu%2BeqAX9MaLCQabQQSLCRMYVvpJVCUndin6mNJglhMNHi29SSPkHb8CmI2o%2B%2FJKeFd"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
img
hitbip.com/ Frame 10CA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hitbip.com/img?i=i6vz4ajxvop5x5oh9jc0u
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-8.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
AGSKWxU43lJZ_75hq9rj30MlR3T0Ll6aZxguNt5g8vTWESmpiEisV1yi9Zm5B4SBO2e2KAP2PwqP2JbTcOGpUsx8fAdLQSL2zyQMSekbWWf_hclOOf9fTW3o_0enXtQHM5_WM4XLZUKI0g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU43lJZ_75hq9rj30MlR3T0Ll6aZxguNt5g8vTWESmpiEisV1yi9Zm5B4SBO2e2KAP2PwqP2JbTcOGpUsx8fAdLQSL2zyQMSekbWWf_hclOOf9fTW3o_0enXtQHM5_WM4XLZUKI0g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.MDReK-njVkc.es5.O/d=1/rs=AJlcJMyiB1OBejj1GNTS5W8t0p5LRwTsaA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zHuql8v_q7rlIxFxk1PFVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zHuql8v_q7rlIxFxk1PFVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.estadao.com.br
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.estadao.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.estadao.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
application-76a9524b85686f781e58191dd1e8f007f89260e55ce18a215b3b8ab24173f5e3.css
banner.boostbox.com.br/assets/ Frame 1CD4 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banner.boostbox.com.br/assets/application-76a9524b85686f781e58191dd1e8f007f89260e55ce18a215b3b8ab24173f5e3.css
Requested by
Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/banners/b011a71ddc6eaf10c1f5a171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76a9524b85686f781e58191dd1e8f007f89260e55ce18a215b3b8ab24173f5e3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banner.boostbox.com.br/banners/b011a71ddc6eaf10c1f5a171
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 13 Dec 2020 18:17:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2460
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Si6utMgVh9biib9CNStzDy3%2Biz4Q6UXN%2FONOnpKziLbZlmrDNDNZUM3za9r2Buyw5k0PGEUMbwI4Br2ANw8XVlZqP8gKZ7MbME4RO8EVtk%2FMtepgucMpH6%2Ff1vKxTACy81wo4%2B741Ip2fvChxX0VQdHPSlOI"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7d2fd60c4eaf903a-FRA
alt-svc
h3=":443"; ma=86400
application-0760fe7582360f8cdec614ab9da3da8650b646907623b330366618b31f9f8db5.js
banner.boostbox.com.br/assets/ Frame 1CD4 		119 B
575 B 		Script
General
Check archive.org
Download Go to
Full URL
https://banner.boostbox.com.br/assets/application-0760fe7582360f8cdec614ab9da3da8650b646907623b330366618b31f9f8db5.js
Requested by
Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/banners/b011a71ddc6eaf10c1f5a171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0760fe7582360f8cdec614ab9da3da8650b646907623b330366618b31f9f8db5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banner.boostbox.com.br/banners/b011a71ddc6eaf10c1f5a171
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 13 Dec 2020 18:17:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2460
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Evlg9462U8F%2F%2BWnzahwyVdpbS5Ra%2FPNOaklq8CKE8GyllbxgQ0kjzBzcVQRDaQaYoYIOGvX8cB7T7u8fwoxnnJSixviZsqs2GiUXaimMx5omu7RgQU0bRQkUvtZ7%2FQNQOoH%2Foc%2FsF8KCKoOMZQxp8WWCGOgY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
7d2fd60c4eb0903a-FRA
alt-svc
h3=":443"; ma=86400
application-306a85c1fe790bb3cb34.js
banner.boostbox.com.br/packs/js/ Frame 1CD4 		439 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banner.boostbox.com.br/packs/js/application-306a85c1fe790bb3cb34.js
Requested by
Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/banners/b011a71ddc6eaf10c1f5a171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e3d46ae3c13946f3431930e61c210d67b8605add543a6635e4aadb197411443
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banner.boostbox.com.br/banners/b011a71ddc6eaf10c1f5a171
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 08 Apr 2023 09:34:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2460
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aX5gkkz0neOOWPMziZQoMdjkwwYxVIlmwCwaQgJ8Gz%2FkLamDA2DJUh%2BqLjlO%2BSWwuL7qKV%2FiI1a7XrqVw2Jv2pdnP8FApQ1srkBEeR1LNCN0UbCheelWB0cY1MmstVrIoqhoarsFuKf0h1qHBodjx1Kd87Zh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
7d2fd60c4eb2903a-FRA
alt-svc
h3=":443"; ma=86400
application-0e607f0c.css
banner.boostbox.com.br/packs/css/ Frame 1CD4 		145 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banner.boostbox.com.br/packs/css/application-0e607f0c.css
Requested by
Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/banners/b011a71ddc6eaf10c1f5a171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5964bd60441e9ad41030288f7ab1c42e6a3ee5c534924763287a8c1595f3b476
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banner.boostbox.com.br/banners/b011a71ddc6eaf10c1f5a171
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 08 Apr 2023 09:34:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2460
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EosMogD%2BPWmNyAs3TaM%2BxuQVOejPARZyES2lbGArdSEfh2ToR1jgc9F22xONyjngSz%2F8d7raxsSC%2BZ7A0jtG%2BG4uxgbDda8yPNQIVbC7Hje5QQ%2BJ7xuO7lyf%2Fu7AVXIVYghbFWETNPmMor3VY89GJObC9lxA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7d2fd60c4eb4903a-FRA
alt-svc
h3=":443"; ma=86400
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Jun 2023 10:05:18 GMT
i6vz4ajxvop5x5oh9jc0u.json
hitbip.com/c/ Frame 10CA 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hitbip.com/c/i6vz4ajxvop5x5oh9jc0u.json?cb=1686045918172
Requested by
Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/integrations/script.js?token=b011a71ddc6eaf10c1f5a171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-8.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01fdb6026ae9a8cb8506ea09ff449d47fc5d065e19c225d1150ef89525d87a48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 15:44:23 GMT
x-amz-version-id
77TpNWCXbrRFGJkShSVc2J_5fMLJo2a_
via
1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
age
66056
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1390
last-modified
Fri, 14 Apr 2023 08:26:51 GMT
server
AmazonS3
etag
"f10a8e94d11ade2f1d93ae201d1571ab"
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
x-amz-cf-id
bsNIQ6REqE4HZgL1MzXQQ3IioCCfPVx5Vff2JCq58eQ53A5RIRdMKg==
polyfill.min.js
cdn.polyfill.io/v2/ Frame 1CD4 		422 B
401 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?callback=window.loadApp&features=es6,fetch,Object.values,Array.prototype.includes,IntersectionObserver,IntersectionObserverEntry,URL
Requested by
Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/packs/js/application-306a85c1fe790bb3cb34.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7860f086cdfc66e11ba5de52f71c671b537883dfb6a6f0de8a9dfe9f41c88b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banner.boostbox.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Jun 2023 10:05:18 GMT
age
1549046
detected-user-agent
Chrome Mobile/114.0.0
useragent_normaliser
chrome/114.0.0
server-timing
HIT, fastly;desc="Edge time";dur=0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
327
referrer-policy
origin-when-cross-origin
last-modified
Wed, 03 May 2023 00:17:37 GMT
fastly_service_version
195
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/114.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
prebid7.19.0.js
hb.adpone.com/ Frame E047 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EJMH8RCTQHQ0ZT6Z
age
3961
x-amz-server-side-encryption
AES256
x-amz-id-2
ARoOoKzoi0q0hoRzgWH9W0ZmHkitQwYcnR0AVonNgxNOCaJXLaNgebaybsztiE/XeZkuHkzXDe8=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YAb6qYyvASIfFkwAXp5Y0aNW2UW29EDhxmxxQmdlNFqe2VgC%2FsDzuwYcngyBARoc6kuj7bZcr5LiVlAYyiSsI8pDiqf%2Fl91GqzsfWYZJrRW%2BkIl82DiYN9MH3%2BMG8zhs4ydfuRJzXtEsIH8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7d2fd60d3d85365c-FRA
p.html
hitbip.com/r/ Frame 8F6B 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hitbip.com/r/p.html?f=cvcgvqpoj&e=1504677494333
Requested by
Host: hitbip.com
URL: https://hitbip.com/t.js?i=i6vz4ajxvop5x5oh9jc0u&cb=5369531686045918019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-8.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.estadao.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
35926
content-encoding
gzip
content-type
text/html
date
Tue, 06 Jun 2023 00:06:38 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-amz-cf-id
b2Fdoykszmpk0Wge-DFLivhOSc3pIyV5n5v1WknWgyJTHrDGZDi0lw==
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
hitbip.com/r/ Frame 32AF 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hitbip.com/r/p.html?f=adirvjin&e=1504677494333
Requested by
Host: hitbip.com
URL: https://hitbip.com/t.js?i=i6vz4ajxvop5x5oh9jc0u&cb=5369531686045918019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-8.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.estadao.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
35926
content-encoding
gzip
content-type
text/html
date
Tue, 06 Jun 2023 00:06:38 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-amz-cf-id
TjmNwVWqNhcod8Wr-NQXyASkqmtTNpZDCjB_XvjN36Swy0WXw6KLTw==
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
hitbip.com/r/ Frame 2723 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hitbip.com/r/p.html?f=twmjghke&e=1504677494333
Requested by
Host: hitbip.com
URL: https://hitbip.com/t.js?i=i6vz4ajxvop5x5oh9jc0u&cb=5369531686045918019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-8.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.estadao.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
35926
content-encoding
gzip
content-type
text/html
date
Tue, 06 Jun 2023 00:06:38 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-amz-cf-id
9geR4Gp99icT_UT6aejfN8mkVCM6ewkm0MRp8_FRKul76RmrGAB8aQ==
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
hitbip.com/r/ Frame B36A 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hitbip.com/r/p.html?f=pxuoevzn&e=1504677494333
Requested by
Host: hitbip.com
URL: https://hitbip.com/t.js?i=i6vz4ajxvop5x5oh9jc0u&cb=5369531686045918019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-8.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.estadao.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
35926
content-encoding
gzip
content-type
text/html
date
Tue, 06 Jun 2023 00:06:38 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-amz-cf-id
9sAIa-T-JPOTwiGsaARQn89e4ppM279EJjLd2brY-8KLCZjvzGMz6Q==
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
hitbip.com/r/ Frame 97C0 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hitbip.com/r/p.html?f=cyymippo&e=1504677494333
Requested by
Host: hitbip.com
URL: https://hitbip.com/t.js?i=i6vz4ajxvop5x5oh9jc0u&cb=5369531686045918019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-8.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.estadao.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
35926
content-encoding
gzip
content-type
text/html
date
Tue, 06 Jun 2023 00:06:38 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-amz-cf-id
2MXyb1whwfj7DWQXyq0qGOo7OXEGN_M9COJPu9fuUm99rFzjMdaOSg==
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
hitbip.com/r/ Frame 8D1C 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hitbip.com/r/p.html?f=oknk&e=1504677494333
Requested by
Host: hitbip.com
URL: https://hitbip.com/t.js?i=i6vz4ajxvop5x5oh9jc0u&cb=5369531686045918019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-8.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.estadao.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
35926
content-encoding
gzip
content-type
text/html
date
Tue, 06 Jun 2023 00:06:38 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-amz-cf-id
sV1yF1tfZuLRM0quYagAIZ-lZvg0huXylctLxU491kCWffpaYCLQQg==
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
hitbip.com/r/ Frame 7497 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hitbip.com/r/p.html?f=fqrcjinsc&e=1504677494333
Requested by
Host: hitbip.com
URL: https://hitbip.com/t.js?i=i6vz4ajxvop5x5oh9jc0u&cb=5369531686045918019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-8.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.estadao.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
35926
content-encoding
gzip
content-type
text/html
date
Tue, 06 Jun 2023 00:06:38 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-amz-cf-id
A0H5hLF6-kYEzIxeS84zA5GehsDSuGdMAPWud28oyrnCI_rWuAL8IA==
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8EA2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.estadao.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3214
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 09:11:44 GMT
expires
Wed, 05 Jun 2024 09:11:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 366B 		783 B
970 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bcbca507a6ba3edb5a237cecef75c2c146afa40da9e93b4d86a1ccca54d95dac
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dkEv1LVJ6HzuKe7MDrKMeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.estadao.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-dkEv1LVJ6HzuKe7MDrKMeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 10:05:18 GMT
expires
Tue, 06 Jun 2023 10:05:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
master_counter
dspl.incvaluex.com/ Frame 1CD4 		0
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dspl.incvaluex.com/master_counter
Requested by
Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/packs/js/application-306a85c1fe790bb3cb34.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Access-Control-Allow-Origin
*
Referer
https://banner.boostbox.com.br/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PATCH, PUT
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2%2BakV84EWT4Rqcx3Gkkz3vtrm7n%2FstrIAXigd9YL7rk0SPreawbuk6VaY8rPGQNR1D%2BN%2BO8zOOGG8lctnE28TTJQkS4CafLDxMGBZ4DOyJuM7GW1927rEHvUJMXAODuU9ItSmerv5znDM5JSXnrgW8%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cf-ray
7d2fd60f785d18e1-FRA
alt-svc
h3=":443"; ma=86400
master_counter
dspl.incvaluex.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dspl.incvaluex.com/master_counter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://banner.boostbox.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-origin,content-type,x-requested-with
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PATCH, PUT
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d2fd60ebf8e18e1-FRA
content-encoding
br
content-type
text/plain
date
Tue, 06 Jun 2023 10:05:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQrr3RXwUjAR1OjEMxizLQ%2Ff4VOI8fW79xYTmvRrg42Vpi4ebDh%2FJD%2Bmcsxnz0VBHf4mDP4ycvuzmSaspjkbBoQIM8ZMTexDHVMXHCCNtHclwP%2Bk2htWSdrA9TQIgBTr%2F39j6laxZ6JAmTTiZ5PfPHA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
cdb
bidder.criteo.com/ Frame E047 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=36890397541&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin
access-control-allow-origin
https://www.estadao.com.br
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame E047 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a860190d555ea0cfb62af8c9edc92e8447daf5b9c97837f48d99bf4638e0b3d4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 10:05:18 GMT
AN-X-Request-Uuid
55fa05cc-ff2e-41c9-88bc-f16732c661ee
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.estadao.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame E047 		24 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e5ce2e5e3e1a5bffce24c2faee8709451a693f6e945c3e4b9e97cf435fff9f21

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Jun 2023 10:05:18 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.estadao.com.br
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E047 		343 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,709e784f3dbd11f2ba94,1,,,&rf=estadao.com.br&tg_i.page=https%3A%2F%2Fwww.estadao.com.br%2F&tg_i.domain=estadao.com.br&tg_i.pbadslot=adpn-adtag-1686045918234&tk_flint=pbjs_lite_v7.19.0&x_source.tid=70e10d3d-3e6e-476c-afce-c43f216a3527&l_pb_bid_id=86dd15ddf11774&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.674041244088528
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f4ceb1d4625c1fb3e590c876b5275112ae98b74f12057fb2ed6942a59c695795

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.estadao.com.br
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
343
expires
Wed, 17 Sep 1975 21:32:10 GMT
/
prebid.smilewanted.com/ Frame E047 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.estadao.com.br
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7d2fd60f1c129237-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
v1
prg.smartadserver.com/prebid/ Frame E047 		171 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.estadao.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
openrtb
adx.adform.net/adx/ Frame E047 		0
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.estadao.com.br
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
translator
hbopenbid.pubmatic.com/ Frame E047 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.estadao.com.br
date
Tue, 06 Jun 2023 10:05:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid7.19.0.js
hb.adpone.com/ Frame 8F6B 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: hitbip.com
URL: https://hitbip.com/r/p.html?f=cvcgvqpoj&e=1504677494333
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hitbip.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EJMH8RCTQHQ0ZT6Z
age
3961
x-amz-server-side-encryption
AES256
x-amz-id-2
ARoOoKzoi0q0hoRzgWH9W0ZmHkitQwYcnR0AVonNgxNOCaJXLaNgebaybsztiE/XeZkuHkzXDe8=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulRJLuX6%2B%2BsW0IJTlz4w9xWrYHaHgI1jmOrLbxz5oGLBLBO3Vo6L6qMdUGI8bJHM9PRWpxIcCb2G8pivtsFYYc%2FnICYvnwqEcFbj5bd0%2F7cR1gbhCuzs8%2BYPCrgUn1AFTMhSuvQ2st37nFE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7d2fd60eff9f365c-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 32AF 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: hitbip.com
URL: https://hitbip.com/r/p.html?f=adirvjin&e=1504677494333
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hitbip.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EJMH8RCTQHQ0ZT6Z
age
3961
x-amz-server-side-encryption
AES256
x-amz-id-2
ARoOoKzoi0q0hoRzgWH9W0ZmHkitQwYcnR0AVonNgxNOCaJXLaNgebaybsztiE/XeZkuHkzXDe8=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHqcKpJ%2B3cyPGaWEgsqfBTAN3AfYaN1vgMEbIACPNyPnG201p%2BetdsBx7uAw5Pd0Zl6pNqzuAysRpkzEKHiBX1VtLi%2B0r8oDI8P1P3YA785yNx9Bh1P%2FLgaMFhaJRbh7%2BF2N%2FTOTGv8GK5g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7d2fd60effa6365c-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 2723 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: hitbip.com
URL: https://hitbip.com/r/p.html?f=twmjghke&e=1504677494333
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hitbip.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EJMH8RCTQHQ0ZT6Z
age
3961
x-amz-server-side-encryption
AES256
x-amz-id-2
ARoOoKzoi0q0hoRzgWH9W0ZmHkitQwYcnR0AVonNgxNOCaJXLaNgebaybsztiE/XeZkuHkzXDe8=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=neah60lBF%2Bwy6vTEVDmTRDqhF1EGshCmwc0IRNpuKIlMhCcKDMiM3w8oypY8y%2BMc0c2IWPdbtfE%2FtxKnfD67xMItzdNSLsvpe0rshjsciPlUp74KQkvyUleW%2B0DB1j0Fj36Ub%2Bdmen2j8TY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7d2fd60f0fb0365c-FRA
prebid7.19.0.js
hb.adpone.com/ Frame B36A 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: hitbip.com
URL: https://hitbip.com/r/p.html?f=pxuoevzn&e=1504677494333
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hitbip.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EJMH8RCTQHQ0ZT6Z
age
3961
x-amz-server-side-encryption
AES256
x-amz-id-2
ARoOoKzoi0q0hoRzgWH9W0ZmHkitQwYcnR0AVonNgxNOCaJXLaNgebaybsztiE/XeZkuHkzXDe8=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2BpRHNH0rMUV8MOVpq%2FrztVDohxz4j5mmL90iarUHXj%2B%2FF0geMfTYXfoqB6MIXgNPkBq44OfjchiFZYjZ7QH41ze15%2F%2FpiRAbfVa2LFU8ZYWe93V28nvbsh1%2BqJSwrR8FCoOpvIj8D4eN8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7d2fd60f0fb9365c-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 97C0 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: hitbip.com
URL: https://hitbip.com/r/p.html?f=cyymippo&e=1504677494333
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hitbip.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EJMH8RCTQHQ0ZT6Z
age
3961
x-amz-server-side-encryption
AES256
x-amz-id-2
ARoOoKzoi0q0hoRzgWH9W0ZmHkitQwYcnR0AVonNgxNOCaJXLaNgebaybsztiE/XeZkuHkzXDe8=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FzA3K0not0WE1hb1BzSCt4sLx4jxa94Un7%2Bfdbc5OVmj%2Bf9m4qrnUG4ByY3c%2BG4IBMbD0astR2rniQdNyd69Q0iYZxp0Dqv%2Fq2hp0v3%2FlATFe232DbeybBDBO30C%2B0veFeoBLazVwFmsnVo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7d2fd60f1fce365c-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 8D1C 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: hitbip.com
URL: https://hitbip.com/r/p.html?f=oknk&e=1504677494333
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hitbip.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EJMH8RCTQHQ0ZT6Z
age
3961
x-amz-server-side-encryption
AES256
x-amz-id-2
ARoOoKzoi0q0hoRzgWH9W0ZmHkitQwYcnR0AVonNgxNOCaJXLaNgebaybsztiE/XeZkuHkzXDe8=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChM8%2BTIeZ1zC7RhKVbhmE9chRhWP%2FgtOSNesdb5gTAlGI0RJSXCNWaY6ZpUYjuQRCErEUjM4xiMAIkUATG65LrUSxlwSj0M2fERuXz%2Bhw1WeI2bIInzj28MyDeSbMnb88zIQ7qMV1V9vE04%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7d2fd60f3fed365c-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 7497 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: hitbip.com
URL: https://hitbip.com/r/p.html?f=fqrcjinsc&e=1504677494333
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hitbip.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EJMH8RCTQHQ0ZT6Z
age
3961
x-amz-server-side-encryption
AES256
x-amz-id-2
ARoOoKzoi0q0hoRzgWH9W0ZmHkitQwYcnR0AVonNgxNOCaJXLaNgebaybsztiE/XeZkuHkzXDe8=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NX47uL8ku9aS0QGQvI%2B7gol2wMybLGMGfhdm5Pn49EHIozFiGUGfr0qEmSdg%2BaAoYTYj5729f33hqIvMc8UWGT5UYShnn5NeANIv%2BvNQV4DRlub%2BLrNH1pPolYCuahK7uxAlLvSpou1LtHA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7d2fd60f3fee365c-FRA
sodar
pagead2.googlesyndication.com/pagead/ Frame 366B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306010101&jk=2631452890274016&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
uK_VmgO8sxJme0STQf3RX4aGGIbvcC5GR552gFNT4dM.js
pagead2.googlesyndication.com/bg/ Frame 8EA2 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/uK_VmgO8sxJme0STQf3RX4aGGIbvcC5GR552gFNT4dM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8afd59a03bcb312667b449341fdd15f86861886ef702e46479e76805353e1d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 10:33:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
84722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14644
x-xss-protection
0
last-modified
Tue, 30 May 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Jun 2024 10:33:16 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 8F6B 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f8c388100eb205ea7ebf10b841e35ad5b78132ce2841f36252ef87d3eaadd734
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 10:05:18 GMT
AN-X-Request-Uuid
10a9a79d-1991-4707-b27d-0a6c0721d8ba
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hitbip.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx.adform.net/adx/ Frame 8F6B 		0
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hitbip.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ Frame 8F6B 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:17 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://hitbip.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 8F6B 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=31693812607&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin
access-control-allow-origin
https://hitbip.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
translator
hbopenbid.pubmatic.com/ Frame 8F6B 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hitbip.com
date
Tue, 06 Jun 2023 10:05:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 8F6B 		24 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
70b468102099d4710c3577756be5a0de3f650dc42ac99a39e1e5612bd386ddcf

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Jun 2023 10:05:18 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://hitbip.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 8F6B 		343 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,709e784f3dbd11f2ba94,1,,,&rf=estadao.com.br&tg_i.page=https%3A%2F%2Fwww.estadao.com.br%2F&tg_i.domain=estadao.com.br&tg_i.pbadslot=adpn-adtag-1686045918549&tk_flint=pbjs_lite_v7.19.0&x_source.tid=ac520ef5-258f-4ff4-85b4-824442f5e7f5&l_pb_bid_id=14f4efbf412d0f5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5595164582352294
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6ad301297050ee4c4f44829cb0b71c851f98b710f3c832b45b21b64ad9177f83

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://hitbip.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
343
expires
Wed, 17 Sep 1975 21:32:10 GMT
/
prebid.smilewanted.com/ Frame 8F6B 		0
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://hitbip.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7d2fd60fcca99237-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebid
ib.adnxs.com/ut/v3/ Frame B36A 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c83ea6caa2169021c7c03277ca3f60cc49bf3ecc0b7d9c91ad09a9013fe2d818
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 10:05:18 GMT
AN-X-Request-Uuid
c557b609-5867-4b6a-a411-bdc6b00fd486
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hitbip.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
prebid.smilewanted.com/ Frame B36A 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://hitbip.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7d2fd60ffce19237-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
v1
prg.smartadserver.com/prebid/ Frame B36A 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://hitbip.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
openrtb
adx.adform.net/adx/ Frame B36A 		0
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hitbip.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame B36A 		343 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,709e784f3dbd11f2ba94,1,,,&rf=estadao.com.br&tg_i.page=https%3A%2F%2Fwww.estadao.com.br%2F&tg_i.domain=estadao.com.br&tg_i.pbadslot=adpn-adtag-1686045918562&tk_flint=pbjs_lite_v7.19.0&x_source.tid=2343cfc5-7226-4f08-accd-40c1c90a7d63&l_pb_bid_id=107e46ace58830e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.04521090788314863
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d7c91aff4f6849c4f84d7f088e17e7226001b331ebe15987d26646d9f9b089d9

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://hitbip.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
343
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame B36A 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=22532176879&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Jun 2023 10:05:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin
access-control-allow-origin
https://hitbip.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
bid
ap.lijit.com/rtb/ Frame B36A 		94 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
a14cb3031b5b4ec993c44a537f1016f4632c76ed441948a1a7007f869f5ce632

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Jun 2023 10:05:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://hitbip.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
translator
hbopenbid.pubmatic.com/ Frame B36A 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hitbip.com
date
Tue, 06 Jun 2023 10:05:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 97C0 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=77597674852&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin
access-control-allow-origin
https://hitbip.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
bid
ap.lijit.com/rtb/ Frame 97C0 		94 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
109abef3f992efe404986e23fe462ca794cb52b0ec9597d24f3907f86dd19281

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Jun 2023 10:05:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://hitbip.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
v1
prg.smartadserver.com/prebid/ Frame 97C0 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://hitbip.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 97C0 		343 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,709e784f3dbd11f2ba94,1,,,&rf=estadao.com.br&tg_i.page=https%3A%2F%2Fwww.estadao.com.br%2F&tg_i.domain=estadao.com.br&tg_i.pbadslot=adpn-adtag-1686045918573&tk_flint=pbjs_lite_v7.19.0&x_source.tid=69929b60-40ed-41cd-b0ee-604535bb3456&l_pb_bid_id=81b4174a9fdee2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3402502555319973
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
34a9d663fa21b7882396b3f6e2f88b902291da2ac8d5910e49b46938f1a92a7f

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://hitbip.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
343
expires
Wed, 17 Sep 1975 21:32:10 GMT
openrtb
adx.adform.net/adx/ Frame 97C0 		0
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hitbip.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ Frame 97C0 		139 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ce65d30fa861231afa8e7b836a0db776d4d47773cebf1abc98ab0a3e04545d29
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 10:05:18 GMT
AN-X-Request-Uuid
d29178aa-d8a5-477d-a4cb-ec25194e68af
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hitbip.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 97C0 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hitbip.com
date
Tue, 06 Jun 2023 10:05:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
prebid.smilewanted.com/ Frame 97C0 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://hitbip.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7d2fd6102d1a9237-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
bid
ap.lijit.com/rtb/ Frame 2723 		94 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b4e02b11142a0c1c00a664e4ba05b66a7069b66e7ee50a7f5e9ffd7412a9abb3

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Jun 2023 10:05:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://hitbip.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
ib.adnxs.com/ut/v3/ Frame 2723 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
393230e0118e25844e516559ed9e60cee02b1b3049b2fcd44db44a3ced7e6907
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 10:05:18 GMT
AN-X-Request-Uuid
b1972bfa-262c-4d93-afd5-fb7ec9dcc291
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hitbip.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx.adform.net/adx/ Frame 2723 		0
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hitbip.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
translator
hbopenbid.pubmatic.com/ Frame 2723 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hitbip.com
date
Tue, 06 Jun 2023 10:05:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2723 		343 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,709e784f3dbd11f2ba94,1,,,&rf=estadao.com.br&tg_i.page=https%3A%2F%2Fwww.estadao.com.br%2F&tg_i.domain=estadao.com.br&tg_i.pbadslot=adpn-adtag-1686045918557&tk_flint=pbjs_lite_v7.19.0&x_source.tid=7b2adb68-88d5-4329-9249-cd3aea0c8ce3&l_pb_bid_id=10dfcdab21b2309&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.28051499144804026
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d8351b1765da032d7e16776800d977b93b78a97e7e6ea84ba926ce0cadb7d650

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://hitbip.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
343
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 2723 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://hitbip.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
/
prebid.smilewanted.com/ Frame 2723 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://hitbip.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7d2fd6104d2a9237-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cdb
bidder.criteo.com/ Frame 2723 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=789211223&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin
access-control-allow-origin
https://hitbip.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame 32AF 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6a25bd1149c741b7beaf0ceccce72ba2a594dff90b71242bfe6b4ac9cd905d83
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 10:05:18 GMT
AN-X-Request-Uuid
7c776598-3071-44f7-9320-bbf0259257da
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hitbip.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 32AF 		94 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
cb81c42c7de3d86239716c4f897b64af7e06b890f32a1eb40b6c87bff19d844d

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Jun 2023 10:05:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://hitbip.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
96
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 32AF 		343 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,709e784f3dbd11f2ba94,1,,,&rf=estadao.com.br&tg_i.page=https%3A%2F%2Fwww.estadao.com.br%2F&tg_i.domain=estadao.com.br&tg_i.pbadslot=adpn-adtag-1686045918552&tk_flint=pbjs_lite_v7.19.0&x_source.tid=bc1da973-0035-4c3a-a2bc-eb47a41fcae6&l_pb_bid_id=697c305316c899&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2995861390720753
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
180d685d2cf07768802e12e8c50abef6f71e38f6b830546c926c7dd9f524da87

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://hitbip.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
343
expires
Wed, 17 Sep 1975 21:32:10 GMT
/
prebid.smilewanted.com/ Frame 32AF 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://hitbip.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7d2fd6105d3c9237-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
v1
prg.smartadserver.com/prebid/ Frame 32AF 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://hitbip.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
openrtb
adx.adform.net/adx/ Frame 32AF 		0
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hitbip.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
translator
hbopenbid.pubmatic.com/ Frame 32AF 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hitbip.com
date
Tue, 06 Jun 2023 10:05:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 32AF 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=53020383382&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Jun 2023 10:05:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin
access-control-allow-origin
https://hitbip.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
/
prebid.smilewanted.com/ Frame 8D1C 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://hitbip.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7d2fd6108d689237-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebid
ib.adnxs.com/ut/v3/ Frame 8D1C 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7978460441177b43886d00d794ac6e1f23ceb79e1d701ed0718d0f18ec72beb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 10:05:18 GMT
AN-X-Request-Uuid
248c85ec-2404-4689-bda8-9d9a3a8f8431
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hitbip.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 8D1C 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://hitbip.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 8D1C 		343 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,709e784f3dbd11f2ba94,1,,,&rf=estadao.com.br&tg_i.page=https%3A%2F%2Fwww.estadao.com.br%2F&tg_i.domain=estadao.com.br&tg_i.pbadslot=adpn-adtag-1686045918579&tk_flint=pbjs_lite_v7.19.0&x_source.tid=1939fa4c-c92d-4953-996d-52af0c5a5ba8&l_pb_bid_id=843b9ac7e27a8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4685422347325956
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1033868da5acaf84d799decad83c302628d14dc57e779263433ca87c550aa072

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://hitbip.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
343
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame 8D1C 		94 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
2b9665707d2316ce6791c07e0d38116bfc14f98491d624e3fd5750c29f4277fa

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Jun 2023 10:05:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://hitbip.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
translator
hbopenbid.pubmatic.com/ Frame 8D1C 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hitbip.com
date
Tue, 06 Jun 2023 10:05:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
openrtb
adx.adform.net/adx/ Frame 8D1C 		0
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hitbip.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame 8D1C 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=94431926648&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin
access-control-allow-origin
https://hitbip.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7497 		343 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,709e784f3dbd11f2ba94,1,,,&rf=estadao.com.br&tg_i.page=https%3A%2F%2Fwww.estadao.com.br%2F&tg_i.domain=estadao.com.br&tg_i.pbadslot=adpn-adtag-1686045918584&tk_flint=pbjs_lite_v7.19.0&x_source.tid=633c481c-1130-4b70-a6f0-68370fa125b0&l_pb_bid_id=2245d67935f874&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.14381956536681728
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f19830cfd5f13609c0c6013e53dee9ea7c540cfccc9bb8d454bd1010a30db4fe

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://hitbip.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
343
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame 7497 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=39885541736&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin
access-control-allow-origin
https://hitbip.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame 7497 		138 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
006f48312de398356fadb62e8c86fbecef57f0d022756ef0540d9d30474deefb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 10:05:18 GMT
AN-X-Request-Uuid
83bb84aa-227e-46e2-810e-ef161012e4a5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hitbip.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 7497 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://hitbip.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
/
prebid.smilewanted.com/ Frame 7497 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://hitbip.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7d2fd610ad7d9237-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
translator
hbopenbid.pubmatic.com/ Frame 7497 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hitbip.com
date
Tue, 06 Jun 2023 10:05:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 7497 		94 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
8d5c7cdfafe0a455e5e7cd606e7acbefa1e688472011953d3b6288ec560316d0

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Jun 2023 10:05:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://hitbip.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
openrtb
adx.adform.net/adx/ Frame 7497 		0
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hitbip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hitbip.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
728x90.png
redcarpat.com/a/ Frame DC80 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redcarpat.com/a/728x90.png
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-95.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a11a7698898cba7edb4737e2d1d556b10ab052aca9365ef0b462bf78f3c9920

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
WwIpDV_THpmhOWIOgeg7VsMLk6b5x1Xa
date
Mon, 05 Jun 2023 20:26:12 GMT
via
1.1 8ebebe66cc8de626ee8e15b2ee72d826.cloudfront.net (CloudFront)
last-modified
Fri, 11 Feb 2022 16:12:31 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
49151
etag
"cba20ee20997190b39756c05abd61f7f"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
36623
x-amz-cf-id
K_SmmeliY_ZRY63b3JNmr4JWJEOLnMPrhkffQmBQGQ065RX1WRzc9A==
produto_estadao.js
tags.fulllab.com.br/scripts/ Frame 10CA 		586 B
866 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.fulllab.com.br/scripts/produto_estadao.js
Requested by
Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/integrations/script.js?token=b011a71ddc6eaf10c1f5a171
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.126.250.218 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
f38faad9febeaa4ffa814a63624d6450dc453184f24ca5e89bbb83a50e169a58
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-runtime
0.004927
date
Tue, 06 Jun 2023 10:05:19 GMT
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"f38faad9febeaa4ffa814a63624d6450"
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0
x-request-id
0b27b74d829ecb5ef6354ab538bb1a80
expires
2023-05-07 10:05:19 UTC
googad300by600.
fundingchoicesmessages.google.com/f/AGSKWxV1oxq4QqnhpkErqhABpqb989HJkMeS1P9WRpBrPNtztn_R7RCeYOvcmVZMTAHGirZ2Vt5fTwm9kACoFsr37p0FFBTp6m3QKrNwA7BmfJEBn4yRGHNGvP2DFq123oob5yfwkjrpwgaz5zlKb7GQEbX-9UqeI... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV1oxq4QqnhpkErqhABpqb989HJkMeS1P9WRpBrPNtztn_R7RCeYOvcmVZMTAHGirZ2Vt5fTwm9kACoFsr37p0FFBTp6m3QKrNwA7BmfJEBn4yRGHNGvP2DFq123oob5yfwkjrpwgaz5zlKb7GQEbX-9UqeI103SPQITt909KeqfwgpGfhTfvj35oGI/_/axt/ad_-prebid//xtendmedia./dyn_banner./googad300by600.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.MDReK-njVkc.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyiB1OBejj1GNTS5W8t0p5LRwTsaA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c924f19d91489c1b41a0afa0677d21ac63904edc222e967a32c0eed79bd3340a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-uWvSqNsiQDc3oipJTACHqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-uWvSqNsiQDc3oipJTACHqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		61 B
76 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.MDReK-njVkc.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyiB1OBejj1GNTS5W8t0p5LRwTsaA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 09:36:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
1716
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51
x-xss-protection
0
server
cafe
etag
16023549773543154165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 06 Jun 2023 10:36:42 GMT
AGSKWxU43lJZ_75hq9rj30MlR3T0Ll6aZxguNt5g8vTWESmpiEisV1yi9Zm5B4SBO2e2KAP2PwqP2JbTcOGpUsx8fAdLQSL2zyQMSekbWWf_hclOOf9fTW3o_0enXtQHM5_WM4XLZUKI0g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU43lJZ_75hq9rj30MlR3T0Ll6aZxguNt5g8vTWESmpiEisV1yi9Zm5B4SBO2e2KAP2PwqP2JbTcOGpUsx8fAdLQSL2zyQMSekbWWf_hclOOf9fTW3o_0enXtQHM5_WM4XLZUKI0g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.MDReK-njVkc.es5.O/d=1/rs=AJlcJMyiB1OBejj1GNTS5W8t0p5LRwTsaA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NCArMEUtcIPnj9la-qJOYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NCArMEUtcIPnj9la-qJOYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.estadao.com.br
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 8EA2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?RQNozw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 10CA 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuoxEGFQMiZ6_wXxnfQln0x_q1ZF5Udk9pe93-T_lcBefiAN3PiuGwoxEKUTIkezUV7gevW-38pZlKKQWT-2jn4s0xzaTnPcpcOT3ZJgiC1zHhJYIJU&sig=Cg0ArKJSzMT4ByVDBvSLEAE&id=lidar2&mcvt=1017&p=330,436,420,1164&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20230605&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=301164229&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686045917390&rpt=566&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0
Requested by
Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/integrations/script.js?token=b011a71ddc6eaf10c1f5a171
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxU43lJZ_75hq9rj30MlR3T0Ll6aZxguNt5g8vTWESmpiEisV1yi9Zm5B4SBO2e2KAP2PwqP2JbTcOGpUsx8fAdLQSL2zyQMSekbWWf_hclOOf9fTW3o_0enXtQHM5_WM4XLZUKI0g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU43lJZ_75hq9rj30MlR3T0Ll6aZxguNt5g8vTWESmpiEisV1yi9Zm5B4SBO2e2KAP2PwqP2JbTcOGpUsx8fAdLQSL2zyQMSekbWWf_hclOOf9fTW3o_0enXtQHM5_WM4XLZUKI0g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.MDReK-njVkc.es5.O/d=1/rs=AJlcJMyiB1OBejj1GNTS5W8t0p5LRwTsaA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zPhVUdlyVdvPoplWWNUHMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Jun 2023 10:05:19 GMT
content-security-policy
script-src 'report-sample' 'nonce-zPhVUdlyVdvPoplWWNUHMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.estadao.com.br
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU43lJZ_75hq9rj30MlR3T0Ll6aZxguNt5g8vTWESmpiEisV1yi9Zm5B4SBO2e2KAP2PwqP2JbTcOGpUsx8fAdLQSL2zyQMSekbWWf_hclOOf9fTW3o_0enXtQHM5_WM4XLZUKI0g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU43lJZ_75hq9rj30MlR3T0Ll6aZxguNt5g8vTWESmpiEisV1yi9Zm5B4SBO2e2KAP2PwqP2JbTcOGpUsx8fAdLQSL2zyQMSekbWWf_hclOOf9fTW3o_0enXtQHM5_WM4XLZUKI0g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.MDReK-njVkc.es5.O/d=1/rs=AJlcJMyiB1OBejj1GNTS5W8t0p5LRwTsaA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zyULbej1EeBgVLFbSuVpNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Jun 2023 10:05:19 GMT
content-security-policy
script-src 'report-sample' 'nonce-zyULbej1EeBgVLFbSuVpNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.estadao.com.br
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU43lJZ_75hq9rj30MlR3T0Ll6aZxguNt5g8vTWESmpiEisV1yi9Zm5B4SBO2e2KAP2PwqP2JbTcOGpUsx8fAdLQSL2zyQMSekbWWf_hclOOf9fTW3o_0enXtQHM5_WM4XLZUKI0g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU43lJZ_75hq9rj30MlR3T0Ll6aZxguNt5g8vTWESmpiEisV1yi9Zm5B4SBO2e2KAP2PwqP2JbTcOGpUsx8fAdLQSL2zyQMSekbWWf_hclOOf9fTW3o_0enXtQHM5_WM4XLZUKI0g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.MDReK-njVkc.es5.O/d=1/rs=AJlcJMyiB1OBejj1GNTS5W8t0p5LRwTsaA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IzL3fE808upmZ7-kdoXBsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Jun 2023 10:05:19 GMT
content-security-policy
script-src 'report-sample' 'nonce-IzL3fE808upmZ7-kdoXBsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.estadao.com.br
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxULxAzDTU5ETycZX7lfg2UmZv9SE-qzYmfJ_69jiaNGa9HqGUsAtkl5Uf5OGELNW-spAe9bc-dKDCTrcW-pfqNnpfBqZX9dkqw8sneSxVJU4o0k-nDmtBLlZF3lvbaiE-at0mhDPA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxULxAzDTU5ETycZX7lfg2UmZv9SE-qzYmfJ_69jiaNGa9HqGUsAtkl5Uf5OGELNW-spAe9bc-dKDCTrcW-pfqNnpfBqZX9dkqw8sneSxVJU4o0k-nDmtBLlZF3lvbaiE-at0mhDPA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg2MDQ1OTE5LDI0MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cuZXN0YWRhby5jb20uYnIvIixudWxsLFtbOCwiTURSZUstbmpWa2MiXSxbOSwiZGUiXSxbMTYsIlsxLDEsMV0iXSxbNywiMCJdLFsxMSwiW1tdLFtdLFtdXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.MDReK-njVkc.es5.O/d=1/rs=AJlcJMyiB1OBejj1GNTS5W8t0p5LRwTsaA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
316f95a8e3c8f0c178f920949ed035397e50d2ac04d2589c1a84ecdcfadfaf5d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-hGRJKMjX8AGN75HTN2xIBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:19 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-hGRJKMjX8AGN75HTN2xIBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
master_counter
dspl.incvaluex.com/ Frame 10CA 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dspl.incvaluex.com/master_counter
Requested by
Host: banner.boostbox.com.br
URL: https://banner.boostbox.com.br/integrations/script.js?token=b011a71ddc6eaf10c1f5a171
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.estadao.com.br/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 06 Jun 2023 10:05:19 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PATCH, PUT
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSM11x51vC1SUJMwn4rLTK3FuEDOn2zKNVLSTb0OZLNaHnibAXYVVUn%2F8PCiK%2FUgDMa%2BeH3srHLF2XYcCVB1sHXuI%2FuiRu%2BI%2F8GpGNrNywEZCcY91xeKkJY87oCZuhG7Bt%2FESp%2B2dVqNCYQRoavvn80%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cf-ray
7d2fd612cc9918e1-FRA
alt-svc
h3=":443"; ma=86400
master_counter
dspl.incvaluex.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dspl.incvaluex.com/master_counter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.estadao.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-origin,content-type,x-requested-with
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PATCH, PUT
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d2fd6121bc918e1-FRA
content-encoding
br
content-type
text/plain
date
Tue, 06 Jun 2023 10:05:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2TN9q%2FabdEWnBz9LylwvMRcAN9pt8vKCgm1iB19y4NHK7iQiVOmf2lWlxfsSYJP3I6dXumQ9L%2BW3Jd5KIhPn5y46YgAsHMA7wIqSIjtdbBgj1j1j3FfR90uIdFgfl6ytNNko3afzjMzW0laMxL4n%2Bk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
AGSKWxWauryaXWTIdsLoGaPtxgi3mrkJ0gykn21VE6RDlyR29QIbV7uU9s3nh-2tn68c-sGAQ8FxTooMK0uKp5nf20uqxaqO9Hs0ZLt4P9GlmIFVj42jU5CfQokMobcB8zQH-Z0n8u0dgw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWauryaXWTIdsLoGaPtxgi3mrkJ0gykn21VE6RDlyR29QIbV7uU9s3nh-2tn68c-sGAQ8FxTooMK0uKp5nf20uqxaqO9Hs0ZLt4P9GlmIFVj42jU5CfQokMobcB8zQH-Z0n8u0dgw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.MDReK-njVkc.es5.O/d=1/rs=AJlcJMyiB1OBejj1GNTS5W8t0p5LRwTsaA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TtGrBT1pVU6uf3fmewhn9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.estadao.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Jun 2023 10:05:19 GMT
content-security-policy
script-src 'report-sample' 'nonce-TtGrBT1pVU6uf3fmewhn9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.estadao.com.br
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
safeframe
tags.fulllab.com.br/ Frame 0431 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.fulllab.com.br/safeframe
Requested by
Host: tags.fulllab.com.br
URL: https://tags.fulllab.com.br/scripts/produto_estadao.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.126.250.218 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
bad2d6145e7686c901419c66a3874a615901c676868035af01af880ceb61ca26
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.estadao.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
text/html; charset=utf-8
date
Tue, 06 Jun 2023 10:05:19 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-request-id
f0445b2d1113881d466be46425844cca
x-runtime
0.002060
x-xss-protection
1; mode=block
fingerprint2.min.js
cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.1.0/ Frame 0431 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.1.0/fingerprint2.min.js
Requested by
Host: tags.fulllab.com.br
URL: https://tags.fulllab.com.br/safeframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tags.fulllab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2825583
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9392
last-modified
Mon, 04 May 2020 16:10:04 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5c-72e4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9Hf43ZMz4OKNlT7hX%2FfmEAiGMDO0UU%2BzVcz7F0PTeeIlSq%2FAfe8bBIv4K7E7wziaGctqiOZbTz8U0oAzjT5ZjhllVPuWtQhldk61MZcMb%2B2sCLxbfaqA7BgsswR5emWzTAOG%2BS%2BPRl0T77HxE%2BjXIRp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d2fd6141d7f1c3a-FRA
expires
Sun, 26 May 2024 10:05:19 GMT
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/ Frame 0431 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.min.js
Requested by
Host: tags.fulllab.com.br
URL: https://tags.fulllab.com.br/safeframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tags.fulllab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3386031
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
701
last-modified
Mon, 04 May 2020 16:11:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec5-653"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rcku5LT3uHjUqs6v4dIj06909tvjW3Em76ooeLKRJSzMZcXjAhfaK8KkxTauDpwGtJ4bQNsxw0sLfkbj6v2ovRLFfSFsYWZ%2FJDY%2BedXMWNxTmBlj7mdhX%2BHKTrt000q33ptvczZCSFOf4cJgncwd0%2FYZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d2fd6141d801c3a-FRA
expires
Sun, 26 May 2024 10:05:19 GMT
url-tld.min.js
cdnjs.cloudflare.com/ajax/libs/js-url/2.5.3/ Frame 0431 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-url/2.5.3/url-tld.min.js
Requested by
Host: tags.fulllab.com.br
URL: https://tags.fulllab.com.br/safeframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60bde0d59162a6f552ccc30dbf009b15adafbe7dd0a9a7e172f1f1223cbc4a26
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tags.fulllab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3084857
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1574
last-modified
Mon, 04 May 2020 16:11:50 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec6-fd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klYKTxpw6brp5EvZNKp2zJm32sP66HMi8KrWZsQK%2BQCCb47VE4EuZoVE8EcRRroUgzZVBDnGETjYgjK0OZ8f18WettMU%2B8Qv6ps1jxyMrU8JtNKazs%2Fy7d91XNonHV%2BNil4h10bbCKleYRIDblBJyENO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d2fd6141d821c3a-FRA
expires
Sun, 26 May 2024 10:05:19 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306010101&jk=2631452890274016&bg=!mpmlmc3NAAY9J7QfHSc7ADkAdvg8Wj7J9fzH5aGiCRxxUR76Vke_VB4kEiI1Fr0HB-PBFharycyMRfN01H5zMMHZgFOSi7LjuSoCAAAA8VIAAAADaAEHmQL4TQQ8FCNaU7yw1TrBBD1902_pSYf0oHrjcppctvFJeaAayPxwUTfwaOPJGYOtOo1ihKGeniGIFtQp7fG-F8FTv8pSxpZ_XylhGkrdz8WxLSDJyyZ4mqCU1EVkR5Hn5DMKbrd6Cgvkhdo7avS-dVfqOUzl8zfy8ua_MW8uRGICSIV-uNG9ImSuTB08ioYNCshz8zuWw77RvZ0bNNy2dyk_FsWLj3dEjfuPA93gJUPJNqd73GcEbp9EODZqAIpvim7RAyWbgYBlRREO1Hc2Bp5V3gyHSQX-ZB0rEEyV1cRaPcLYJ3YxXsGAIZgpMqOuLvLC8wWZlH9pBcrWuhT5AFICsXDJL-epPpWNFR6oG9csWnZXFNCGExCdBsa1HwnwpopAhesT7YlgCr0CpwWqAJVUIVwdYxOrJ1rgWUiL7yNUq0QuntYhDm8gTrtzr1Tf59NMn1aDhrxQiX4cf4syN6YtWi4xtFjDD29XOV0jxUAurvRJJpEGGqNF2ladU5rFYnwGdEnK0RLu49ySYvGTUIiajXhJL2LJBb7XztZIIaUU_4ZkwoOVWEmZKP2Qp1YAXZKBYUmytPhf39KsnfB_Jjv7oXGrg3PLQjjlh4esP0OKs8-KpDUh9mUqG-Nd0-FzH5ryfHUdECy4GX307R4m9j6GSrQLNlZzP7tJ0WzUGi4MU1Kb6sCM1W1XivJ64t-11OaX0cG0wQiSbpfXXEl-PZFmqUQu8Unx6vdKU88jvkwBwdkNtld9LXGi7zp0nkUAJAiK6x2VzVqJ-6s1Ss-dXdWAT3VESXngkB_Y9mRmCCT9mmcWi4cXXbyCevXQ_vFqcLSVhOrn8OBTx2RvyYu4Ql5IfDmF04ppUyml2eFwt3XrvpSagioSdRvEyKqdwM64UhluI5J713nKgVUH23-zufahTt3S0h5GF-mvmAD7NIWkCzG4GTCj4fC2g13MfaU39CBMrXRJLbx-kgvCf7w4lOBh8vGuK7R7RUHvVrUTXfd1OCY8AeJ_UxNPIA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
/
acesso.estadao.com.br/paywall/modal_lgpd/build/ Frame D476 		840 B
668 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acesso.estadao.com.br/paywall/modal_lgpd/build/
Requested by
Host: www.estadao.com.br
URL: https://www.estadao.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-216.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
97143bbc448749fc2b5becf22dd4b07939bd10428bd098e04ad215c178809704

Request headers

Referer
https://www.estadao.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
content-encoding
gzip
content-length
481
content-type
text/html; charset=UTF-8
date
Tue, 06 Jun 2023 10:05:20 GMT
etag
"6198a-348-5e689b6a92640"
last-modified
Thu, 18 Aug 2022 20:20:33 GMT
server
Apache
vary
Accept-Encoding
main.63f07f7f.js
acesso.estadao.com.br/paywall/modal_lgpd/build/static/js/ Frame D476 		181 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acesso.estadao.com.br/paywall/modal_lgpd/build/static/js/main.63f07f7f.js
Requested by
Host: acesso.estadao.com.br
URL: https://acesso.estadao.com.br/paywall/modal_lgpd/build/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-216.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dfa04f361b1164fd1507357a56433878b02dbb396042801b2e9c26164f386056

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acesso.estadao.com.br/paywall/modal_lgpd/build/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:20 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 20:20:33 GMT
server
Apache
etag
"615f6-2d28b-5e689b6a92640"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
access-control-allow-credentials
true
accept-ranges
bytes
content-length
77640
main.54fd1376.css
acesso.estadao.com.br/paywall/modal_lgpd/build/static/css/ Frame D476 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://acesso.estadao.com.br/paywall/modal_lgpd/build/static/css/main.54fd1376.css
Requested by
Host: acesso.estadao.com.br
URL: https://acesso.estadao.com.br/paywall/modal_lgpd/build/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-216.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ae89d4cec27f35ed5df6341f227ade0c495bd641d972adb51a1fe50754a693cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acesso.estadao.com.br/paywall/modal_lgpd/build/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:20 GMT
content-encoding
gzip
last-modified
Mon, 30 May 2022 21:33:36 GMT
server
Apache
etag
"615f0-e85-5e041689a6c00"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1479
imagem-lgpd-modal.png
statics.estadao.com.br/s2016/lgpd/ Frame D476 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statics.estadao.com.br/s2016/lgpd/imagem-lgpd-modal.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-216.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8a24c597cbc3eda52f93a81afb8057c514ed99a8b79bcbfcf28f79196da52e6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acesso.estadao.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:20 GMT
last-modified
Wed, 27 Oct 2021 17:56:10 GMT
server
Apache
etag
"108209d-2329-5cf594f1ea280"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
9001
expires
Tue, 13 Jun 2023 10:05:20 GMT
/
csync.smilewanted.com/ Frame DDBE 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e42869601ae87a83476b74dbfb615c3acde329931afc04beea4bd387f3703c7e

Request headers

Referer
https://www.estadao.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7d2fd623bfcc9237-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 06 Jun 2023 10:05:21 GMT
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A4C5 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.estadao.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Jun 2023 10:05:21 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame FBAC 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.estadao.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
7614
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 06 Jun 2023 10:05:21 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 24 May 2023 07:58:00 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1992, 56841
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230042-FRA
X-Timer
S1686045922.909256,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FD32 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.estadao.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=64887
content-encoding
gzip
content-length
5554
content-type
text/html
date
Tue, 06 Jun 2023 10:05:21 GMT
expires
Wed, 07 Jun 2023 04:06:48 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
server-timing
ak_p; desc="1686045921901_388391813_11461783_18_503_7_22_255";dur=1
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame A4C5 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
972755983c98afbfb107d5b6da02f1eaef49d9bef146531bf655142633effb76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 10:05:21 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Jun 2023 19:17:42 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33185
Connection
keep-alive
Content-Length
10113
Expires
Tue, 06 Jun 2023 19:18:26 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame DDBE 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1565186
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7d2fd62428299237-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
async_usersync
ib.adnxs.com/ Frame FBAC 		0
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 10:05:21 GMT
AN-X-Request-Uuid
e95b3d2a-c7ae-46d7-8902-24fb534a25ac
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame FD32 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=1155094&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1e1f9688fe80d6b78009ca6bfcee7dfd93431f450f7e43ddd1ee3288cb0014b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 06 Jun 2023 10:05:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
drop_cookie_sw.php
csync.smilewanted.com/ Frame AC6A 		0
350 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7d2fd62498d89237-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 06 Jun 2023 10:05:22 GMT
server
cloudflare
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame 2EE8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Tue, 06 Jun 2023 10:05:22 GMT
X-Sovrn-Pod
ad_ap3ams1
Pug
simage2.pubmatic.com/AdServer/ Frame 474A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2a98647f-04e2-4600-b1f7-0f7566f62e46&gdpr=0&gdpr_consent=
42 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2a98647f-04e2-4600-b1f7-0f7566f62e46&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 10:05:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 06 Jun 2023 10:05:22 GMT
Expires
Tue, 06 Jun 2023 10:05:21 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master zrh-pixel-x27 config_version:"2391"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2a98647f-04e2-4600-b1f7-0f7566f62e46&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 2126
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322326787056427
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322326787056427
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 10:05:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Tue, 06 Jun 2023 10:05:22 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322326787056427
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame 5AFF
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 10:05:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 06 Jun 2023 10:05:21 GMT
expires
Tue, 06 Jun 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1141720
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame A8B6
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7797055540750413310
42 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7797055540750413310
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 10:05:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7797055540750413310
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dcm
aax-eu.amazon-adsystem.com/s/ Frame BF3D
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=06C4B25A-20EF-45D1-94E6-E9C96856DB7C&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=06C4B25A-20EF-45D1-94E6-E9C96856DB7C&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=06C4B25A-20EF-45D1-94E6-E9C96856DB7C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 06 Jun 2023 10:05:22 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
WGHKQGA3D98RARREN8D3

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 06 Jun 2023 10:05:22 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=06C4B25A-20EF-45D1-94E6-E9C96856DB7C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
G9JZTERCHYV9WQGSWMYZ
Pug
image2.pubmatic.com/AdServer/ Frame BB30
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=N-LUETHihkUs54BDNOfORjG3hkQs49JGZbPrN4H9
42 B
342 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=N-LUETHihkUs54BDNOfORjG3hkQs49JGZbPrN4H9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 10:05:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 06 Jun 2023 10:05:22 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=N-LUETHihkUs54BDNOfORjG3hkQs49JGZbPrN4H9
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 63E7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3931163274102045951&gdpr=0&gdpr_consent=
42 B
446 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3931163274102045951&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 10:05:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
51719f9f-f7fa-4b4f-81cb-2dd3dcbf6925
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 06 Jun 2023 10:05:22 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3931163274102045951&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5182
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7241512094548031629&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7241512094548031629&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 10:05:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Tue, 06 Jun 2023 10:05:22 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7241512094548031629&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
image2.pubmatic.com/AdServer/ Frame ED1B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDczkwN0lfZ29BQUNGenVodVF6Zw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACs907I_goAACFzuhuQzg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACs907I_goAACFzuhuQzg&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACs907I_goAACFzuhuQzg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8960058707774070119&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACs907I_goAACFzuhuQzg&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACs907I_goAACFzuhuQzg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 10:05:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 06 Jun 2023 10:05:22 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACs907I_goAACFzuhuQzg&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame D506
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZH8E4gACgcfyvQBR
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 06 Jun 2023 10:05:22 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230137-FRA
x-timer
S1686045922.226887,VS0,VE89

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 06 Jun 2023 10:05:22 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZH8E4gACgcfyvQBR
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230137-FRA
x-timer
S1686045922.123775,VS0,VE89
Pug
simage2.pubmatic.com/AdServer/ Frame EA37
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FeVGqeltUCdT8eymih_UWiU6Ovo&gdpr=0&gdpr_consent=
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FeVGqeltUCdT8eymih_UWiU6Ovo&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 10:05:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Tue, 06 Jun 2023 10:05:22 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FeVGqeltUCdT8eymih_UWiU6Ovo&gdpr=0&gdpr_consent=
bridge
cm.adgrx.com/ Frame 30C9 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Tue, 06 Jun 2023 10:05:22 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-5
cm
ipac.ctnsnet.com/int/ Frame E00C 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 06 Jun 2023 10:05:21 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame C9BA
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=a3v0l3l281gx
42 B
229 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=a3v0l3l281gx
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 10:05:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Tue, 06 Jun 2023 10:05:22 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=a3v0l3l281gx
lws
35
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
cookiesync
core.iprom.net/ Frame B2C4 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 06 Jun 2023 10:05:22 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-2a682dc19602@version_1.552
X-core-time
0ms
X-server-arch
v2
Pug
image2.pubmatic.com/AdServer/ Frame 7CA2
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%25...
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0%26redirect%3Dhttps%253A%252F%25...
  • https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=526b9234dbdb7d02c200cf46315b1b59&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRaXbaXTSThbYXYVW&gdpr=0&gdpr_consent=
42 B
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRaXbaXTSThbYXYVW&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 10:05:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRaXbaXTSThbYXYVW&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame EFF2
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=06C4B25A-20EF-45D1-94E6-E9C96856DB7C&gdpr=0&gdpr_consent=
42 B
286 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=06C4B25A-20EF-45D1-94E6-E9C96856DB7C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 10:05:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 06 Jun 2023 10:05:22 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=06C4B25A-20EF-45D1-94E6-E9C96856DB7C&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 2842
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 06 Jun 2023 10:05:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 06 Jun 2023 10:05:22 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FD32
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BsSyWiDvRdGU5unJaFbbfA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:22 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=64886
server-timing
ak_p; desc="1686045922186_388391813_11462187_20_487_7_0_146";dur=1
accept-ranges
bytes
content-length
5554
expires
Wed, 07 Jun 2023 04:06:48 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame FD32 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=06C4B25A-20EF-45D1-94E6-E9C96856DB7C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.51.163.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-51-163-206.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:22 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.18.143
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame FD32
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2032789585
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=06C4B25A-20EF-45D1-94E6-E9C96856DB7C
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=06C4B25A-20EF-45D1-94E6-E9C96856DB7C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:22 GMT
via
1.1 google
last-modified
Tue, 06 Jun 2023 10:05:22 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=06C4B25A-20EF-45D1-94E6-E9C96856DB7C
date
Tue, 06 Jun 2023 10:05:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame FD32
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=06C4B25A-20EF-45D1-94E6-E9C96856DB7C
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ODRtQmpYLTZxaExRY2FycEJ1OUY5YWlEUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=6035221509773553240&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
HTTP/1.1
Server
52.44.244.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-244-58.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Tue, 06 Jun 2023 10:05:23 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 06 Jun 2023 10:05:22 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame FD32
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDZDNEIyNUEtMjBFRi00NUQxLTk0RTYtRTlDOTY4NTZEQjdD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 10:05:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FD32
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPovUIvcdpdmRTf4TO-IgMc&google_cver=1
42 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPovUIvcdpdmRTf4TO-IgMc&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 10:05:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPovUIvcdpdmRTf4TO-IgMc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame FD32 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:22 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 05 Jun 2023 10:05:22 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FD32
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6035221509773553240
42 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6035221509773553240
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 10:05:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6035221509773553240
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame FD32 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Jun 2023 10:05:22 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
SPug
image4.pubmatic.com/AdServer/ Frame FD32
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=06C4B25A-20EF-45D1-94E6-E9C96856DB7C&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=06C4B25A-20EF-45D1-94E6-E9C96856DB7C&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_9lkctpE2uU9_HEPIrwG2sFzPkUY1Jk-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_9lkctpE2uU9_HEPIrwG2sFzPkUY1Jk-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:20 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_9lkctpE2uU9_HEPIrwG2sFzPkUY1Jk-~A&gdpr=0
date
Tue, 06 Jun 2023 10:05:22 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
06C4B25A-20EF-45D1-94E6-E9C96856DB7C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame FD32 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/06C4B25A-20EF-45D1-94E6-E9C96856DB7C?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:4d53:e3a9:9bb3:651 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame FD32
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=353aab2d-36f7-4938-bb2d-2361f2273570&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f62e8b20-b6f7-4903-9aa4-a3e97b35c84b&gdpr=&gdpr_consent=&gdpr_pd=
1 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f62e8b20-b6f7-4903-9aa4-a3e97b35c84b&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 06 Jun 2023 10:05:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f62e8b20-b6f7-4903-9aa4-a3e97b35c84b&gdpr=&gdpr_consent=&gdpr_pd=
date
Tue, 06 Jun 2023 10:05:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame FD32 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=06C4B25A-20EF-45D1-94E6-E9C96856DB7C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:22 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame FD32 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 06 Jun 2023 10:05:21 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FD32
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2878514284395438275&gdpr=0&gdpr_consent=&us_privacy=
1 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2878514284395438275&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 06 Jun 2023 10:05:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2878514284395438275&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 06 Jun 2023 10:05:21 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame FD32
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:7e67489b-71a6-4c38-aa16-560b481f03de&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:7e67489b-71a6-4c38-aa16-560b481f03de&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 06 Jun 2023 10:05:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:7e67489b-71a6-4c38-aa16-560b481f03de&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 06 Jun 2023 10:05:22 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 9721
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
95 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.90.211.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.211.90.157.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Tue, 06 Jun 2023 10:05:21 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Tue, 06 Jun 2023 10:05:21 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
pixel
cm.g.doubleclick.net/ Frame A4C5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTFlOGExNWZlZDI1MDY4ZTMwMDdhZjIxZmNmMTc0MmRhMTk0OTcxNw
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTFlOGExNWZlZDI1MDY4ZTMwMDdhZjIxZmNmMTc0MmRhMTk0OTcxNw
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTFlOGExNWZlZDI1MDY4ZTMwMDdhZjIxZmNmMTc0MmRhMTk0OTcxNw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame A4C5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElLNDdGTzYtMTUtQVZLMw==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECxLilywzrMyXFuvWdPg3HM&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElLNDdGTzYtMTUtQVZLMw==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElLNDdGTzYtMTUtQVZLMw==&google_push=
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElLNDdGTzYtMTUtQVZLMw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e06182bf224d96e6550f4595601cdb0b
Expires
0
tap.php
pixel.rubiconproject.com/ Frame A4C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEADXyaio1oAyBr_f2gCaZZo&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEADXyaio1oAyBr_f2gCaZZo&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 06 Jun 2023 10:05:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEADXyaio1oAyBr_f2gCaZZo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame A4C5
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=1d-TPFlySJqn-msOcZOymw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=1d-TPFlySJqn-msOcZOymw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=1d-TPFlySJqn-msOcZOymw
Protocol
HTTP/1.1
Server
67.220.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 10:05:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VXF4VE6BFR2GP3MT0WWQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=1d-TPFlySJqn-msOcZOymw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame A4C5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIK47FO6-15-AVK3
0
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIK47FO6-15-AVK3
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 10:05:21 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 38604949F1E8444C8796831C8BA81EB9 Ref B: FRAEDGE1813 Ref C: 2023-06-06T10:05:22Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX9cyhGWv44l7U8Efj8Mw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIK47FO6-15-AVK3
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame A4C5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/xRx67PJBiYY4_sVSaf8jGcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-SuJREMVE2oLpFNSqc.Dh_qEYGotBUDUQtoRQYQ--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-SuJREMVE2oLpFNSqc.Dh_qEYGotBUDUQtoRQYQ--~A
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 06 Jun 2023 10:05:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-SuJREMVE2oLpFNSqc.Dh_qEYGotBUDUQtoRQYQ--~A
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame A4C5 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 06 Jun 2023 10:05:22 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
s.amazon-adsystem.com/ Frame A4C5
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=pyoKViN1SoiNQEAbOeqVGw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=pyoKViN1SoiNQEAbOeqVGw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=pyoKViN1SoiNQEAbOeqVGw
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 10:05:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BW6S4XGAYDTN9BFTQ9TG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=pyoKViN1SoiNQEAbOeqVGw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
RX-c33a1430-eba3-4f17-a568-3cd929f37ce3-003
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame 3B3F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1686045922302
  • https://ad.turn.com/r/cs?pid=45&rndcb=3533755628
  • https://sync.1rx.io/usersync/turn/2878514284395438275?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-c33a1430-eba3-4f17-a568-3cd929f37ce3-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-c33a1430-eba3-4f17-a568-3cd...
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-c33a1430-eba3-4f17-a568-3cd929f37ce3-003
0
572 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-c33a1430-eba3-4f17-a568-3cd929f37ce3-003
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7d2fd62b5f979237-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 06 Jun 2023 10:05:23 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-type
text/html
date
Tue, 06 Jun 2023 10:05:23 GMT
etag
RXc33a1430eba34f17a5683cd929f37ce3003
location
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-c33a1430-eba3-4f17-a568-3cd929f37ce3-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
f5c60a5f-4a7e-529d-99f3-2276fd8c2694
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame D197
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/f5c60a5f-4a7e-529d-99f3-2276fd8c2694
0
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/f5c60a5f-4a7e-529d-99f3-2276fd8c2694
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7d2fd6271b4d9237-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 06 Jun 2023 10:05:22 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/f5c60a5f-4a7e-529d-99f3-2276fd8c2694
smwt256.gif
us.ck-ie.com/ Frame 1786 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Tue, 06 Jun 2023 10:05:22 GMT
Server
nginx
6035221509773553240
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 0DE6
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/6035221509773553240
0
376 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/6035221509773553240
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7d2fd626baf59237-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 06 Jun 2023 10:05:22 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Tue, 06 Jun 2023 10:05:22 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/6035221509773553240
server
nginx
85b9bccc2231b4a3f76c1168065e063
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 7415
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/85b9bccc2231b4a3f76c1168065e063?gdpr_consent=&gdpr=0
0
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/85b9bccc2231b4a3f76c1168065e063?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7d2fd6274b699237-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 06 Jun 2023 10:05:22 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 06 Jun 2023 10:05:22 GMT
Expires
Tue, 06 Jun 2023 10:05:22 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/85b9bccc2231b4a3f76c1168065e063?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
Server-Timing
ak_p; desc="1686045922385_389467964_26364087_1992_684_10_22_-";dur=1
x-sticky-vk
1686045922396040-595
v1
match.sharethrough.com/universal/ Frame 8CA6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.12.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-12-252.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Tue, 06 Jun 2023 10:05:22 GMT
smw888.gif
us.ck-ie.com/ Frame 9275 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Tue, 06 Jun 2023 10:05:22 GMT
Server
nginx
97qKh7Pv1f1EVtSb6Mtt
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame A82B
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/97qKh7Pv1f1EVtSb6Mtt?pi=smilewanted&tc=1
0
669 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/97qKh7Pv1f1EVtSb6Mtt?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7d2fd627dc229237-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 06 Jun 2023 10:05:22 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 06 Jun 2023 10:05:22 GMT Tue, 06 Jun 2023 10:05:22 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/97qKh7Pv1f1EVtSb6Mtt?pi=smilewanted&tc=1
pragma
no-cache
async_usersync
ib.adnxs.com/ Frame FBAC 		0
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Jun 2023 10:05:23 GMT
AN-X-Request-Uuid
38324068-5464-4378-a8ce-eb35633e35f6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
37.58.58.250; 37.58.58.250; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14044&site_id=70010&zone_id=334044&size_id=15&alt_size_ids=15%2C19%2C43%2C44%2C282&rf=https%3A%2F%2Fwww.estadao.com.br%2F&tg_v.assinante=false&tg_i.page=https%3A%2F%2Fwww.estadao.com.br%2F&tg_i.domain=estadao.com.br&tg_i.adUnit=%2F118650305%2Fgeral%2Fhome&tg_i.pbadslot=%2F118650305%2Fgeral%2Fhome&tk_flint=pbjs_lite_v7.19.0&x_source.tid=9278cb24-85e6-49a1-8d34-46016b23d56f&l_pb_bid_id=122faccce1ffa47&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F118650305%2Fgeral%2Fhome&slots=1&rand=0.8774925401871903

Verdicts & Comments Add Verdict or Comment

278 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 boolean| credentialless object| onbeforetoggle object| onscrollend object| dataLayerEstadao boolean| isIE object| BOOMR_mq string| BOOMR_API_key object| BOOMR object| Fusion object| react object| React object| ReactDOM object| PropTypes object| StyledComponents object| regeneratorRuntime object| webpackJsonp function| pwz object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression function| fbq function| _fbq string| GoogleAnalyticsObject function| ga number| status_proximo_noticia_dp6 object| dataLayerGlobal string| dp6FirstURL function| dp6Listen function| estadaoListen function| breakTags function| dp6GenericEvent function| listenEventosFormularioEstadao function| dp6WordCounter object| dp6Helper function| dp6WatchNewsOn function| getCookieEstadao function| deleteCookieEstadao function| selectorVisivel function| selectorVisivelInterval number| dp6WaitForjQueryModules number| dp6WaitForJquery function| getCookie boolean| apply object| exceptions function| loadModalLgpd object| ESWG string| ivc_user_id object| GlobalIvcNamespace function| ivc number| _sf_startpt object| _sf_async_config object| _cbq number| _sf_endpt number| intervalChecarPaywall function| checkPaywall function| onYouTubeIframeAPIReady string| AppsFlyerSdkObject function| AF function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___ object| ESTADAO_MENU object| eventShowDispached object| dataLayer function| gtag object| pbjsChunk object| pbjs object| _pbjsGlobals string| o object| a object| b function| Navegg object| naveggReady object| nvg23902 object| googletag function| isMobile boolean| arcBiddingReady object| gaplugins object| gaGlobal object| gaData function| _UA-166963-24_sendHitTask function| __475an521in8a__ object| googlefc object| AF_cleanupMethods object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| Evergage string| VE_CUSTOM_EVENT_NAME string| TO_LAUNCHER_MESSAGE_TYPE string| TO_LAUNCHER_PAYLOAD_TYPE object| eventLinkId object| evgr function| sendMessageToEvergageLauncher number| evergageBeaconParseTimeStart object| SalesforceInteractions number| evergageBeaconParseTimeEnd function| render number| evergagePageMatchTimeout number| evergageReshowPersonalizedSectionsTimeout object| AF_SDK object| Snowplow object| ggeac object| google_js_reporting_queue object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| NGJmMTdiZThiZGU5NGU1YWxvYWRlcl9qcw== object| NGJmMTdiZThiZGU5NGU1YWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| _cbm object| zephrBrowser function| nvgGetSegment function| ltgc string| nvg_currentPage undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| BOOMR_configt object| __uid2SecureSignalProvider object| __uid2 object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| signal_decrypted object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_137 object| Criteo object| Criteo_identitytag_137 number| google_unique_id object| rendered number| BOOMR_onload object| Zephr object| anchor boolean| isHome object| banner string| isCadastrado function| setCluster function| scrollBannerHome function| scrollToEnd function| behaviorAds function| observerAdsFooter object| GoogleGcLKhOms object| adpnExecutions object| aliveChecks boolean| adpnLoaded boolean| 983b0f88-8b1a-4d05-95e2-1bd3c865fa55 object| google_image_requests

129 Cookies

Domain/Path Name / Value
hroicloudflareekalilta.best/ Name: PHPSESSID
Value: nerpvsbgqa7sg6skk4f6irshm4
hroicloudflareekalilta.best/ Name: pais
Value: DE
hroicloudflareekalilta.best/ Name: estado
Value: CFXX_Cache
hroicloudflareekalilta.best/ Name: cidade
Value: CFXX
.estadao.com.br/ Name: _gcl_au
Value: 1.1.1746330812.1686045916
.estadao.com.br/ Name: currentUrl
Value: https://www.estadao.com.br/
acesso.estadao.com.br/ Name: BIGipServerpool_paywall_443
Value: 3265706440.47873.0000
.estadao.com.br/ Name: _ga
Value: GA1.3.1948286254.1686045916
.estadao.com.br/ Name: _gid
Value: GA1.3.992799289.1686045916
.estadao.com.br/ Name: _gat_UA-166963-24
Value: 1
.estadao.com.br/ Name: ESTADAO_NETWORK
Value: 0
.estadao.com.br/ Name: _cb
Value: 5l_ybQq_yHDabnZl
.estadao.com.br/ Name: _chartbeat2
Value: .1686045916227.1686045916227.1.Cv8PtnCutH_pBSLTaABYGFXwCO_xPZ.1
.estadao.com.br/ Name: _cb_svref
Value: null
.estadao.com.br/ Name: _evga_b55d
Value: {%22uuid%22:%226a2a6580a999cb35%22}
.estadao.com.br/ Name: _sfid_8f2e
Value: {%22anonymousId%22:%226a2a6580a999cb35%22%2C%22consents%22:[{%22consent%22:{%22purpose%22:%22Personalization%22%2C%22provider%22:%22Example%20Consent%20Manager%22%2C%22status%22:%22Opt%20In%22}%2C%22lastUpdateTime%22:%222023-06-06T10:05:16.268Z%22%2C%22lastSentTime%22:%222023-06-06T10:05:16.277Z%22}]}
.estadao.com.br/ Name: OESP_GA_GID
Value: 66487a24-cbb2-4f01-9781-1f5b7432ea41
www.estadao.com.br/ Name: _gada_ses.3bbf
Value: *
www.estadao.com.br/ Name: _gada_id.3bbf
Value: 7abb4424-89e0-4ac9-afba-14cef822eadd.1686045916.1.1686045916.1686045916.851b8282-ac3f-49a7-b4a4-839b542333ee
.estadao.com.br/ Name: _fbp
Value: fb.2.1686045916595.426151011
www.estadao.com.br/ Name: privAu
Value: 0
.navdmp.com/ Name: ac3
Value: 1
.estadao.com.br/ Name: lotame_domain_check
Value: estadao.com.br
.criteo.com/ Name: uid
Value: 23fa1e9d-372b-4c46-a680-96b49bf93fe8
saoestadodespaulo.us-7.evergage.com/ Name: AWSALBCORS
Value: KADYuzhF2EUm2XV30naTxTsDkMGX9FrEiM/ldl+WvrkMa8pUKvQdYDBk5OiChYOby47v7dn9APzWbRhtfAS9q87oMsvIe1DoEama2lwr+DTQo2LcNPhmWbtK0jia
.navdmp.com/ Name: nid
Value: 12cfebdc42fbc97c093ca39fdc10|0|186
.estadao.com.br/ Name: nvg23902
Value: 12cfebdc42ce085f6f56009a4510|2_158
.rubiconproject.com/ Name: khaos
Value: LIK47FO6-15-AVK3
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB3VsjabY92okrJGe4Ni1ThWK2euPP2lVg2+SmvwaNDOnhwDLWhrFSPaXzUxM9NEMkTM3bAGD0Ilx38gsBGYXdKF3W/qtWoAeDqyqVI1k5poNA==
.adnxs.com/ Name: uuid2
Value: 3931163274102045951
.estadao.com.br/ Name: cto_bundle
Value: jXPQzF9nbEoxb3p1eEk3d09OMVdLSzUySzNCZXhCS0liRVNaQWdRYVFGJTJGJTJCSkVFOGVod0daTW9PU0x0U0hETFJkTnklMkJsTEhiOWYwNG1ka0VkSTRWdEpLdm9EelR1VVRXT0x2Ynl4JTJCTWsycFpqRkRoZHlRblIzSkJOSVVkT3B2QU9yck5uQjRtOFpocVF0MGZLVGJBMjBxNThpUSUzRCUzRA
.openx.net/ Name: i
Value: a843aab6-8a8a-4778-8de6-f939b7de4a6d|1686045917
.estadao.com.br/ Name: __gads
Value: ID=3a896b035d9b36d9:T=1686045917:RT=1686045917:S=ALNI_Mbu58Cw-cLWSXyMSCm-R5kJcoAmAw
.estadao.com.br/ Name: __gpi
Value: UID=00000c3d5a8f7474:T=1686045917:RT=1686045917:S=ALNI_MZH4Lktl2UH1N7CzWpfQPgqUk4XMg
.doubleclick.net/ Name: IDE
Value: AHWqTUl5LWvKreeH7bSeeBkshG-PD7fxYXCadS2XbYJjL5A1_j8W1G8EcoQnCnBpTMQ
.www.estadao.com.br/ Name: RT
Value: "z=1&dm=www.estadao.com.br&si=09fd7806-6312-49a7-8e0c-6c1e3baf28f9&ss=lik47cpm&sl=1&tt=3qp&rl=1&ld=3qr"
www.estadao.com.br/ Name: AWSALB
Value: 8fp9/NdRYvpaKefSAYJOhTdIVkRmSuCzQ0q3Ay+DtnZN+6XViT1sfvc7wP+wYSujBEQ9s/inP0gEd9s8HyD/U+h/+1MravnJv8EnGgUGke5RzuYSOCbleJydqh11
www.estadao.com.br/ Name: AWSALBCORS
Value: 8fp9/NdRYvpaKefSAYJOhTdIVkRmSuCzQ0q3Ay+DtnZN+6XViT1sfvc7wP+wYSujBEQ9s/inP0gEd9s8HyD/U+h/+1MravnJv8EnGgUGke5RzuYSOCbleJydqh11
.estadao.com.br/ Name: blaize_session
Value: 6ca9cef5-b2b0-4b58-9368-65d84d11d909
.estadao.com.br/ Name: blaize_tracking_id
Value: 23abccd5-c857-4e5e-b95e-f7ef274f6526
.adnxs.com/ Name: icu
Value: ChgIg65NEAoYAiACKAIw3Yn8owY4AkACSAIKGAj-lGAQChgCIAIoAjDeifyjBjgCQAJIAhDeifyjBhgD
.estadao.com.br/ Name: FCNEC
Value: %5B%5B%22AKsRol_J4xLadEb0i_iYkTPgZm-ZHC8tCypNICztY8sQzjThKLdMQqpk4HZORKf_RHNqiRBV6SVdFE4Oh_Al0Vlp8zwOefwbiwRfq3Rj1C-L57IE5tIAUcHk40WeYk9IjtUaNIuAw3G9TeUA5A7qgYWDSTV9OqUjgQ%3D%3D%22%5D%2Cnull%2C%5B%5B5%2C%22808%22%5D%5D%5D
.fulllab.com.br/ Name: language
Value: en-US
.fulllab.com.br/ Name: screenResolution
Value: 1600%3B1200
.fulllab.com.br/ Name: timezone
Value: Etc/Unknown
.fulllab.com.br/ Name: platform
Value: Win32
.fulllab.com.br/ Name: adBlock
Value: false
.fulllab.com.br/ Name: fp
Value: 785910521b56b7f1b48615f1fe1f7596
.fulllab.com.br/ Name: lastUrl
Value: https://www.estadao.com.br/
.fulllab.com.br/ Name: lastVisit
Value: 1686045919509
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 06C4B25A-20EF-45D1-94E6-E9C96856DB7C
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156383:2
.pubmatic.com/ Name: DPSync3
Value: 1687219200%3A201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1686873600%3A63%7C1686614400%3A2_15_223%7C1687305600%3A35%7C1687219200%3A71_55_233_22_165_254_238_220_54_46_8_3_56_234_13_251_166_214_88_249_21_161_7_81%7C1688601600%3A203
.quantserve.com/ Name: d
Value: EPwBCwGVKfijAA
.quantserve.com/ Name: mc
Value: 647f04e2-1c451-10ae3-511de
.mathtag.com/ Name: uuid
Value: 2a98647f-04e2-4600-b1f7-0f7566f62e46
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3931163274102045951&KRTB&23339-3931163274102045951
.adfarm1.adition.com/ Name: UserID1
Value: 7241512094548031629
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFmYGJqaWRkaGwCANEWbZkQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2MjO3MDcwNTMxMhfiM9TNDstwt8jL9KnwyPMDABylF7glAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2MjO3MDcwNTMxMhfiM9TNDstwt8jL9KnwyPMDABylF7glAAAA
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:2a98647f-04e2-4600-b1f7-0f7566f62e46&KRTB&16736-uid:2a98647f-04e2-4600-b1f7-0f7566f62e46&KRTB&23019-uid:2a98647f-04e2-4600-b1f7-0f7566f62e46&KRTB&23114-uid:2a98647f-04e2-4600-b1f7-0f7566f62e46
.ctnsnet.com/ Name: cid_acf7f4ca5e974a77891a8c628f47c10b
Value: 1
.weborama.fr/ Name: AFFICHE_W
Value: hwTHLAA-tZuH31
.de17a.com/ Name: guid
Value: 1.7797055540750413310
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7241512094548031629&KRTB&23369-7241512094548031629
.csync.loopme.me/ Name: viewer_token
Value: 6c16aae0-7f51-44f6-bec2-c2522ada53a4
.simpli.fi/ Name: suid
Value: 25708AC71B93478BAEE41BD630F33414
.adform.net/ Name: C
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZH8E4gACgcfyvQBR
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-7797055540750413310
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEPovUIvcdpdmRTf4TO-IgMc&KRTB&22987-CAESEPovUIvcdpdmRTf4TO-IgMc&KRTB&23025-CAESEPovUIvcdpdmRTf4TO-IgMc&KRTB&23386-CAESEPovUIvcdpdmRTf4TO-IgMc
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-N-LUETHihkUs54BDNOfORjG3hkQs49JGZbPrN4H9&KRTB&19420-N-LUETHihkUs54BDNOfORjG3hkQs49JGZbPrN4H9&KRTB&22979-N-LUETHihkUs54BDNOfORjG3hkQs49JGZbPrN4H9&KRTB&23462-N-LUETHihkUs54BDNOfORjG3hkQs49JGZbPrN4H9
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5124322326787056427
.adform.net/ Name: uid
Value: 6035221509773553240
.bidswitch.net/ Name: tuuid
Value: f62e8b20-b6f7-4903-9aa4-a3e97b35c84b
.bidswitch.net/ Name: c
Value: 1686045922
.bidswitch.net/ Name: tuuid_lu
Value: 1686045922
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~2c2a
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-06C4B25A-20EF-45D1-94E6-E9C96856DB7C&KRTB&23413-06C4B25A-20EF-45D1-94E6-E9C96856DB7C&KRTB&23479-06C4B25A-20EF-45D1-94E6-E9C96856DB7C
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6035221509773553240&KRTB&23263-6035221509773553240&KRTB&23481-6035221509773553240
.yahoo.com/ Name: A3
Value: d=AQABBOIEf2QCELyd37sJQkyoC6purK9BUH4FEgEBAQFWgGSIZAAAAAAA_eMAAA&S=AQAAAnEqRKb6uFpspnMHID4bjLI
.bidr.io/ Name: bito
Value: AACs907I_goAACFzuhuQzg
.bidr.io/ Name: bitoIsSecure
Value: ok
.turn.com/ Name: uid
Value: 2878514284395438275
.onaudience.com/ Name: cookie
Value: 902102787b132354
.onaudience.com/ Name: done_redirects161
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2878514284395438275&KRTB&23150-2878514284395438275
.pubmatic.com/ Name: SPugT
Value: 1686045920
.adsby.bidtheatre.com/ Name: __kuid
Value: 7e67489b-71a6-4c38-aa16-560b481f03de.455259922
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: f5c60a5f-4a7e-529d-99f3-2276fd8c2694
.betweendigital.com/ Name: ss
Value: 1
.linkedin.com/ Name: bcookie
Value: "v=2&228503db-8265-404e-8ead-c936fb95238a"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODYwNDU5MjI7MjswMjHqOvNy3bwM2Y3t3AKzS5YtekNP13qOxrE1BPspFr8SOA==
.linkedin.com/ Name: lidc
Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2671:u=1:x=1:i=1686045922:t=1686132322:v=2:sig=AQE7wHgC5qLmOrjz3OFNy6zcL1ED80J1"
.betweendigital.com/ Name: ut
Value: ZH8E4gAGQZD-_wtcu4CUEpS4l82cUEose23Ltg==
match.sharethrough.com/ Name: AWSALBCORS
Value: bEMas57dU4504toI0A9D0HGtqmpte0K8zBUiu0IcuuwypqkBC2cZdlETsbSWxOn8F5s44Lv6prmT2qDbXJGHIPV0ek7MyqND2HUW/xxfTRUOy/G8KCgfq8YWjEQC
.scoota.co/ Name: tuuid
Value: 353aab2d-36f7-4938-bb2d-2361f2273570
.scoota.co/ Name: c
Value: 1686045922
.scoota.co/ Name: tuuid_lu
Value: 1686045922
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: ad3a219b939df76e
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.exelator.com/ Name: EE
Value: "526b9234dbdb7d02c200cf46315b1b59"
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-f62e8b20-b6f7-4903-9aa4-a3e97b35c84b
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHUyCzJ0sjYJCUpJck8xcAo2cjAIDnNxMzY0DTJMMnUcnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQZEl%252BUWb6IhfXxUUpaQyLSopPBR%252FxEAMAiw4pcw%253D%253D"
.creativecdn.com/ Name: u
Value: 97qKh7Pv1f1EVtSb6Mtt
.creativecdn.com/ Name: ts
Value: 1686045922
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-15e546a9-e96d-5027-53f1-eca68a1fd45a.2HcW09eLFaEW%2BtGGfToQlRWaptu2pelwBhTxGxWMSIU
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AFeVGqeltUCdT8eymih_UWiU6Ovo.EOJUcROwSfokzOlmK1JKSkiiEDp%2FSEceA%2BoFLOwYVcY
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AFeVGqeltUCdT8eymih_UWiU6Ovo.EOJUcROwSfokzOlmK1JKSkiiEDp%2FSEceA%2BoFLOwYVcY
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-FeVGqeltUCdT8eymih_UWiU6Ovo&KRTB&23334-FeVGqeltUCdT8eymih_UWiU6Ovo&KRTB&23417-FeVGqeltUCdT8eymih_UWiU6Ovo&KRTB&23426-FeVGqeltUCdT8eymih_UWiU6Ovo
.audrte.com/ Name: arcki2
Value: 84mBjX-6qhLQcarpBu9F9aiDQ!20220908!1686045922485!ip#37.58.58.250
.audrte.com/ Name: arcki2_pubmatic
Value: 06C4B25A-20EF-45D1-94E6-E9C96856DB7C!20220908!1686045922489
.smilewanted.com/ Name: sw_user_params_infos
Value: bFDqn6kccGEUO3PJi0zaZKCWYkx77oDs48BaIgrOyUetSZ2jhjSX4ug9dIAK9Dy2buOoxvQdtzzuvUPx8fIfD10RTNtNc9rlhn9amD9i3trNSvT%2BQmGKrMB2zU5j6%2BtPzQJ%2F%2BLzpZtpZJFv5D716oe8a4n9PkPodFjEwwn%2BCoaGitvS4vRJdlnjBiU9LQKxuLs9fPO9cfHmD6OSCKl2QQ4b%2FFGGBPDNh6%2BtZqKU%2FSN4ewAtwAkeOoYsEl6QjNratCSLStFIQwKOtPqauvxGIQPm49SF%2Bz4PssMQU7dLjf9F2JKbq9FQAmwIGIJrDceCU
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-tk2EoAPtRaXbaXTSThbYXYVW
.pubmatic.com/ Name: PugT
Value: 1686045922
.smartadserver.com/ Name: pid
Value: 8960058707774070119
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AACs907I_goAACFzuhuQzg
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AACs907I_goAACFzuhuQzg
.audrte.com/ Name: arcki2_ddp2
Value: 84mBjX-6qhLQcarpBu9F9aiDQ!20220908!1686045922630
.amazon-adsystem.com/ Name: ad-id
Value: A4ELBKiRckvFoqP1qRJB9s4
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-c33a1430-eba3-4f17-a568-3cd929f37ce3-003%22%2C%22nxtrdr%22%3Afalse%7D
.gammaplatform.com/ Name: _aGeoIp
Value: VN|Ho_Chi_Minh_City
.gammaplatform.com/ Name: _aUID
Value: a3v0l3l281gx

10 Console Messages

Source Level URL
Text
network error URL: https://hitbip.com/img?i=i6vz4ajxvop5x5oh9jc0u
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=36890397541&lsavail=0
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=31693812607&lsavail=0
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=77597674852&lsavail=0
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=22532176879&lsavail=0
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=789211223&lsavail=0
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=53020383382&lsavail=0
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=94431926648&lsavail=0
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=39885541736&lsavail=0
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=06C4B25A-20EF-45D1-94E6-E9C96856DB7C&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6bedb7dd84afcb3244a5088949c0b1f1.safeframe.googlesyndication.com
a.audrte.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
acesso.estadao.com.br
ad.mrtnsvr.com
ad.turn.com
ads.betweendigital.com
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
adx.adform.net
ap.lijit.com
assets.zephr.com
banner.boostbox.com.br
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
c.go-mpulse.net
c1.adform.net
cdn.evgnet.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.navdmp.com
cdn.polyfill.io
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
contributor.google.com
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
csync.loopme.me
csync.smilewanted.com
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dspl.incvaluex.com
esp.rtbhouse.com
estadao-bi-ga360.appspot.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.gstatic.com
fundingchoicesmessages.google.com
google-bidout-d.openx.net
green.erne.co
gum.criteo.com
hb.adpone.com
hbopenbid.pubmatic.com
hitbip.com
hroicloudflareekalilta.best
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
invstatic101.creativecdn.com
ipac.ctnsnet.com
ivccf.ivcbrasil.org.br
ivccftag.ivcbrasil.org.br
loada.exelator.com
mab.chartbeat.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
meu.estadao.com.br
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.smilewanted.com
prg.smartadserver.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.scoota.co
redcarpat.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.go-mpulse.net
saoestadodespaulo.us-7.evergage.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
static.chartbeat.com
static.criteo.net
static.smilewanted.com
statics.estadao.com.br
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tag.navdmp.com
tags.crwdcntrl.net
tags.fulllab.com.br
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us.ck-ie.com
usr.navdmp.com
websdk.appsflyer.com
www.estadao.com.br
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
fastlane.rubiconproject.com
108.128.250.26
134.122.57.34
141.94.161.190
141.94.171.216
144.126.250.218
151.101.130.49
151.101.192.114
151.101.65.108
157.90.211.246
162.19.138.119
172.217.16.194
172.67.10.198
178.250.7.11
178.250.7.13
18.194.57.28
18.197.12.252
18.66.112.14
18.66.192.8
18.66.192.95
184.24.77.60
185.184.8.90
185.29.132.245
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.80
185.86.138.154
185.86.138.16
188.42.191.196
193.0.160.131
195.5.165.20
198.47.127.20
2.17.100.216
2001:678:cb4:bbbb::11
208.93.169.131
213.155.156.183
213.19.147.45
216.52.2.16
23.201.255.110
23.32.184.192
2600:9000:2250:8a00:a:e047:753:be1
2600:9000:237d:3c00:18:1fcd:353:c61
2600:9000:2490:dc00:16:3843:2d40:93a1
2602:803:c004:200::140
2606:4700:10::6816:3556
2606:4700:20::681a:b19
2606:4700:3032::ac43:cb7e
2606:4700::6810:ff3
2606:4700::6811:180e
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2a00:1450:4001:801::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2008
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:82a::2014
2a00:1450:4001:82b::2001
2a00:1450:400c:c07::9d
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:d::d
2a02:26f0:12d:48a::11a6
2a02:26f0:12d::17d9:6a0b
2a02:26f0:3100:795::11a6
2a02:26f0:3500:11::215:14ca
2a02:fa8:8806:16::1370
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:400::282
2a04:4e42:400::714
2a04:4e42:600::485
2a05:d018:d29:3601:4d53:e3a9:9bb3:651
2a06:98c1:3120::3
3.33.220.150
3.75.62.37
34.102.146.192
34.102.163.6
34.111.129.221
34.111.131.239
34.120.107.143
34.254.143.3
34.96.70.87
35.186.193.173
35.190.39.111
35.204.74.118
35.214.193.52
35.244.159.8
37.157.3.20
37.157.4.23
37.252.171.85
46.51.163.206
52.220.229.2
52.41.54.47
52.44.244.58
52.46.151.131
54.185.165.208
54.195.20.254
54.205.93.130
54.209.165.221
54.228.185.250
67.220.226.232
69.173.144.138
69.173.144.165
72.251.241.196
8.2.108.194
85.114.159.93
98.98.134.241
99.84.88.34
006f48312de398356fadb62e8c86fbecef57f0d022756ef0540d9d30474deefb
01fdb6026ae9a8cb8506ea09ff449d47fc5d065e19c225d1150ef89525d87a48
075b4c0629bf7939a0246f27a6c7bf4261d86d5a52f84e2dfa8eea21198dc714
0760fe7582360f8cdec614ab9da3da8650b646907623b330366618b31f9f8db5
098a33c0b1816d65a330a72638964ce895c157b848d0f9394a437e8e3fc296ee
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0caf64bbe8954fe9c2166955ec4e1842b2f0780fb0cbb76ed7d60ea0dc59dddd
0d814ed3f95624259b86207a3197e8c9a443398e10c3b8c6935e04cf1281b61a
0faa22f0acefd48573d0c6966f96522c8c51f71081b46454b422dcdc8e7f6c87
1033868da5acaf84d799decad83c302628d14dc57e779263433ca87c550aa072
109abef3f992efe404986e23fe462ca794cb52b0ec9597d24f3907f86dd19281
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
1286fa6ae80b71f1d063e228e153dee0e32f0baa407af4ce1ef7932256b72712
180d685d2cf07768802e12e8c50abef6f71e38f6b830546c926c7dd9f524da87
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a06b1d0c16ab8546ef110355aef80d5c7f4403b6a134dc7139f7287407ba3a9
1db9ec9ad08b811405f3bbdd65a11035a33fe9198c84a92f31a9cde6808e1f98
1e1f9688fe80d6b78009ca6bfcee7dfd93431f450f7e43ddd1ee3288cb0014b8
1e3d46ae3c13946f3431930e61c210d67b8605add543a6635e4aadb197411443
1e8b15b871cbe15d5dfaffc376b8dec1837f171bb451f960b378396bad9fc601
1fe3cbd3a0a75dbc39d33dfbf7548779fad190189ca7bbd8867233349d78f24b
20235ab2ff67b3d7408fc8b0ab29b3573a7f6ee40b5c3a95562e75f1485af601
2291dcfb7561d193527a814c23a311fba01d006119426715cd38fe3f1b654609
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719
264dfa80472fdd83ee9e97974728469877af782bffec3009db5ed2470be8bc42
26fc52c3b08aeb46d9e6d05b64889fca0edd84517ed242ef4caf0c408a7b9141
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b9665707d2316ce6791c07e0d38116bfc14f98491d624e3fd5750c29f4277fa
2d89270e19b76a700b610dcc3a59954f5256bf0db238973b5409cf9f42705eac
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
316f95a8e3c8f0c178f920949ed035397e50d2ac04d2589c1a84ecdcfadfaf5d
34a9d663fa21b7882396b3f6e2f88b902291da2ac8d5910e49b46938f1a92a7f
35026e6d3d5278e8f572b8138a619ae9c37aa630fb411ead9199685b97435e6f
361c0d27d0df2509db9f8b32232918949a5b0fd23b696dd33c8a67539dff7fa5
393230e0118e25844e516559ed9e60cee02b1b3049b2fcd44db44a3ced7e6907
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3cc9e1e5f6d6001d31be48d15dcf86820aef7a6ffd2b46f266b8e048a85d2e69
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40a1034eaa4ea8e9a8675a15b8ebb6bc2cf1c1a6a18c80091d544b314f48284d
438fcfd0955ec329b6ec54c4da63ed607fe8b8924993a4f74fdad9bdb13f41d2
455f62ff5cae59f4aa0cc528fdd29029d90f936eee4065e1a28c9164c66ded52
45b72058336e30776196d4e99b4d1fa5ca5e8feb82e431c62580046339b43d73
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b
47fbd79c0812f3224213d4e7a6c9dd6658bde9c400de95664d23e855c9eec803
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f
4ff752324e06cef049f49cbf4d2a0d504e62e15352c06a44a6e131e3ab992411
500ef3226ceb64ecf81d5cbfc6206ae823bd8a84abd573b42f5ad5271fd62ee9
501f3f2b006d154e68a17ed5dd9de04c84210b9c5303946eab87232a21da684c
50f9eb3321713fe39248e398910103635c08d68c5fdf1dffa83c627bbcafd6aa
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56ede843515485268cdb2eb05dd591db6cd62188db25805295d056ce37078e10
5964bd60441e9ad41030288f7ab1c42e6a3ee5c534924763287a8c1595f3b476
5a11a7698898cba7edb4737e2d1d556b10ab052aca9365ef0b462bf78f3c9920
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5f85bf1c0f06f7d2001c671e1055cd03a38b07261b51c971d5f4904590522385
60bde0d59162a6f552ccc30dbf009b15adafbe7dd0a9a7e172f1f1223cbc4a26
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624fcfb3cff1ea68bad06801e24d5e241c7e45858d7185ebab3b94de4f240731
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
68b02e9e0a035ffd79599b19bed758609b991d4c922b7f46dcfa6517ed9c9e36
69618a1494956d7752234a4f1ab8b328372758cbf56f7f3ccfcbddc253d75784
6a25bd1149c741b7beaf0ceccce72ba2a594dff90b71242bfe6b4ac9cd905d83
6ad301297050ee4c4f44829cb0b71c851f98b710f3c832b45b21b64ad9177f83
6ada3ee5a327db68c4bf41e0237a2ac1281ddc3b7481b045f42a598f8c046841
6af8795bcbbac59303187b7d433b91bffe951dfac6be765c3383a804178d793b
6b8199baa87dfd343d3a0bbf4d705c3e6aa5492b0116510767560c10252eedc4
6f2e6676e8ac771791e3bf7c2ec97273bbe40d2013193c6c5d752d439d28a659
70b468102099d4710c3577756be5a0de3f650dc42ac99a39e1e5612bd386ddcf
7188ac20eb2c53f42443f03697e9afb6f2d3034cab150b5c99c54aaa2ba12014
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
73b6fb0b978f8ea0d1b40c1250fa30179e99d36a4dce4381d51e14bd979c9d4b
754c4cf9e7f8d5dfcaf4add60d0abae70c772e4c8c0f69155e37445a5656a4d9
76a9524b85686f781e58191dd1e8f007f89260e55ce18a215b3b8ab24173f5e3
7978460441177b43886d00d794ac6e1f23ceb79e1d701ed0718d0f18ec72beb7
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7c2cdb2e5e76478fd17ba76b8fd25003652b0696fc17a7871403896be0e2f3d6
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
80c6bd0a6ff23a71f72cb8cbef1f71297d777c49e006726b24bc9880ca331ece
8241defb65626705329e2e6e6b19eeeb6738ec84f3eb1be9ac41e429bc2a6564
8265e4e2d0c56544cca08095561aa823acfc3976159d4468c21887356985236a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
847f4070489596cc07dd074e1eade2f31684c5affe739bfe11e55d3a77ca8549
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a24c597cbc3eda52f93a81afb8057c514ed99a8b79bcbfcf28f79196da52e6a
8ac1ca14f9c577606b731b8e32d5c885a157f46448c3cec74f5abdc712e42d5a
8d5c7cdfafe0a455e5e7cd606e7acbefa1e688472011953d3b6288ec560316d0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
936b123c0f4a337c56b077fd7cae0a0a4d58a88e4f4dfc514b4fec1baf2ad8c9
95a9f78175dab8d5985655a5696818f7ca60993c14dd4388b22e4139c7610c73
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
97143bbc448749fc2b5becf22dd4b07939bd10428bd098e04ad215c178809704
972755983c98afbfb107d5b6da02f1eaef49d9bef146531bf655142633effb76
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9bcf66e65c9276354c8addb9b0933243f1bbe6e3defd3653a3e9bce8f775e6ad
9cea4d570f86daa6f6e12419c9f9e94fe4d7e7d4976171ccbcd93ef1215780cc
a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0
a14cb3031b5b4ec993c44a537f1016f4632c76ed441948a1a7007f869f5ce632
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5b16299d0a5df077ced1c539f488357e144dcebe92da1ab311f5ab3496c429d
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a7344e2195cba594b121cc0c4de2c5c2686aa9c42546a83571c165ac903cded8
a783ec3c6ac26287653f9cd32aa7c482b7eb74d2ec99aafd436760a40786244d
a860190d555ea0cfb62af8c9edc92e8447daf5b9c97837f48d99bf4638e0b3d4
ab41cfdce037c0f61ccd28dca33e140833caa31a94c27b52845797c887b7b120
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae89d4cec27f35ed5df6341f227ade0c495bd641d972adb51a1fe50754a693cd
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b47cb26cc6c5b06c2eb05ca33610f6f5081f24f9608c0b92662f7d2b83c3d40f
b4e02b11142a0c1c00a664e4ba05b66a7069b66e7ee50a7f5e9ffd7412a9abb3
b4ed0763299385d25544aa45bdc0d50890c090d816abfb056b17d89e7509e9c2
b875c3331173223018e6f1ec5a0367e87aa2f530cbdab46f3236ad2305c0ade6
b8a6be2cc4a85e865a60627c58b9e1b55e76f137dd4877808bc89aef427de705
b8afd59a03bcb312667b449341fdd15f86861886ef702e46479e76805353e1d3
bad2d6145e7686c901419c66a3874a615901c676868035af01af880ceb61ca26
bcbca507a6ba3edb5a237cecef75c2c146afa40da9e93b4d86a1ccca54d95dac
be45eeffe221ed0b800d06a1291f053ce5ea8838276c8cd65aa1f3c20ec53afe
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c17b34145c5298cd94a9deb17dad2d3099e45103ad3014b0786abce530e12b02
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
c83ea6caa2169021c7c03277ca3f60cc49bf3ecc0b7d9c91ad09a9013fe2d818
c895952f513ee38f2dafa11bc2a0692b28faf8067d5d2efc9a797369c820bb28
c924f19d91489c1b41a0afa0677d21ac63904edc222e967a32c0eed79bd3340a
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb81c42c7de3d86239716c4f897b64af7e06b890f32a1eb40b6c87bff19d844d
ce65d30fa861231afa8e7b836a0db776d4d47773cebf1abc98ab0a3e04545d29
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2cf823ebd1e2d7b0649b99673b599eda7de0e6f83e2ef0d09531576709b0ec8
d43964b3c04dcd0ae6777a5d5303fcaeea833d55eae52b2269c8f0dea887a5d5
d69c318c5a18ce860870df13878596d3d7bb7efd57b77a0f32b5478d1cfe1c52
d7860f086cdfc66e11ba5de52f71c671b537883dfb6a6f0de8a9dfe9f41c88b0
d7c91aff4f6849c4f84d7f088e17e7226001b331ebe15987d26646d9f9b089d9
d8351b1765da032d7e16776800d977b93b78a97e7e6ea84ba926ce0cadb7d650
d920c16b54246e96d7003318332f4b7260da092bdad1c2720cfee879b6894c3d
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
d98f3c146304d61e34da5e04cb32b628c58b401b7c01576d6c47f8f1ca6bea02
dfa04f361b1164fd1507357a56433878b02dbb396042801b2e9c26164f386056
e2dcc31514ac522e9afa01055f8a5da512739c809ad6fafe45cabaff1021a21e
e37dbcfee5733a2bf7373f38c01bf585f11257d7a6b575f93036a940f5527061
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42869601ae87a83476b74dbfb615c3acde329931afc04beea4bd387f3703c7e
e4f4ae405a403a37898641788347e71cbb0ffa29a5777b6ab0cfb9b5cabf26a2
e5ce2e5e3e1a5bffce24c2faee8709451a693f6e945c3e4b9e97cf435fff9f21
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ea8bf757152b639724eb75efbec07c973ecc2c1eee7eb265988e939d2e065b61
eb21d172c20392fcc85472786afcd4d6814991eea434b1bf04527c3719de0f9e
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08994b70b784f24623446e579cc92b6015943a3db60f72acbe946a2cf8eddc1
f0c5b41177fc9061603faf620c6882eaa7221158cddf0f9d1164a9c4262beae0
f19830cfd5f13609c0c6013e53dee9ea7c540cfccc9bb8d454bd1010a30db4fe
f38faad9febeaa4ffa814a63624d6450dc453184f24ca5e89bbb83a50e169a58
f4ceb1d4625c1fb3e590c876b5275112ae98b74f12057fb2ed6942a59c695795
f8c388100eb205ea7ebf10b841e35ad5b78132ce2841f36252ef87d3eaadd734
fd77a3cad927539289590c62656a603a6028917e2edb9e7d2ef716783bcb8289