urlscan.io logo urlscan.io
SecurityTrails logo

www.correiodopovo.com.br Open in urlscan Pro
194.126.175.195  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://lp.correiodopovo.com.br/
Effective URL: https://www.correiodopovo.com.br/
Submission Tags: krdprod
Submission: On May 20 via api from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 105 IPs in 11 countries across 79 domains to perform 752 HTTP transactions. The main IP is 194.126.175.195, located in Amsterdam, Netherlands and belongs to HVC-AS, US. The main domain is www.correiodopovo.com.br.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on July 29th 2020. Valid for: a year.
This is the only time www.correiodopovo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.131.52.32 16509 (AMAZON-02)
1 11 189.16.116.12 4230 (CLARO S.A.)
116 194.126.175.195 29802 (HVC-AS)
4 2a00:1450:400... 15169 (GOOGLE)
10 172.217.23.98 15169 (GOOGLE)
33 2a00:1450:400... 15169 (GOOGLE)
3 2.16.186.113 20940 (AKAMAI-ASN1)
1 1 2a03:2880:f22... 32934 (FACEBOOK)
1 2 2a03:2880:f22... 32934 (FACEBOOK)
1 52.1.252.251 14618 (AMAZON-AES)
11 2606:4700:10:... 13335 (CLOUDFLAR...)
6 184.30.20.54 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a03:2880:f02... 32934 (FACEBOOK)
10 2a00:1450:400... 15169 (GOOGLE)
1 34.207.18.4 14618 (AMAZON-AES)
1 5 99.86.2.82 16509 (AMAZON-02)
3 2620:116:800d... 16509 (AMAZON-02)
9 151.101.13.44 54113 (FASTLY)
9 199.232.137.44 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
55 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
4 35.201.123.184 15169 (GOOGLE)
15 200.198.173.170 7465 (PROCERGS)
1 2600:9000:211... 16509 (AMAZON-02)
13 199.187.193.164 47043 (SMARTADSE...)
2 2a00:1450:400... 15169 (GOOGLE)
1 3.23.208.81 16509 (AMAZON-02)
2 151.101.13.181 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f12... 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:1b:... 54113 (FASTLY)
9 178.250.0.165 44788 (ASN-CRITE...)
9 185.184.10.30 203690 (RTB-HOUSE...)
5 2a00:1450:400... 15169 (GOOGLE)
7 34.102.185.99 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
4 52.28.203.152 16509 (AMAZON-02)
2 5 185.33.221.87 29990 (ASN-APPNEX)
2 143.204.202.97 16509 (AMAZON-02)
1 54.82.20.194 14618 (AMAZON-AES)
1 1 23.37.42.132 16625 (AKAMAI-AS)
2 23.79.143.124 16625 (AKAMAI-AS)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2606:2800:234... 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2600:9000:211... 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
39 2a00:1450:400... 15169 (GOOGLE)
2 141.226.228.48 200478 (TABOOLA-AS)
1 3.232.160.141 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.72 13414 (TWITTER)
1 2600:9000:214... 16509 (AMAZON-02)
1 2 69.173.144.139 26667 (RUBICONPR...)
14 2a00:1450:400... 15169 (GOOGLE)
8 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 130.211.115.4 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
31 2a00:1450:400... 15169 (GOOGLE)
1 52.28.108.245 16509 (AMAZON-02)
11 36 216.58.212.130 15169 (GOOGLE)
2 4 2.18.234.21 16625 (AKAMAI-AS)
2 3 34.98.64.218 15169 (GOOGLE)
1 2 184.31.88.106 16625 (AKAMAI-AS)
1 2600:1f18:612... 14618 (AMAZON-AES)
3 4 185.94.180.126 35220 (SPOTX-AMS)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 2 3.126.56.137 16509 (AMAZON-02)
8 142.250.185.226 15169 (GOOGLE)
3 52.209.126.197 16509 (AMAZON-02)
4 2a02:2638::3 44788 (ASN-CRITE...)
12 213.254.244.21 36062 (DOUBLE-VE...)
4 2600:1901:0:7... 15169 (GOOGLE)
52 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 185.29.132.144 30419 (MEDIAMATH...)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
4 4 18.158.181.33 16509 (AMAZON-02)
2 2 18.194.4.26 16509 (AMAZON-02)
4 4 216.52.2.39 29791 (VOXEL-DOT...)
1 1 213.19.147.45 26120 (RHYTHMONE)
1 1 213.19.147.44 26120 (RHYTHMONE)
1 142.250.184.230 15169 (GOOGLE)
8 2606:4700:303... 13335 (CLOUDFLAR...)
2 4 2001:678:cb4:... 56396 (TURN)
1 1 159.253.128.188 36351 (SOFTLAYER)
1 1 52.222.158.53 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 151.101.114.49 54113 (FASTLY)
1 13.248.242.197 16509 (AMAZON-02)
2 2 37.157.6.253 198622 (ADFORM)
1 1 35.227.252.103 15169 (GOOGLE)
2 2 185.64.189.115 62713 (AS-PUBMATIC)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 18.196.184.242 16509 (AMAZON-02)
1 2607:f8b0:402... 15169 (GOOGLE)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
8 104.111.239.217 16625 (AKAMAI-AS)
12 46.236.13.147 24931 (DEDIPOWER)
8 52.222.149.102 16509 (AMAZON-02)
4 81.29.72.47 24931 (DEDIPOWER)
8 54.217.57.115 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
3 142.250.185.98 15169 (GOOGLE)
752 105
1    3.131.52.32 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-131-52-32.us-east-2.compute.amazonaws.com
lp.correiodopovo.com.br
11    189.16.116.12 (Brazil)

ASN4230 (CLARO S.A., BR)
correiodopovo.com.br
portal.correiodopovo.com.br
116    194.126.175.195 (Amsterdam, Netherlands)

ASN29802 (HVC-AS, US)
PTR: 194-126-175-195.static.hvvc.us
www.correiodopovo.com.br
4    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
33    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
googleads.g.doubleclick.net
adservice.google.com
3    2.16.186.113 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-113.deploy.static.akamaitechnologies.com
ced.sascdn.com
tagmanager.smartadserver.com
1    2a03:2880:f22d:c4:face:b00c:0:43fe (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
platform.instagram.com
2    2a03:2880:f22d:e5:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.instagram.com
1    52.1.252.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-252-251.compute-1.amazonaws.com
wfpscripts.webspectator.com
11    2606:4700:10::6816:5a5 (United States)

ASN13335 (CLOUDFLARENET, US)
v3.denakop.com
6    184.30.20.54 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-54.deploy.static.akamaitechnologies.com
barra.r7.com
cms-media-api.r7.com
snippets.r7.com
img.r7.com
4    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:20::681a:d55 (United States)

ASN13335 (CLOUDFLARENET, US)
plugins.soclminer.com.br
1    2606:4700::6810:bf3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
4    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
10    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    34.207.18.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-207-18-4.compute-1.amazonaws.com
webservices.webspectator.com
5    99.86.2.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-82.fra6.r.cloudfront.net
sb.scorecardresearch.com
3    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
9    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
9    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
c2.taboola.com
nr-events.taboola.com
trc.taboola.com
images.taboola.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
55    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    35.201.123.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.123.201.35.bc.googleusercontent.com
d.tailtarget.com
tags.t.tailtarget.com
15    200.198.173.170 (Pinheiro Machado, Brazil)

ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR)
PTR: wiesbaden.procergs.com.br
vacina.saude.rs.gov.br
1    2600:9000:211e:6a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
13    199.187.193.164 (Canada)

ASN47043 (SMARTADSERVER, CA)
www5.smartadserver.com
2    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    3.23.208.81 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-23-208-81.us-east-2.compute.amazonaws.com
receiver.posclick.dinamize.com
2    151.101.13.181 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
widget.perfectmarket.com
3    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
adservice.google.dk
3    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
9    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
9    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
prebid-us.creativecdn.com
5    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
7    34.102.185.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.185.102.34.bc.googleusercontent.com
d.t.tailtarget.com
tt-9964-3.seg.t.tailtarget.com
b.t.tailtarget.com
cm.t.tailtarget.com
t.tailtarget.com
3    2a00:1450:4001:828::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
13    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
4    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
5    185.33.221.87 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    143.204.202.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-97.fra53.r.cloudfront.net
stg.truvidplayer.com
1    54.82.20.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-20-194.compute-1.amazonaws.com
paywall.correiodopovo.com.br
1    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2a02:26f0:6c00::210:ba0b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ced-ns.sascdn.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
4    2a02:26f0:6c00::210:ba29 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
creatives.sascdn.com
1    2600:9000:211e:9800:3:7e1c:5b40:93a1 (United States)

ASN16509 (AMAZON-02, US)
go.trvdp.com
5    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
39    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
1    3.232.160.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-160-141.compute-1.amazonaws.com
digital2.correiodopovo.com.br
1    2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
8    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:80f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2600:9000:214f:2a00:d:3c0f:bcc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.trvdp.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
14    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
8    2a02:26f0:6c00:287::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
cdn3.doubleverify.com
1    130.211.115.4 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
data.ad-score.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
31    2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    52.28.108.245 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-108-245.eu-central-1.compute.amazonaws.com
d.agkn.com
36    216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
cm.g.doubleclick.net
4    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
3    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    184.31.88.106 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-88-106.deploy.static.akamaitechnologies.com
sync.teads.tv
1    2600:1f18:612b:4200:28fe:9b27:fbc6:f054 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
4    185.94.180.126 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
8    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
googleads4.g.doubleclick.net
3    52.209.126.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
beacon.krxd.net
4    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
12    213.254.244.21 (United States)

ASN36062 (DOUBLE-VERIFY, US)
rtb2.doubleverify.com
tps20511.doubleverify.com
tps.doubleverify.com
tps20241.doubleverify.com
tps20226.doubleverify.com
4    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
52    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
2    185.29.132.144 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
4    18.158.181.33 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    18.194.4.26 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
a.sportradarserving.com
4    216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
1    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.targeting.unrulymedia.com
1    142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
ad.doubleclick.net
8    2606:4700:3032::6815:57ae (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
ad4mat.net
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
r.turn.com
1    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
1    52.222.158.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-53.cdg52.r.cloudfront.net
s.ad.smaato.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ius.ctnsnet.com
1    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
2    37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rtb.openx.net
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2a02:fa8:8806:13::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    18.196.184.242 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
1    2607:f8b0:4023:402::78 (Sewanee, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
8    2606:4700:10::6816:325d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.datatables.net
2    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
8    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
12    46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
8    52.222.149.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-102.cdg52.r.cloudfront.net
analytics.webgains.io
analytics-wg.webgains.io
4    81.29.72.47 (Croydon, United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 81-29-72-47.servers.dedipower.net
diapi.webgains.com
8    54.217.57.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
api.webgains.io
8    2a00:1450:4001:809::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
w-it.m-t.io
3    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
130 correiodopovo.com.br
lp.correiodopovo.com.br
correiodopovo.com.br
www.correiodopovo.com.br
portal.correiodopovo.com.br
paywall.correiodopovo.com.br
digital2.correiodopovo.com.br
1 MB
106 googlesyndication.com
pagead2.googlesyndication.com
245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
1 MB
72 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
static.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
ad.doubleclick.net
317 KB
52 ad4m.at
ad4m.at
as.ad4m.at
assets.ad4m.at
1 MB
31 2mdn.net
s0.2mdn.net
707 KB
30 google.com
apis.google.com
adservice.google.com
accounts.google.com
www.google.com
233 KB
20 doubleverify.com
cdn.doubleverify.com
cdn3.doubleverify.com
rtb2.doubleverify.com
tps20511.doubleverify.com
tps.doubleverify.com
tps20241.doubleverify.com
tps20226.doubleverify.com
215 KB
20 taboola.com
cdn.taboola.com
c2.taboola.com
nr-events.taboola.com
trc.taboola.com
trc-events.taboola.com
images.taboola.com
259 KB
18 youtube.com
www.youtube.com
825 KB
17 googletagservices.com
www.googletagservices.com
507 KB
17 gstatic.com
fonts.gstatic.com
ssl.gstatic.com
www.gstatic.com
csi.gstatic.com
183 KB
16 webgains.io
analytics.webgains.io
api.webgains.io
analytics-wg.webgains.io
420 KB
16 webgains.com
track.webgains.com
diapi.webgains.com
394 KB
15 saude.rs.gov.br
vacina.saude.rs.gov.br
1 MB
15 smartadserver.com
tagmanager.smartadserver.com
www5.smartadserver.com
228 KB
12 ad4mat.net
prod-rtb.ad4mat.net
static-de.ad4mat.net
ad4mat.net
19 KB
11 tailtarget.com
d.tailtarget.com
d.t.tailtarget.com
tags.t.tailtarget.com
tt-9964-3.seg.t.tailtarget.com
b.t.tailtarget.com
cm.t.tailtarget.com
t.tailtarget.com
38 KB
11 denakop.com
v3.denakop.com
75 KB
10 criteo.com
bidder.criteo.com
gum.criteo.com
1 KB
9 creativecdn.com
prebid-us.creativecdn.com
2 KB
8 m-t.io
w-it.m-t.io
861 B
8 awin1.com
www.awin1.com
6 KB
8 datatables.net
cdn.datatables.net
24 KB
7 yahoo.com
c2shb.ssp.yahoo.com
ads.yahoo.com
ups.analytics.yahoo.com
4 KB
7 google.de
adservice.google.de
www.google.de
925 B
6 googleadservices.com
partner.googleadservices.com
726 B
6 googletagmanager.com
www.googletagmanager.com
249 KB
6 r7.com
barra.r7.com
cms-media-api.r7.com
snippets.r7.com
img.r7.com
27 KB
6 sascdn.com
ced.sascdn.com
ced-ns.sascdn.com
creatives.sascdn.com
184 KB
5 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
11 KB
5 adnxs.com
ib.adnxs.com
6 KB
5 scorecardresearch.com
sb.scorecardresearch.com
3 KB
5 googleapis.com
fonts.googleapis.com
4 KB
4 cloudflare.com
cdnjs.cloudflare.com
680 KB
4 turn.com
ad.turn.com
r.turn.com
2 KB
4 lijit.com
ap.lijit.com
3 KB
4 bidswitch.net
x.bidswitch.net
2 KB
4 criteo.net
static.criteo.net
103 KB
4 spotxchange.com
sync.search.spotxchange.com
2 KB
4 openx.net
us-u.openx.net
rtb.openx.net
1 KB
4 casalemedia.com
dsum-sec.casalemedia.com
4 KB
4 google-analytics.com
www.google-analytics.com
19 KB
4 facebook.com
www.facebook.com
407 B
4 facebook.net
connect.facebook.net
162 KB
3 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
2 KB
3 krxd.net
beacon.krxd.net
1 KB
3 twitter.com
platform.twitter.com
syndication.twitter.com
132 KB
3 quantserve.com
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
10 KB
3 instagram.com
platform.instagram.com
www.instagram.com
5 KB
2 3lift.com
eb2.3lift.com
940 B
2 pubmatic.com
image6.pubmatic.com
1 KB
2 adform.net
c1.adform.net
1 KB
2 sportradarserving.com
a.sportradarserving.com
1 KB
2 mathtag.com
sync.mathtag.com
1 KB
2 teads.tv
sync.teads.tv
415 B
2 trvdp.com
go.trvdp.com
s.trvdp.com
141 KB
2 truvidplayer.com
stg.truvidplayer.com
5 KB
2 jsdelivr.net
cdn.jsdelivr.net
6 KB
2 perfectmarket.com
widget.perfectmarket.com
32 KB
2 webspectator.com
wfpscripts.webspectator.com
webservices.webspectator.com
3 KB
1 dotomi.com
dclk-match.dotomi.com
104 B
1 adsrvr.org
match.adsrvr.org
265 B
1 everesttech.net
sync-tm.everesttech.net
538 B
1 ctnsnet.com
ius.ctnsnet.com
491 B
1 smaato.net
s.ad.smaato.net
430 B
1 simpli.fi
um.simpli.fi
712 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
582 B
1 1rx.io
sync.1rx.io
697 B
1 tremorhub.com
partners.tremorhub.com
183 B
1 agkn.com
d.agkn.com
660 B
1 ad-score.com
data.ad-score.com
733 B
1 ytimg.com
i.ytimg.com
58 KB
1 ggpht.com
yt3.ggpht.com
2 KB
1 google.dk
adservice.google.dk
799 B
1 dinamize.com
receiver.posclick.dinamize.com
24 KB
1 quantcount.com
rules.quantcount.com
427 B
1 navdmp.com
tag.navdmp.com
3 KB
1 soclminer.com.br
plugins.soclminer.com.br
32 KB
0 netmng.com Failed
google2waycm.netmng.com Failed
752 79
Domain Requested by
116 www.correiodopovo.com.br www.correiodopovo.com.br
59 pagead2.googlesyndication.com www.correiodopovo.com.br
pagead2.googlesyndication.com
ced-ns.sascdn.com
245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
ad.doubleclick.net
www.googletagservices.com
39 tpc.googlesyndication.com securepubads.g.doubleclick.net
245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
ad.doubleclick.net
pagead2.googlesyndication.com
36 cm.g.doubleclick.net 11 redirects googleads.g.doubleclick.net
www.correiodopovo.com.br
31 s0.2mdn.net www.correiodopovo.com.br
s0.2mdn.net
245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
googleads.g.doubleclick.net
24 assets.ad4m.at as.ad4m.at
21 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
www.youtube.com
245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
www.correiodopovo.com.br
20 ad4m.at googleads.g.doubleclick.net
ad4m.at
18 www.youtube.com www.correiodopovo.com.br
www.youtube.com
apis.google.com
17 www.googletagservices.com pagead2.googlesyndication.com
245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
googleads.g.doubleclick.net
cdn.doubleverify.com
www.googletagservices.com
15 vacina.saude.rs.gov.br www.correiodopovo.com.br
vacina.saude.rs.gov.br
13 www5.smartadserver.com ced.sascdn.com
www.correiodopovo.com.br
12 track.webgains.com as.ad4m.at
track.webgains.com
analytics.webgains.io
11 v3.denakop.com www.correiodopovo.com.br
v3.denakop.com
10 www.google.com www.correiodopovo.com.br
www.youtube.com
245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
10 apis.google.com www.correiodopovo.com.br
apis.google.com
accounts.google.com
www.youtube.com
10 portal.correiodopovo.com.br www.correiodopovo.com.br
9 prebid-us.creativecdn.com tagmanager.smartadserver.com
v3.denakop.com
9 bidder.criteo.com tagmanager.smartadserver.com
v3.denakop.com
9 cdn.taboola.com www.correiodopovo.com.br
cdn.taboola.com
8 w-it.m-t.io analytics-wg.webgains.io
8 api.webgains.io analytics.webgains.io
8 www.awin1.com as.ad4m.at
8 as.ad4m.at ad4m.at
as.ad4m.at
8 cdn.datatables.net vacina.saude.rs.gov.br
8 googleads4.g.doubleclick.net www.correiodopovo.com.br
ad.doubleclick.net
8 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
7 cdn.doubleverify.com 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
cdn.doubleverify.com
www.correiodopovo.com.br
ad.doubleclick.net
7 ssl.gstatic.com accounts.google.com
www.correiodopovo.com.br
7 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 adservice.google.de pagead2.googlesyndication.com
6 partner.googleadservices.com pagead2.googlesyndication.com
6 www.googletagmanager.com www.correiodopovo.com.br
www.googletagmanager.com
paywall.correiodopovo.com.br
vacina.saude.rs.gov.br
tags.t.tailtarget.com
5 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 ib.adnxs.com 2 redirects v3.denakop.com
googleads.g.doubleclick.net
5 sb.scorecardresearch.com 1 redirects wfpscripts.webspectator.com
www.correiodopovo.com.br
5 fonts.googleapis.com www.correiodopovo.com.br
vacina.saude.rs.gov.br
4 analytics-wg.webgains.io analytics.webgains.io
4 diapi.webgains.com track.webgains.com
4 analytics.webgains.io track.webgains.com
4 cdnjs.cloudflare.com vacina.saude.rs.gov.br
4 ad4mat.net ad4m.at
4 static-de.ad4mat.net ad4m.at
4 ap.lijit.com 4 redirects
4 x.bidswitch.net 4 redirects
4 prod-rtb.ad4mat.net www.correiodopovo.com.br
4 static.criteo.net v3.denakop.com
static.criteo.net
tagmanager.smartadserver.com
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 images.taboola.com www.correiodopovo.com.br
4 creatives.sascdn.com www.correiodopovo.com.br
4 c2shb.ssp.yahoo.com v3.denakop.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 www.facebook.com www.correiodopovo.com.br
connect.facebook.net
4 connect.facebook.net www.correiodopovo.com.br
connect.facebook.net
4 securepubads.g.doubleclick.net www.correiodopovo.com.br
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
3 ade.googlesyndication.com
3 tps20226.doubleverify.com cdn.doubleverify.com
3 tps20241.doubleverify.com cdn.doubleverify.com
3 tps20511.doubleverify.com 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
www.correiodopovo.com.br
3 beacon.krxd.net 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
www.correiodopovo.com.br
3 us-u.openx.net 2 redirects googleads.g.doubleclick.net
3 accounts.google.com apis.google.com
ssl.gstatic.com
3 d.tailtarget.com v3.denakop.com
www.correiodopovo.com.br
d.tailtarget.com
3 barra.r7.com www.correiodopovo.com.br
2 b.t.tailtarget.com d.tailtarget.com
2 tt-9964-3.seg.t.tailtarget.com d.tailtarget.com
2 tps.doubleverify.com cdn.doubleverify.com
2 eb2.3lift.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 c1.adform.net 2 redirects
2 r.turn.com googleads.g.doubleclick.net
2 ad.turn.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 a.tribalfusion.com 1 redirects googleads.g.doubleclick.net
2 sync.mathtag.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 trc-events.taboola.com www.correiodopovo.com.br
2 trc.taboola.com cdn.taboola.com
2 platform.twitter.com www.correiodopovo.com.br
platform.twitter.com
2 eus.rubiconproject.com www5.smartadserver.com
eus.rubiconproject.com
2 stg.truvidplayer.com www.correiodopovo.com.br
go.trvdp.com
2 nr-events.taboola.com c2.taboola.com
www.correiodopovo.com.br
2 cdn.jsdelivr.net tagmanager.smartadserver.com
vacina.saude.rs.gov.br
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 www.instagram.com 1 redirects www.correiodopovo.com.br
2 tagmanager.smartadserver.com www.correiodopovo.com.br
tagmanager.smartadserver.com
1 t.tailtarget.com
1 cm.t.tailtarget.com
1 gum.criteo.com static.criteo.net
1 csi.gstatic.com securepubads.g.doubleclick.net
1 dclk-match.dotomi.com googleads.g.doubleclick.net
1 cms.quantserve.com googleads.g.doubleclick.net
1 rtb.openx.net 1 redirects
1 match.adsrvr.org googleads.g.doubleclick.net
1 sync-tm.everesttech.net 1 redirects
1 ius.ctnsnet.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 um.simpli.fi 1 redirects
1 ad.doubleclick.net www.googletagservices.com
1 sync.targeting.unrulymedia.com 1 redirects
1 sync.1rx.io 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 s.tribalfusion.com googleads.g.doubleclick.net
1 rtb2.doubleverify.com cdn.doubleverify.com
1 cdn3.doubleverify.com cdn.doubleverify.com
1 ads.yahoo.com googleads.g.doubleclick.net
1 partners.tremorhub.com googleads.g.doubleclick.net
1 d.agkn.com 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
1 www.gstatic.com www.youtube.com
1 data.ad-score.com s.trvdp.com
1 token.rubiconproject.com eus.rubiconproject.com
1 s.trvdp.com go.trvdp.com
1 syndication.twitter.com platform.twitter.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 www.google.de www.correiodopovo.com.br
1 stats.g.doubleclick.net www.google-analytics.com
1 digital2.correiodopovo.com.br portal.correiodopovo.com.br
1 adservice.google.dk securepubads.g.doubleclick.net
1 img.r7.com www.correiodopovo.com.br
1 go.trvdp.com stg.truvidplayer.com
1 snippets.r7.com barra.r7.com
1 tags.t.tailtarget.com www.correiodopovo.com.br
1 ced-ns.sascdn.com www5.smartadserver.com
1 secure-assets.rubiconproject.com 1 redirects
1 paywall.correiodopovo.com.br www.correiodopovo.com.br
1 d.t.tailtarget.com d.tailtarget.com
1 pixel.quantserve.com www.correiodopovo.com.br
1 receiver.posclick.dinamize.com www.googletagmanager.com
1 rules.quantcount.com secure.quantserve.com
1 cms-media-api.r7.com barra.r7.com
1 c2.taboola.com www.correiodopovo.com.br
1 secure.quantserve.com wfpscripts.webspectator.com
1 webservices.webspectator.com wfpscripts.webspectator.com
1 tag.navdmp.com www.correiodopovo.com.br
1 plugins.soclminer.com.br www.correiodopovo.com.br
1 wfpscripts.webspectator.com www.correiodopovo.com.br
1 platform.instagram.com 1 redirects
1 ced.sascdn.com www.correiodopovo.com.br
1 correiodopovo.com.br 1 redirects
1 lp.correiodopovo.com.br 1 redirects
0 google2waycm.netmng.com Failed googleads.g.doubleclick.net
752 145
Subject Issuer Validity Valid
*.correiodopovo.com.br
Go Daddy Secure Certificate Authority - G2		 2020-07-29 -
2021-07-29		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.sascdn.com
DigiCert Secure Site ECC CA-1		 2020-10-14 -
2021-11-11		 a year crt.sh
*.smartadserver.com
DigiCert Secure Site ECC CA-1		 2020-10-14 -
2021-11-11		 a year crt.sh
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA		 2021-05-02 -
2021-07-31		 3 months crt.sh
*.webspectator.com
Go Daddy Secure Certificate Authority - G2		 2020-05-12 -
2021-07-11		 a year crt.sh
denakop.com
Cloudflare Inc ECC CA-3		 2021-01-14 -
2022-01-13		 a year crt.sh
*.r7.com
DigiCert SHA2 Secure Server CA		 2021-02-26 -
2022-03-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-18 -
2021-07-18		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-30 -
2021-05-30		 a year crt.sh
*.saude.rs.gov.br
AlphaSSL CA - SHA256 - G2		 2020-11-12 -
2021-12-14		 a year crt.sh
receiver.posclick.dinamize.com
R3		 2021-05-13 -
2021-08-11		 3 months crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-05-18 -
2022-03-26		 10 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
accounts.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-18 -
2021-09-08		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.truvidplayer.com
Amazon		 2021-02-17 -
2022-03-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
*.trvdp.com
Amazon		 2020-10-23 -
2021-11-22		 a year crt.sh
*.google.dk
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-01-10 -
2022-01-17		 a year crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2020-09-02 -
2021-10-04		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
teads.tv
R3		 2021-05-04 -
2021-08-02		 3 months crt.sh
*.tremorhub.com
Amazon		 2020-07-25 -
2021-08-25		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-11 -
2021-06-30		 2 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.ad4mat.net
AlphaSSL CA - SHA256 - G2		 2019-08-06 -
2021-09-08		 2 years crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-31 -
2022-03-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.gstatic.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
www.awin1.com
DigiCert Secure Site ECC CA-1		 2020-04-21 -
2021-07-21		 a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2019-05-20 -
2021-06-08		 2 years crt.sh
*.webgains.io
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
w-it.m-t.io
GTS CA 1D4		 2021-04-09 -
2021-07-09		 3 months crt.sh

This page contains 77 frames:

Primary Page: https://www.correiodopovo.com.br/
Frame ID: ECFC500A36E7A9C2DC89770115B46EDA
Requests: 303 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html
Frame ID: 2C4E9C6FE2563710FE66C012C7D97BA6
Requests: 1 HTTP requests in this frame

Frame: https://d.tailtarget.com/profiles.js
Frame ID: 63D935FD9DFB6425CF1ABAD63E0D7A50
Requests: 2 HTTP requests in this frame

Frame: https://vacina.saude.rs.gov.br/
Frame ID: D6C412C17DAA536C001A3F56CB91B5CC
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488053582622085&output=html&adk=1812271804&adf=3025194257&lmt=1621516772&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A134217856%2C9%3A134250632%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516772018&bpp=5&bdt=518&idt=309&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2101811417430&frm=20&pv=2&ga_vid=1256743437.1621516772&ga_sid=1621516772&ga_hid=1177652325&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066434%2C21065724%2C31060840&oid=3&pvsid=1397360267801707&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=331
Frame ID: 0B4486048F217C603131AF4F1E11F931
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Frame ID: 395BC79B42490F4BDD903B4F281ADF5D
Requests: 4 HTTP requests in this frame

Frame: https://portal.correiodopovo.com.br/includes/input/capajornal.aspx
Frame ID: 8B4748982486F54FCDF144AC82A24A5B
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Frame ID: A0AACA82E440EF6E109390E865507287
Requests: 3 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Frame ID: 6067B3607B4F3570DA586516EBBEDED1
Requests: 5 HTTP requests in this frame

Frame: https://www.youtube.com/embed/uozZOzXSBi4?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Frame ID: FE17DEE48048DD532264A549075445B2
Requests: 17 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.correiodopovo.com.br
Frame ID: 31D4FAF3D1E3B4089857B78C9C50138F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: F383BC5F49366F9B8D6D5AD1364E05B1
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 475A510FAA374C3C75F3B3D8DAA01A4E
Requests: 9 HTTP requests in this frame

Frame: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6DD061AC496D9C9AB6E6E2CF4563D80A
Requests: 16 HTTP requests in this frame

Frame: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5D4B620DF7B8B91CBA708E3EA1C2055D
Requests: 15 HTTP requests in this frame

Frame: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 999D3B06AE2E8A0338FBD64CAB38E90B
Requests: 16 HTTP requests in this frame

Frame: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5BD74A99C2EA7C87658EEBCCD2555917
Requests: 31 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: E2881820A61F82058AB96A9BB1335853
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382142&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773664&bpp=22&bdt=110&idt=428&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=2&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=1436711205&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5980&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&oid=3&pvsid=2379931329817778&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2u1af1lkdq99&btvi=1&fsb=1&dtd=446
Frame ID: A65E1E98485E21894A4F9761A23DE9A9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: A35692E934F6E82A37C237AE14DD4EB0
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 0E6692FB70F5856326F4F1052962C755
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 5292FA5D0A5326B1F397C3FB50CCF9F4
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvS4AEQho6NjgIY4pbBogEwAQ&v=APEucNXFk-BsKnIefE2dmae40JBtvmLthCVWFDN0oCTp5FU_lVR4o7Y-jDEdpRdVdLMtvYTckHop526OIjaHzOeLVx81IXv7uGIjBvkBvkScV3ILG9If2FeZAnihdSGPAZFkXXxzYcu61v3Y6TVgkYuEuMOhIbbcjDQgw_qgk2eQS7YEYFZwEBfbRx03sWoMTh9ZT0V7COtnK6tFjj022CJmHfk8yshcpBrJ84wEfA23j2g0bg0w6wY
Frame ID: DF078115E063BBD0D6C4F921352A8010
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRC89b-RAhiDr8meATAB&v=APEucNUmqFkm5WwT9VzAr-Nxx99J5TeHi9c5caII90310lDa6Ge6OgfKxyALwns6rZFSdBq4AjI75UTc2jqnejCCRnzUZhwhJLZkMmlGY0alo5jIi02v0rmUj9kfWqO6fbz1O47IGypuZ__aL0tnpcnrSd5BBtEUOxMkqVRCkRLveR-mqU82K9hucYk9XMZStyL_eY2nntZOy-3lM657TJoE-y7L38SpwOUPILtHQIEnGKcdunwSb-0
Frame ID: BE8458DE0DB813487123567B1D312563
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvS4AEQho6NjgIY4pbBogEwAQ&v=APEucNVpPmM8ermDJ36DmoOI-W6TFx-ie4HvE389OWqHfzgDCMH0taCvEjZf3AWSI3zFLwmc7n46pr3F6gtJX7Ieldylpp0CcIWLFCpHyAGfm8dJqtyT6EiVetkHhxKQp9VUXxbpdT---_qLiHq52Vv7N9ZyuYwH9XpIoYKHJbKhWAJuGAETintM42J4Hdu2NNSweUsZxKAfWz98zR_vHaBlaJMIm_TTC_82R1gooTzPJghVDFkReEY
Frame ID: F1F8705195A1F70D831C84A4ED03040D
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvS4AEQho6NjgIY4pbBogEwAQ&v=APEucNWSMba3Pzb6Ww4p2PoNyQ5fPCVYwkLnu9OJ5qqbXfYdCVJYzuQxmXcxyLwvzmnVC2y14UNP1UOWqiC3M6GmYzLWck-w6VXFDkIwf689hhkAdEUp9u4FHfnqMNNnA4ruTfm3Q-2yRLiN6Z3y-hU-5RRxQUOTgOjIaglP7hznbbNGsmbi1tvMPiRfz6kpplonT3HdIVvfsNG1o7E4KQK9W6SLh6oQBPECeqe9nRtq6B2Sja-JGl4
Frame ID: 594612C7D6A5F410D49349F633B96C4F
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773990&bpp=5&bdt=301&idt=305&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=668725599&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=8222&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=969987549450629&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8kpldhbyp60g&btvi=1&fsb=1&dtd=323
Frame ID: 50A50ABD102B6419CA72034646F0BB69
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381805&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774232&bpp=4&bdt=111&idt=316&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&rume=1&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=1844063362&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8764&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=31060945%2C21066613%2C21066615&oid=3&pvsid=4495768851889684&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d3y0sc9dpyeu&btvi=1&fsb=1&dtd=335
Frame ID: CBE82EDCC56FA75FCC4F34875D5749C8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382086&pi=t.ma~as.9839216272&w=336&fwrn=3&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774225&bpp=5&bdt=110&idt=396&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=592089535&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=9272&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=182982000%2C31060840&oid=3&pvsid=2977816920370423&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.us4h5ogp8qus&btvi=1&fsb=1&dtd=413
Frame ID: 4CD9D0AC29816475BEAE799C17389EE7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381804&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774452&bpp=4&bdt=250&idt=230&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=520796976&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8454&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&oid=3&pvsid=2169756935432292&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.eyh0xjq9j56y&btvi=1&fsb=1&dtd=248
Frame ID: 78754E916DE98D6553E60C6BC89A8E4F
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Frame ID: F62AC33BDC1C2D978121AFDB158C9F2A
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AEFC22105329AF1FD18B83812DA4150C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
Frame ID: 049B2C030C8E2AFDFC67307795B8773D
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
Frame ID: 62381A3D05FB35FB08D1BFD04E3F4670
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
Frame ID: DE8D4E9FFF83E8A2F494FB20866E0FD8
Requests: 8 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 753B7330882C038DA8EB8DD6585F9233
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 8415C3258E44B9AC2E6C3F02ECC4459C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C5EbR5mGmYPPCC4iGtOUPv-uywA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQJjF3Zm5HK0PqgDAaoEvAFP0P4y2WixZpLycRONCiuaOVO9ZF6bUHSKKmYoNuZ82jfl6eL4sJ4QHD8XxVpQlgRJLuES7FaK-GrDvV2QbOcChtrVOaAeYyN7yb9xMZt4TadiCtE5lyo0o6O9RS8vMRcafqtryLVRq_maO8aXIqRsqzoJ7RzE2Ja5lRdVW_LM5eLb-ppNbBm-qPRrBkHxO-LItan26dMmNEGjyFsY6vmAuMJ_Hh1CDP5b98nH5sI31SwOzZ2nExrixXAZC4AG_pSpkqePyfj-AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTYzNzk4NTQ0MjA4NTE0NzY&sigh=hUdvtkvuB6I
Frame ID: B2BA006F1AD6AA6C5AD3FD8657C41B2B
Requests: 7 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1j66kbq3sp1qqr27hdwvtpr49qr3dyzfd561qgws14458w38xbp73snzp21qbcj1a8752zf4qpfjmbntdtshgxpt534sakvk2tdf4tyk8rj8m869mpwbw33q0chs35ranwt7f7m249hggewp80rvw92fqbcxvbjy1b42z13vas0az2dew3bf99jssrqjhv4t5mgna9dz2wa514tzbrn3xgyfxavevyhv3kggyfqqaemz0gndnw5db29pw757c0n9sr4xrjr2v1pdp803keqg5s9cp1mk31ykma16baygk39cdrvqma1r3zd8bemht0h97cs4z5cjqd9303q4aggvnfb3wx4q7p7wtstjw23cktyxhscxnbrr102c7tz9c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxNj65mGmYPPCC4iGtOUPv-uywA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQJjF3Zm5HK0PqgDAaoEvwFP0P4y2WixZpLycRONCiuaOVO9ZF6bUHSKKmYoNuZ82jfl6eL4sJ4QHD8XxVpQlgRJLuES7FaK-GrDvV2QbOcChtrVOaAeYyN7yb9xMZt4TadiCtE5lyo0o6O9RS8vMRcafqtryLVRq_maO8aXIqRsqzoJ7RzE2Ja5lRdVW_LM5eLb-ppNbBm-qPRrBkHxO-LItan26dMmNEGjyFsY6vmAuMJ_Hh1CDP5b94vF61DgAKtOBRrvhcCrV4IgH8GxTYAG_pSpkqePyfj-AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2zktj6AU9cqelDL4Q4MQ5TtAqLbg%26client%3Dca-pub-6379854420851476%26adurl%3D
Frame ID: 5085732E3E021A30EB1634DA4DFFF63E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BA88DE027C02069F0FEB569AC121FB20
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8F592E24228BEA56D8752B2B6CFA0545
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A25E57AB087B82942685FD6A8E952DF5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F4D5C6CDA16B2500FFF3A95D4E7883A5
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CSGeX5mGmYL-HNs2EtOUPvIOfiAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEuwFP0IAVUpdSStN0u57dok3z_DpcWcHmcVeNy4PXj4PfwcEAXP4RLPZjFZEo4QlVhXvitHPHCG7I4j620Ycubv5d95pYqtjWdq0prQ_9bQNcPZ-BID01CoXCd9_xaTlCgLVJM17SnF_Ctm8kO3wyQB--xaoZL0EjszZySso1QGMhh3xhNjRuWipxUgp8PxvutC7OrPU_IK4Soqy_FgE-jdD0YioMRAq3R7I1X6R5pyND48OmJsRITTth7hs2gAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItNjM3OTg1NDQyMDg1MTQ3Ng&sigh=dhlG2AIspOw
Frame ID: 00EED664A8BB31F9F43DEE622D4932E6
Requests: 6 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1kk4fc0zpvw490v1stypcqcs28czy5fj0tytwqk016ps1bt9xj2wye12qxasf4g9bzba6ps6twh95fb91nyckpcppfjwx7dksj30tj3qe8mt64rrhnd0rpxga4n8v26rzffszrzjxbb669ne7kk28f3fr8p48vtawczwh6g5x6mvt8agv5sxn0c66kecgwmn5scjtbhbfmy28qq5ka556zn0vvzwecq3gb54m4v6tjd7ywxp4c6kweqrn8w2whbvgsspnhz6dfa3gtpp4jnea6kaccjnsq2nd9nq2gvvgdajd7b1nbrexj6kjp9vnd6ed2rk5we1j9ewferqja7sxdr5ftd3z03tz2xg6e62jd6ngx22kw5kxrmy74qg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4chQ5mGmYL-HNs2EtOUPvIOfiAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvgFP0IAVUpdSStN0u57dok3z_DpcWcHmcVeNy4PXj4PfwcEAXP4RLPZjFZEo4QlVhXvitHPHCG7I4j620Ycubv5d95pYqtjWdq0prQ_9bQNcPZ-BID01CoXCd9_xaTlCgLVJM17SnF_Ctm8kO3wyQB--xaoZL0EjszZySso1QGMhh3xhNjRuWipxUgp8PxvutC7OrPU_IK4Soqy_FgE-jdD0YioMRAq3R7I1HaZ0NfSWZINuoYzel3LzHCIiQBjggAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Zv8ZUxyDHVORaI7AdRE4DVgwFtg%26client%3Dca-pub-6379854420851476%26adurl%3D
Frame ID: 0D12C92E927C6BFFE405D94B666A0132
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 45F3CC6DFCAC9A3D1CA1798A6D81D618
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=COCC65mGmYMzsOZujtOUP4fyo0AuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQIDADSgYm-0PqgDAaoEvAFP0NS5UdPWu_mciUDJiYGtYRubJmAeNGzAYCOzluAICYQPvtVGosl6Pu4qASyBTluWW7GGExblpaCyw7u_fAHv3Zl2x0MqcwpUYxAUTE3k6onPHK7T3PMsvmZBA01peVzoSgc1pL5V9hFISi8MTK8ducxDc4jnwkMySp1H5FpiVENi_s1_zJYzFY-edUXuj5jwbiqu3Y24K7Rrm1GwahdnF20HT-N6qkn7Lx24O4Oq-cBhTYw9U2ISe-qjW4AG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTYzNzk4NTQ0MjA4NTE0NzY&sigh=L_FDERKIpdk
Frame ID: 464A78479276B4EC7EECE30BAF231B51
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1kkekt6jwyskzhnk3vnh93x0jrwghw8pwzyzgr027sfrk5ysbv4ejz70hkvwnxmt1e2abwsda40g6gh01zhjf0y4g7gvjx7ndt2vvqmrgbwj2g5gtgj7xtfez70cw9d67mberq28wm9yhb4m2s1gcs4g7vq5r9n30h98ghjpp1z3awymkpddc3xzdx0e4j1jvkfhq5s6yvv6ss2wn7grgjsqvq2sn442bbxsx2hvvqxz0v75pv6b7frvhm8bk182z8h0rxq7y5f90103r42v6zbpt84yrj2bdq2416p3ha317nvktr8bx044xhp16txgarnhdekcbdq4cx99qtw3ykyp9ryk4ck3hm2zhkpjt8k9ny7wz214fr5hjx9va&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtlCA5mGmYMzsOZujtOUP4fyo0AuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQIDADSgYm-0PqgDAaoEvwFP0NS5UdPWu_mciUDJiYGtYRubJmAeNGzAYCOzluAICYQPvtVGosl6Pu4qASyBTluWW7GGExblpaCyw7u_fAHv3Zl2x0MqcwpUYxAUTE3k6onPHK7T3PMsvmZBA01peVzoSgc1pL5V9hFISi8MTK8ducxDc4jnwkMySp1H5FpiVENi_s1_zJYzFY-edUXuj5jwbiqu3Y24K7Rrm1GwahdnF20HT-N6qkn7L1-6NhF9LEchhQt1xbhb6RiaT02ja4AG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0j6_drOS4nyyVgFrlri9a2HwDsZg%26client%3Dca-pub-6379854420851476%26adurl%3D
Frame ID: DB5F01FAD1A7357DF4E518F85D4B5DF8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EC6D6698F19324686FBE667982975653
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C4hVj52GmYKy2BLfVtOUP1cCh2AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvAFP0LxC7iD1UnLZ4o2Y7WHbVbcmHJkSNwSKtsl3qunN5WjctHCAUSlFU1XPLH4aKhn_dmT5Jb3ELrGW6JZZh1NOzML4VrNRWzQ6K7j-tqU0Hs31yboy-HRvDx_fJUGC68UJPnt6memJT8suiLelG-sZmQwMXwmLSvxtn2NafzBEXAuviLO4OBYVY8eOLQs7FXkOIKwf1AyyygpfwjE93FG667D2eMgQSOYR0TLuVkYwZEK4xM5QvFNyjjoeFYAG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTYzNzk4NTQ0MjA4NTE0NzY&sigh=gzMp6PFbW2A
Frame ID: 2F55531981EB1C0B9D63EDD220D8AF7D
Requests: 7 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1gjkg324g3pre3zxrbqr58ph0gpa1jbzycn17v243fv7k28xzsbzerba7q7bdwxn1xq8t5k0e96jzbt5d0wjr0d7h1jk9b79qe1yj81v1ga7tej3wwa0x1pvr0qqsr33mvr9s1nz0fvs87exykgp8405gcxcxs0m26xf2j2dpkf0b0zye8xt065f80cfz9bc6y1k8qh3jb5dgzr8edqpczvgvqf5bzhxrg8j02g7z9dazr6jgdsj6hsh0m201d7yw1zebt33y6g5hqk38vfvawfbsbyrjsrm753rm13ytsevv325tk6fpbyajbsh2n1shbkm8x68sg8c090yem5dcyfe8ydxemcnk7tgn72k6aaty3e51mqpw08png8hy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXSaN52GmYKy2BLfVtOUP1cCh2AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvwFP0LxC7iD1UnLZ4o2Y7WHbVbcmHJkSNwSKtsl3qunN5WjctHCAUSlFU1XPLH4aKhn_dmT5Jb3ELrGW6JZZh1NOzML4VrNRWzQ6K7j-tqU0Hs31yboy-HRvDx_fJUGC68UJPnt6memJT8suiLelG-sZmQwMXwmLSvxtn2NafzBEXAuviLO4OBYVY8eOLQs7FXkOIKwf1AyyygpfwjE93FG667D2eMgQSOYR0XDsW9TnscX4DEkYKok7HMgnAaP5HoAG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2NxUavZpPNivuXHwF1vAXOczsnVg%26client%3Dca-pub-6379854420851476%26adurl%3D
Frame ID: 404550B887D1031C7499EAFEF896EB5C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CD04C22A0EFD09C3D042B7079274218C
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 6EEADFA7636FA60A1BB9C0C5491DAFC5
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 2C6118D988A3E7B52ED229DEC24AA90F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1378.js
Frame ID: A91B3B62FB79AD7277864910C89D4450
Requests: 5 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1378.js
Frame ID: 15953CEE4E96E73B993D611030135BCD
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7B3FBF5E633AB39AEC08B5615C29B455
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: BF4F4C8B1E71BE5DA7CCADB9678DA8EC
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 854BC7076C256EC507837AFFA82D78AF
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: C8C2CA28D6A83A6B6773B645B5B28E62
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: 2A71BBCF39A40F788C61EA17D1DF9452
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: FA21E2E0919CD5544BD83224697ABB84
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 77E61F913B4D17270FE3A5491BA8BD3F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: C6607E9E064312DA49387F3D9C696EE4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 626A3DD364D117CB73ED5CDDF697F64F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 9447B7B3340E66820406C9AB86A6B5C2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A418C24307579256A6CABF177E4F5F5E
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: 2EC182E256B3293BE749F4E3177B14B1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 76AB841F9F09B267613A827BEFF6E36B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E5EBE120E7BEFF98B80A9B5877C3B3AF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 45E8E6F5BEBFB8362F90DDBED4A8FEA9
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.correiodopovo.com.br
Frame ID: 446E8B06DB9DE9DA7402778B0146F2BD
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=_viUHojspWok5ZTAeJwLzxVo05FRbbLa&g=297b0af21663bba4118019f765fad4ee%2F609353721646030279&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20frfpxzy7yvf5q5b4nsm59688v2ckrfctdegxzh6sme9rhak9a8vm4n45pbyw7wj2jy1s6arx00p094560fkr951bqnahbevn5zhd7dfjaqnt8yr5rb00cdgj2271w679z055k61perby0d6y29wv1vtc3kzj40aah34dj8ps0143ry9cpe86hb26qd7xj63y0grgrmw300a0x4z16mmfz67j8r5hkreeh8zp7895ae3paq9qjgzecnqt5n8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4chQ5mGmYL-HNs2EtOUPvIOfiAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvgFP0IAVUpdSStN0u57dok3z_DpcWcHmcVeNy4PXj4PfwcEAXP4RLPZjFZEo4QlVhXvitHPHCG7I4j620Ycubv5d95pYqtjWdq0prQ_9bQNcPZ-BID01CoXCd9_xaTlCgLVJM17SnF_Ctm8kO3wyQB--xaoZL0EjszZySso1QGMhh3xhNjRuWipxUgp8PxvutC7OrPU_IK4Soqy_FgE-jdD0YioMRAq3R7I1HaZ0NfSWZINuoYzel3LzHCIiQBjggAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Zv8ZUxyDHVORaI7AdRE4DVgwFtg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Frame ID: E065AF85B36B4FD8573CEDFE5729BC15
Requests: 19 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=iuGcfbeditfcZLQ7mQO4sb9aRwL0bb4l&g=f3240d8f933ca8d1f2bbdb18a3c01430%2F16196834210030529249&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dexdyv38nwx17yktyargwnf7r44axeakb86jsh5g5gjxcc7nh6h54cs25ay71m1kq07s0nhr4xfca93bfm9a1rw5pbzkg70r8hbpbx6hr88qf2jsmxdajjn54qc1bvamyptrg6v3fmpj5gx531v9af3b28qjwjm4vherwjyjxrncjhbdw667zara5xa6wm9q8kjpsxc1gc5tkf1j29zxjw2xp2twfw60z98f7em5t352q37cv6h6aj7bmb8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtlCA5mGmYMzsOZujtOUP4fyo0AuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQIDADSgYm-0PqgDAaoEvwFP0NS5UdPWu_mciUDJiYGtYRubJmAeNGzAYCOzluAICYQPvtVGosl6Pu4qASyBTluWW7GGExblpaCyw7u_fAHv3Zl2x0MqcwpUYxAUTE3k6onPHK7T3PMsvmZBA01peVzoSgc1pL5V9hFISi8MTK8ducxDc4jnwkMySp1H5FpiVENi_s1_zJYzFY-edUXuj5jwbiqu3Y24K7Rrm1GwahdnF20HT-N6qkn7L1-6NhF9LEchhQt1xbhb6RiaT02ja4AG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0j6_drOS4nyyVgFrlri9a2HwDsZg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Frame ID: 2FDFF7F4B044FCF8E5F1D52D1C17278F
Requests: 19 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=qd3oTPkCXKApnDPgRD1zAlcod5gNMl-G&g=b70aac216f6a5a98bf0e3f3a8a2716dc%2F4761467888437106308&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21n6zhvzrwwrz051m9t5xsb11rntbj7xmkj31cyg2d872vgr40zjd06k63eqb919khckgka07eggnvfcttqnj488d001z504rqmmttdmxmhq9mc5gd5y5480c2msv08y9fap70wrr06mxrcc37crxd0hkv1y1h8twm4cx012vvw8andvnzb0qtycs3srsv24m068v0mcnvtvy336trkqxf7st5w0bncvnmt9038mmgekp1pbbcacey4nx83pm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxNj65mGmYPPCC4iGtOUPv-uywA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQJjF3Zm5HK0PqgDAaoEvwFP0P4y2WixZpLycRONCiuaOVO9ZF6bUHSKKmYoNuZ82jfl6eL4sJ4QHD8XxVpQlgRJLuES7FaK-GrDvV2QbOcChtrVOaAeYyN7yb9xMZt4TadiCtE5lyo0o6O9RS8vMRcafqtryLVRq_maO8aXIqRsqzoJ7RzE2Ja5lRdVW_LM5eLb-ppNbBm-qPRrBkHxO-LItan26dMmNEGjyFsY6vmAuMJ_Hh1CDP5b94vF61DgAKtOBRrvhcCrV4IgH8GxTYAG_pSpkqePyfj-AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2zktj6AU9cqelDL4Q4MQ5TtAqLbg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Frame ID: A2A732AEFF520F64AE677C21E19D567A
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: E5BA5B20EC12B0BFA1EA404BD34A669D
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=fee3b44e7adfc6864384808d55c17f39%2F8037280279441544571&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2228wem3fwr3z72s3yaq36y1ftj276ay15yxx5pksmgqjexgsnr2rkztxszvmw55t4c7111mt2hsa79bkrfnj61x2j82h8wdvfxcvq259ybtdy4emdbjmyzz3z8vkz1e9q343h10pt9n3yypjmh6cb52fehn39e0cjvj79hefq9cgqgzhz9tjpnryhn680f41vqjzhcjdqg1jaae4aam8matzdqee60604gkyzn32ebs3t2t46e3xqc50mzkt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXSaN52GmYKy2BLfVtOUP1cCh2AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvwFP0LxC7iD1UnLZ4o2Y7WHbVbcmHJkSNwSKtsl3qunN5WjctHCAUSlFU1XPLH4aKhn_dmT5Jb3ELrGW6JZZh1NOzML4VrNRWzQ6K7j-tqU0Hs31yboy-HRvDx_fJUGC68UJPnt6memJT8suiLelG-sZmQwMXwmLSvxtn2NafzBEXAuviLO4OBYVY8eOLQs7FXkOIKwf1AyyygpfwjE93FG667D2eMgQSOYR0XDsW9TnscX4DEkYKok7HMgnAaP5HoAG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2NxUavZpPNivuXHwF1vAXOczsnVg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Frame ID: 63CFE1123A1205EB81649FCB7DC2BC67
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://lp.correiodopovo.com.br/ HTTP 302
    http://correiodopovo.com.br/ HTTP 302
    https://www.correiodopovo.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

752
Requests

100 %
HTTPS

49 %
IPv6

79
Domains

145
Subdomains

105
IPs

11
Countries

11468 kB
Transfer

28785 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://lp.correiodopovo.com.br/ HTTP 302
    http://correiodopovo.com.br/ HTTP 302
    https://www.correiodopovo.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://platform.instagram.com/en_US/embeds.js HTTP 301
  • https://www.instagram.com/embed.js HTTP 302
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Request Chain 157
  • https://sb.scorecardresearch.com/b?c1=7&c2=22153319&ns__t=1621516772253&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1621516772253&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F&c9=
Request Chain 198
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Request Chain 298
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 392
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAxVPGFwt4AOhOf7y-wJZRs&google_cver=1
Request Chain 393
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKZh5gPPw5NBQVHCYkwjnAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGMpyWnGtNMUO-XDbbbPhHU&google_cver=1
Request Chain 394
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEI7q4fsNnlHxAP6C8TKVWeU&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEI7q4fsNnlHxAP6C8TKVWeU%26google_cver%3D1
Request Chain 395
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk5MTg3MzQzMzU3NzQ3NDE3NA%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk5MTg3MzQzMzU3NzQ3NDE3NA%3D%3D&google_tc=
Request Chain 396
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKH1vuOXU8guNzCOOpD6Tts&google_cver=1
Request Chain 397
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTI4NzljYzEtZmEyZC0yZTMxLWUzNzUtZDkzYzhjMmE4M2Mz
Request Chain 398
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEGwHMwUV1s7mSjQq8L6wL4w&google_cver=1
Request Chain 399
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzBkYWQxYThhMjM5NzJiNThlODBiZjRkNGE0MjgyNDYwOGRmYmI3ZQ==
Request Chain 400
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEHe6vduvpUezV3A5awty1DI&google_cver=1
Request Chain 401
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPWPH53qitIkqzeAQqMzsJk&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPWPH53qitIkqzeAQqMzsJk&google_cver=1&__user_check__=1&sync_id=054e5eef-b96e-11eb-beee-1365eaaf0106
Request Chain 402
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=053fdbef-b96e-11eb-94c9-1d66682b0206 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDUzZmRiOWUtYjk2ZS0xMWViLTk0YzktMWQ2NjY4MmIwMjA2
Request Chain 405
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS01OG9MQzBGRTJ1RTdObFNkZGJLSGlOa1pkajlBN2pnSH5B
Request Chain 473
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJSIa-XrBEJ0DEn7mHylepk&google_cver=1&google_push=AQvitUKWcP_POWx57jAUtF0EA-04ylFuV7H4_PRR-msgrUH_V7ONzzLMddXkR0rQHWpYogqPcGzBLlTUwLZZN6FvlY2yl35nQIsR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUKWcP_POWx57jAUtF0EA-04ylFuV7H4_PRR-msgrUH_V7ONzzLMddXkR0rQHWpYogqPcGzBLlTUwLZZN6FvlY2yl35nQIsR
Request Chain 474
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBy-YFrnfhlsrT1OZPHwvAw&google_cver=1&google_push=AQvitUKb3oI4gK3HBPqTMV3mNYp5VLLQFyAIdnrpQnmZ5_GUCb3Ji2CbWPGrOkKOJybrbFgwDE8DHo98wF1kQGGqJQRslRjKwHTs0g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitUKb3oI4gK3HBPqTMV3mNYp5VLLQFyAIdnrpQnmZ5_GUCb3Ji2CbWPGrOkKOJybrbFgwDE8DHo98wF1kQGGqJQRslRjKwHTs0g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBy-YFrnfhlsrT1OZPHwvAw&google_cver=1&google_push=AQvitUKb3oI4gK3HBPqTMV3mNYp5VLLQFyAIdnrpQnmZ5_GUCb3Ji2CbWPGrOkKOJybrbFgwDE8DHo98wF1kQGGqJQRslRjKwHTs0g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitUKb3oI4gK3HBPqTMV3mNYp5VLLQFyAIdnrpQnmZ5_GUCb3Ji2CbWPGrOkKOJybrbFgwDE8DHo98wF1kQGGqJQRslRjKwHTs0g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 475
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFZ8pGeWFC-SsLIzJW1j6EA&google_cver=1&google_push=AQvitULU6a5gt_epiZtp6JifpcjhVTwKBOywLCiTCVVqnBsQWR8IYfjd1GD5oVdht7GSvRLQMB73_AFnsVFnZEhsIhDPtHAyzOzi HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFZ8pGeWFC-SsLIzJW1j6EA&google_cver=1&google_push=AQvitULU6a5gt_epiZtp6JifpcjhVTwKBOywLCiTCVVqnBsQWR8IYfjd1GD5oVdht7GSvRLQMB73_AFnsVFnZEhsIhDPtHAyzOzi HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=c787d56b-a100-45f1-92ac-91313da5bd4c&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULU6a5gt_epiZtp6JifpcjhVTwKBOywLCiTCVVqnBsQWR8IYfjd1GD5oVdht7GSvRLQMB73_AFnsVFnZEhsIhDPtHAyzOzi&google_hm=90AEG0tAROaUfpIRul0HjQ==
Request Chain 476
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMGIx8YgkbJIBV92buPUg7I&google_cver=1&google_push=AQvitULJYRt38YrcnX8TghV416h48FqU5ambjuGKzPZAnokWQOi1xnj-XKNc0y03hmTRgS1poSn43kv7A2lT8CA4u5atsLiXYYB9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09XWDdaSjMtMTYtNjY5&google_push=AQvitULJYRt38YrcnX8TghV416h48FqU5ambjuGKzPZAnokWQOi1xnj-XKNc0y03hmTRgS1poSn43kv7A2lT8CA4u5atsLiXYYB9
Request Chain 477
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECHx_pQHL_rfaTZU3M4b7sk&google_cver=1&google_push=AQvitULFhZ09ijIu4OEAX5uUAS4_PkLi5KUDq_o3GvBgZrFG-Ld-FICP1rkwSI4wfa0KckllrLtaij71JMtABIyCcObR_bVJX4z_xQ HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECHx_pQHL_rfaTZU3M4b7sk&google_cver=1&google_push=AQvitULFhZ09ijIu4OEAX5uUAS4_PkLi5KUDq_o3GvBgZrFG-Ld-FICP1rkwSI4wfa0KckllrLtaij71JMtABIyCcObR_bVJX4z_xQ&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitULFhZ09ijIu4OEAX5uUAS4_PkLi5KUDq_o3GvBgZrFG-Ld-FICP1rkwSI4wfa0KckllrLtaij71JMtABIyCcObR_bVJX4z_xQ&google_hm=94a06784895f4b46675d815a
Request Chain 478
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEAVgHcMP8TXohS_n10fnX8Q&google_cver=1&google_push=AQvitUJVot56AGNtCv3UuzthPsyJ9t9DxxzCN9_-hlgJI9IBLuC789UFwduB57ThKHcN5kpMMR0uIPkBkZa1WWDtG3ex9wCp3r6U HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-02dfb8e3-1a47-4eac-8f32-d65624cba6c6-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAQvitUJVot56AGNtCv3UuzthPsyJ9t9DxxzCN9_-hlgJI9IBLuC789UFwduB57ThKHcN5kpMMR0uIPkBkZa1WWDtG3ex9wCp3r6U%26google_hm%3DAwLfuOMaR06sjzLWViTLpsY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUJVot56AGNtCv3UuzthPsyJ9t9DxxzCN9_-hlgJI9IBLuC789UFwduB57ThKHcN5kpMMR0uIPkBkZa1WWDtG3ex9wCp3r6U&google_hm=AwLfuOMaR06sjzLWViTLpsY
Request Chain 524
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKQXFudG_gZUvCz8TOxXvyY&google_cver=1&google_push=AQvitUIUW9x8BoZSSiwKZBdsVAvrmPKdcEPhYexn6h-oC_9AiEN31NwuF49YYTvuvyFpmdb92p5s3zzmrcx7dLKxVFF-9-2WMgrA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg0NjA3MTQ4MjM4MzIwNzEzMg== HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEC98SfqK5VV4e07LxgCq3i0&google_cver=1
Request Chain 525
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJSIa-XrBEJ0DEn7mHylepk&google_cver=1&google_push=AQvitUJapWBGAr1anYeZUAuziKVM0M75eRWBsHaVkined8DWXXsAt3qF7dQNZrY4kgiNc8hX69ICMQrmgRfhpDz-5YlBTd341Ew8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=HglgpmHnQgCjxyyGkLMlSQ&google_push=AQvitUJapWBGAr1anYeZUAuziKVM0M75eRWBsHaVkined8DWXXsAt3qF7dQNZrY4kgiNc8hX69ICMQrmgRfhpDz-5YlBTd341Ew8
Request Chain 527
  • https://um.simpli.fi/gp_match?google_gid=CAESEJOHfATGqmIQsdC8iMIzSQE&google_cver=1&google_push=AQvitUIIKuKJzFmfiqKUJXlKIStDbA4TiKXdl7Nb1Pxlyayv5lPSRkdRhyZmvI6beVW-mgIldV1qWtlgDlJsEj8_DQZgZPfSg9M9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=420356B4CE5F4A4EB08DC5EBFC3F19D8&google_push=AQvitUIIKuKJzFmfiqKUJXlKIStDbA4TiKXdl7Nb1Pxlyayv5lPSRkdRhyZmvI6beVW-mgIldV1qWtlgDlJsEj8_DQZgZPfSg9M9
Request Chain 528
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIh_GzXHgI_LifuJUGW_lKY&google_cver=1&google_push=AQvitULDvqwxepPOqLGrxiltSy8jg_ApwTHl_8CWEsCQNAxhLLlUJagSGE6kJd4CM-EME7Vh6WApNiUsk-yBQrOu7P1Wxy4CP5gv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitULDvqwxepPOqLGrxiltSy8jg_ApwTHl_8CWEsCQNAxhLLlUJagSGE6kJd4CM-EME7Vh6WApNiUsk-yBQrOu7P1Wxy4CP5gv
Request Chain 529
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEAQe5r8psGXQsLxO62XzKFc&google_cver=1&google_push=AQvitUJEhf-miuxWaIe4h_p2uqU3U103gw11vf-2FdReMd3IJ4xeJd5Om38ndQp9zTgvfyTLFbE7bY-urHSIcfdcJziJEAitkbWBnA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AQvitUJEhf-miuxWaIe4h_p2uqU3U103gw11vf-2FdReMd3IJ4xeJd5Om38ndQp9zTgvfyTLFbE7bY-urHSIcfdcJziJEAitkbWBnA&google_hm=tSO2-3GLT8q1yakxd3M1Q8Q
Request Chain 544
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKQXFudG_gZUvCz8TOxXvyY&google_cver=1&google_push=AQvitUKD7rxefU5jbwM7yZII5fYA07gDQDZ_B23RUvBWmWH0z2km-qJGzV36WpXCj3_StHtAVhz7LJOBHuWtNtCwrnq5aE3XDDSx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg0NjA3MTQ4MjM4MzIwNzEzMg== HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEC98SfqK5VV4e07LxgCq3i0&google_cver=1
Request Chain 545
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESED1XqDx-laxomsYwhtTfEow&google_cver=1&google_push=AQvitUIliFOnZNch78DnF44-ONtnYeGOKUu1J5LHqC3VT4HbdUjsXWe9SYKDlXw7vlmXKI8v-hqyeUYv9GEq4vmDlIcggrM1oT-N HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESED1XqDx-laxomsYwhtTfEow&google_push=AQvitUIliFOnZNch78DnF44-ONtnYeGOKUu1J5LHqC3VT4HbdUjsXWe9SYKDlXw7vlmXKI8v-hqyeUYv9GEq4vmDlIcggrM1oT-N
Request Chain 547
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEG6ZOAXeAz2EdPixnf6w_6w&google_cver=1&google_push=AQvitULTVHOdZAnDijcvlxYEJ4tVLKYE41hBWix_K2m-c0q3fCPuY15qw_CLDXFNOVS89GNKa_Kx5l_s94QjD3qJlORFr442Q0o HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEG6ZOAXeAz2EdPixnf6w_6w&google_cver=1&google_push=AQvitULTVHOdZAnDijcvlxYEJ4tVLKYE41hBWix_K2m-c0q3fCPuY15qw_CLDXFNOVS89GNKa_Kx5l_s94QjD3qJlORFr442Q0o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzUzMDUzNzMzMTcyNjUxNjI5NQ&google_push=AQvitULTVHOdZAnDijcvlxYEJ4tVLKYE41hBWix_K2m-c0q3fCPuY15qw_CLDXFNOVS89GNKa_Kx5l_s94QjD3qJlORFr442Q0o
Request Chain 548
  • https://rtb.openx.net/sync/dds?google_gid=CAESEIScqWCZxQL-IFDNoO3KxnI&google_cver=1&google_push=AQvitUKmfzx-dVyKA5VQOrEk5ESFp5a4JOw7A5T8p7TCpNLbk1qu-eh0lu0mg8YMuABnXuYxMKSLjIdsdpW2eGbUA5ljJSEIqSxf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKmfzx-dVyKA5VQOrEk5ESFp5a4JOw7A5T8p7TCpNLbk1qu-eh0lu0mg8YMuABnXuYxMKSLjIdsdpW2eGbUA5ljJSEIqSxf&google_hm=ob7FN5rcybsQ4c8yldF3GQ==
Request Chain 549
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELJL--FR5kZ6WYw4vyP69T0&google_cver=1&google_push=AQvitUJOeXYh6ByQYdHU4BbZCgJdO3kMvkGcPU1XwDf8tu9V7IfQpeD2DA-2ZFovudWPe2vpdoAfHGjMu7me-pIOQGRRtpvineIV HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELJL--FR5kZ6WYw4vyP69T0&google_cver=1&google_push=AQvitUJOeXYh6ByQYdHU4BbZCgJdO3kMvkGcPU1XwDf8tu9V7IfQpeD2DA-2ZFovudWPe2vpdoAfHGjMu7me-pIOQGRRtpvineIV&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PHZXA7HMRvObilFIg4B1Ug%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJOeXYh6ByQYdHU4BbZCgJdO3kMvkGcPU1XwDf8tu9V7IfQpeD2DA-2ZFovudWPe2vpdoAfHGjMu7me-pIOQGRRtpvineIV
Request Chain 550
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENfd2kd7iE4sbtC1lEIevtk&google_cver=1&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiqDCYQoO1y6U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiqDCYQoO1y6U&google_gid=CAESENfd2kd7iE4sbtC1lEIevtk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiqDCYQoO1y6U&google_gid=CAESENfd2kd7iE4sbtC1lEIevtk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiqDCYQoO1y6U&google_gid=CAESENfd2kd7iE4sbtC1lEIevtk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiqDCYQoO1y6U&google_gid=CAESENfd2kd7iE4sbtC1lEIevtk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiqDCYQoO1y6U&google_gid=CAESENfd2kd7iE4sbtC1lEIevtk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiqDCYQoO1y6U&google_gid=CAESENfd2kd7iE4sbtC1lEIevtk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiqDCYQoO1y6U&google_gid=CAESENfd2kd7iE4sbtC1lEIevtk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiqDCYQoO1y6U&google_gid=CAESENfd2kd7iE4sbtC1lEIevtk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiqDCYQoO1y6U&google_gid=CAESENfd2kd7iE4sbtC1lEIevtk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiqDCYQoO1y6U&google_gid=CAESENfd2kd7iE4sbtC1lEIevtk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiqDCYQoO1y6U&google_gid=CAESENfd2kd7iE4sbtC1lEIevtk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiqDCYQoO1y6U&google_gid=CAESENfd2kd7iE4sbtC1lEIevtk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiqDCYQoO1y6U&google_gid=CAESENfd2kd7iE4sbtC1lEIevtk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiqDCYQoO1y6U&google_gid=CAESENfd2kd7iE4sbtC1lEIevtk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiqDCYQoO1y6U&google_gid=CAESENfd2kd7iE4sbtC1lEIevtk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiqDCYQoO1y6U&google_gid=CAESENfd2kd7iE4sbtC1lEIevtk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiqDCYQoO1y6U&google_gid=CAESENfd2kd7iE4sbtC1lEIevtk&google_cver=1&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiqDCYQoO1y6U&google_gid=CAESENfd2kd7iE4sbtC1lEIevtk&google_cver=1&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiqDCYQoO1y6U&google_gid=CAESENfd2kd7iE4sbtC1lEIevtk&google_cver=1&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiqDCYQoO1y6U&google_gid=CAESENfd2kd7iE4sbtC1lEIevtk&google_cver=1&google_tc=
Request Chain 569
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFZ8pGeWFC-SsLIzJW1j6EA&google_cver=1&google_push=AQvitUKOJu8TtRTvuKHepyR3rIGRBSwtxsO45cA6h_Lw2u_-n0qVto24I9CGvxi3vZWlc6wUGcZJJVcbLAf64DgLZYCcr78sLw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUKOJu8TtRTvuKHepyR3rIGRBSwtxsO45cA6h_Lw2u_-n0qVto24I9CGvxi3vZWlc6wUGcZJJVcbLAf64DgLZYCcr78sLw&google_hm=90AEG0tAROaUfpIRul0HjQ==
Request Chain 571
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECHx_pQHL_rfaTZU3M4b7sk&google_cver=1&google_push=AQvitUIoZCUoPUf4GuGJ1l6xXhpzw39gJipo79grD2OlpVZIBRqBqlJBE9e2ngZr2enAxghTMEpaLpN7X3O2o6toPqEHvYl7F3w HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECHx_pQHL_rfaTZU3M4b7sk&google_cver=1&google_push=AQvitUIoZCUoPUf4GuGJ1l6xXhpzw39gJipo79grD2OlpVZIBRqBqlJBE9e2ngZr2enAxghTMEpaLpN7X3O2o6toPqEHvYl7F3w&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUIoZCUoPUf4GuGJ1l6xXhpzw39gJipo79grD2OlpVZIBRqBqlJBE9e2ngZr2enAxghTMEpaLpN7X3O2o6toPqEHvYl7F3w&google_hm=94a06784895f4b46675d815a
Request Chain 572
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOncd3MKQlD05XSUr4aBvW4&google_cver=1&google_push=AQvitUJ5OCAm1csay3loAV62B14OHsjyfUM0bDWihFcOEm3oFsqNFIskNUA2ccVUIEEIDd1jmkJJRqz_CpL4aY5mPbaONRj2NTk HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AQvitUJ5OCAm1csay3loAV62B14OHsjyfUM0bDWihFcOEm3oFsqNFIskNUA2ccVUIEEIDd1jmkJJRqz_CpL4aY5mPbaONRj2NTk&google_gid=CAESEOncd3MKQlD05XSUr4aBvW4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzE5NjY0MzU3MzY2NTI5MzIwMA%3D%3D&google_push=AQvitUJ5OCAm1csay3loAV62B14OHsjyfUM0bDWihFcOEm3oFsqNFIskNUA2ccVUIEEIDd1jmkJJRqz_CpL4aY5mPbaONRj2NTk
Request Chain 735
  • https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430 HTTP 302
  • https://cm.t.tailtarget.com/doubleclick?google_gid=CAESED46TudaPOUKpUZoVQg8XwI&google_cver=1&google_ula=862479430,0

752 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.correiodopovo.com.br/
Redirect Chain
  • https://lp.correiodopovo.com.br/
  • http://correiodopovo.com.br/
  • https://www.correiodopovo.com.br/
295 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
40d749f0ffb80b848ded5b88e9e3884d4f3688891bce6cf38703e704b72c2585

Request headers

:method
GET
:authority
www.correiodopovo.com.br
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-type
text/html;charset=utf-8
content-length
47263
vary
Accept-Encoding
server
nginx/1.12.2
cache-control
max-age=240
expires
Thu, 20 May 2021 13:23:31 GMT
x-cacheable
YES
x-cache-rule
YES with ttl: 60.000 /
content-encoding
gzip
age
8
x-cache
HIT
v
5
accept-ranges
bytes

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://www.correiodopovo.com.br
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Allow-Origin
*
Date
Thu, 20 May 2021 13:19:30 GMT
Content-Length
149
css2
fonts.googleapis.com/ 		5 KB
676 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;900&display=swap
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4bbc9cabb74840a85dbdb6dc7dd227f1a7745600b530cd305c1bdcd66165f267
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 20 May 2021 13:19:31 GMT
server
ESF
date
Thu, 20 May 2021 13:19:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 May 2021 13:19:31 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
2de2bd744687ffddede21f482ccfcc62aafc0e457a7fbee48ee8135b45f66c44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"877 / 500 of 1000 / last-modified: 1621509323"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21324
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:31 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		132 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47950
x-xss-protection
0
server
cafe
etag
4501822382306722350
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 20 May 2021 13:19:31 GMT
smart.js
ced.sascdn.com/tag/1320/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/1320/smart.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-113.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4604f95a3781457d2bedcbb3a52f52ee1c619befbd16344e750b2e028d7b5991

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 13:19:32 GMT
Content-Encoding
gzip
Cache-Control
public, max-age=147
Content-Length
11374
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
smart.prebid.js
tagmanager.smartadserver.com/1320/71754/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-113.deploy.static.akamaitechnologies.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
64872f9d07c6c4a91d9e1febf7e3908b8637c88e31e409786a34a616ff8a7d27

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 13:19:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Nov 2020 11:26:21 GMT
Server
Apache/2.4.25 (Debian)
ETag
"3a25-5b437a5cc34e7-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=365
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3506
Expires
Thu, 20 May 2021 13:25:37 GMT
css
fonts.googleapis.com/ 		2 KB
642 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 20 May 2021 11:20:43 GMT
server
ESF
date
Thu, 20 May 2021 13:19:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 May 2021 13:19:31 GMT
css
fonts.googleapis.com/ 		13 KB
971 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:300italic,400italic,700italic,400,700,300
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c34906f621bed08d975d42900c107ad05e7633d06ecb202739f5a9a99af910f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 20 May 2021 13:03:28 GMT
server
ESF
date
Thu, 20 May 2021 13:19:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 May 2021 13:19:31 GMT
bootstrap.min.css
www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/ 		107 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732

Request headers

:path
/polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
last-modified
Fri, 01 Mar 2019 17:19:18 GMT
server
nginx/1.12.2
age
3
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
18137
expires
Sat, 19 Jun 2021 13:19:31 GMT
belamais.css
www.correiodopovo.com.br/polopoly_fs/3.232526.1615315562!/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.232526.1615315562!/belamais.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
eca965f18f3bf501516fd5bdd7343363c6c8d002531d573a7461ad3281a27aa8

Request headers

:path
/polopoly_fs/3.232526.1615315562!/belamais.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.232526.1615315562!/belamais.css
last-modified
Tue, 09 Mar 2021 18:46:03 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:31 GMT
style.css
www.correiodopovo.com.br/polopoly_fs/3.194.1594145527!/ 		146 B
378 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.194.1594145527!/style.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
74f8bb668af45bc33e9009c79f96d20f72b101b6aa2e54367ca1d57fee38376a

Request headers

:path
/polopoly_fs/3.194.1594145527!/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.194.1594145527!/style.css
last-modified
Tue, 07 Jul 2020 18:12:08 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:31 GMT
style.css
www.correiodopovo.com.br/polopoly_fs/3.302.1615315537!/ 		865 B
652 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.302.1615315537!/style.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
65b19a5808c1a1d2593655c2b3c39ea52db2d0daa2a7cb3fbad3c2f71bef370b

Request headers

:path
/polopoly_fs/3.302.1615315537!/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.302.1615315537!/style.css
last-modified
Tue, 09 Mar 2021 18:45:37 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:31 GMT
comments.css
www.correiodopovo.com.br/polopoly_fs/3.259.1551461019!/ 		310 B
484 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.259.1551461019!/comments.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
be3ec5f1725890958c7ef75833b5fcaf41aa692812557006dec25f664b77ce33

Request headers

:path
/polopoly_fs/3.259.1551461019!/comments.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.259.1551461019!/comments.css
last-modified
Fri, 01 Mar 2019 17:23:40 GMT
server
nginx/1.12.2
age
3
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
197
expires
Sat, 19 Jun 2021 13:19:31 GMT
video-js.css
www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/video-js.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
a51d30b532fd6d11b67754b83e3af505df5fdc961fbbbe801afaa86e93841bab

Request headers

:path
/polopoly_fs/3.256.1551461012!/video-js.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.256.1551461012!/video-js.css
last-modified
Fri, 01 Mar 2019 17:23:33 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:31 GMT
video.css
www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/ 		561 B
624 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/video.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
9639244213f83b30ccdc150e7b592be27b96d2d5eb06ce4753ad449ee4845a2c

Request headers

:path
/polopoly_fs/3.256.1551461012!/video.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.256.1551461012!/video.css
last-modified
Fri, 01 Mar 2019 17:23:33 GMT
server
nginx/1.12.2
age
3
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
339
expires
Sat, 19 Jun 2021 13:19:31 GMT
MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.237.1615315513!/ 		2 KB
754 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.237.1615315513!/MainElement.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
c9996338cf56895fe00f9ce9bd9733fbc484e636442a6c6917ee959cad2bcf85

Request headers

:path
/polopoly_fs/3.237.1615315513!/MainElement.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.237.1615315513!/MainElement.css
last-modified
Tue, 09 Mar 2021 18:45:13 GMT
server
nginx/1.12.2
age
24
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
463
expires
Sat, 19 Jun 2021 13:19:31 GMT
MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.234.1615315510!/ 		39 B
349 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.234.1615315510!/MainElement.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
3c550cc6106b84782b282835ee72face4e1d2e527a895493d5aa0a47359fe63b

Request headers

:path
/polopoly_fs/3.234.1615315510!/MainElement.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.234.1615315510!/MainElement.css
last-modified
Tue, 09 Mar 2021 18:45:11 GMT
server
nginx/1.12.2
age
25
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
59
expires
Sat, 19 Jun 2021 13:19:31 GMT
MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/ 		38 B
327 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/MainElement.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
492253d2d2da0bebbef019e63d904ddb0b096f5a037c781a7cfda22c2332f692

Request headers

:path
/polopoly_fs/3.231.1615315500!/MainElement.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/MainElement.css
last-modified
Tue, 09 Mar 2021 18:45:06 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:31 GMT
tags.carousel.css
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/tags.carousel.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
0cfd7a9f5b0e61c7667f3a157f90e0f4d7b8b0f8f4bee90d224899140030cda0

Request headers

:path
/polopoly_fs/3.231.1615315500!/css/tags.carousel.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/css/tags.carousel.css
last-modified
Tue, 09 Mar 2021 18:45:01 GMT
server
nginx/1.12.2
age
39
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1388
expires
Sat, 19 Jun 2021 13:19:31 GMT
tags.theme.default.css
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/ 		1 KB
862 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/tags.theme.default.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
aaad17d860310d83cdb8c7cfc336143de3f08ea3c34ced5d880bd6c666247ebc

Request headers

:path
/polopoly_fs/3.231.1615315500!/css/tags.theme.default.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/css/tags.theme.default.css
last-modified
Tue, 09 Mar 2021 18:45:01 GMT
server
nginx/1.12.2
age
39
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
564
expires
Sat, 19 Jun 2021 13:19:31 GMT
owl.carousel.css
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/owl.carousel.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
8dd2b33486d15e920d6c71a134be819cb5559c83d45e0016e52f7c9f8dc718e1

Request headers

:path
/polopoly_fs/3.231.1615315500!/css/owl.carousel.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/css/owl.carousel.css
last-modified
Tue, 09 Mar 2021 18:45:01 GMT
server
nginx/1.12.2
age
39
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1096
expires
Sat, 19 Jun 2021 13:19:31 GMT
owl.theme.default.css
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/owl.theme.default.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
4e369635987f4ee1f4bad20a4c30a6eeb4fc2afe3f185fa9f6a8ecb2c5131457

Request headers

:path
/polopoly_fs/3.231.1615315500!/css/owl.theme.default.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/css/owl.theme.default.css
last-modified
Tue, 09 Mar 2021 18:45:01 GMT
server
nginx/1.12.2
age
39
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
902
expires
Sat, 19 Jun 2021 13:19:31 GMT
social-auth.css
www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/ 		46 B
335 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/social-auth.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
2f18363fdebecf3ebd553e917a0048fd4644f33250cb98a12be9cf4597ea3919

Request headers

:path
/polopoly_fs/3.212.1615315469!/social-auth.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.212.1615315469!/social-auth.css
last-modified
Tue, 09 Mar 2021 18:44:30 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:31 GMT
bootstrap-social.css
www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/ 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/bootstrap-social.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
544fed9092e26545359b1586b76bcca554329ecfc5f204beaf06bfa4fa6fd2fa

Request headers

:path
/polopoly_fs/3.212.1615315469!/bootstrap-social.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.212.1615315469!/bootstrap-social.css
last-modified
Tue, 09 Mar 2021 18:44:29 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:31 GMT
fotorama.css
www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/css/fotorama.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
4f9fd83d65a6ad09005ec3e12537a23beb340cd017fce8749e138bfeb530da68

Request headers

:path
/polopoly_fs/3.203.1615315462!/css/fotorama.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.203.1615315462!/css/fotorama.css
last-modified
Tue, 09 Mar 2021 18:44:22 GMT
server
nginx/1.12.2
age
2
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2844
expires
Sat, 19 Jun 2021 13:19:31 GMT
fotorama-custom.css
www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/css/ 		738 B
596 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/css/fotorama-custom.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
a3226ebe4e39bc1ddcc45093d268ce2fb898cd9d27ed7e75100a97602229169a

Request headers

:path
/polopoly_fs/3.203.1615315462!/css/fotorama-custom.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.203.1615315462!/css/fotorama-custom.css
last-modified
Tue, 09 Mar 2021 18:44:22 GMT
server
nginx/1.12.2
age
2
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
302
expires
Sat, 19 Jun 2021 13:19:31 GMT
SearchElement.css
www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/ 		1 KB
759 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/SearchElement.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
2f42b3a57c656fe308f398180a400f6b7f687e8396b9e1adabd83e67e7143968

Request headers

:path
/polopoly_fs/3.200.1615315459!/SearchElement.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.200.1615315459!/SearchElement.css
last-modified
Tue, 09 Mar 2021 18:44:19 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:31 GMT
style.css
www.correiodopovo.com.br/polopoly_fs/3.197.1615315455!/ 		909 B
639 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.197.1615315455!/style.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
3923e7c182008b2e667b295342b146adace165e25a8993e73e8688288968ac1f

Request headers

:path
/polopoly_fs/3.197.1615315455!/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.197.1615315455!/style.css
last-modified
Tue, 09 Mar 2021 18:44:15 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:31 GMT
style.css
www.correiodopovo.com.br/polopoly_fs/3.184.1615315445!/ 		110 B
397 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.184.1615315445!/style.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
62e8401c97fb76307bac29e33631c8775c9b9e15d7506ca0bda87fff66452420

Request headers

:path
/polopoly_fs/3.184.1615315445!/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.184.1615315445!/style.css
last-modified
Tue, 09 Mar 2021 18:44:06 GMT
server
nginx/1.12.2
age
18
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
111
expires
Sat, 19 Jun 2021 13:19:31 GMT
MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.178.1615315437!/ 		857 B
564 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.178.1615315437!/MainElement.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
c65dc23c9b6d7bdf0633746c5c48ab5fab0074c5087cfb6f2a814a426fd62273

Request headers

:path
/polopoly_fs/3.178.1615315437!/MainElement.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.178.1615315437!/MainElement.css
last-modified
Tue, 09 Mar 2021 18:43:57 GMT
server
nginx/1.12.2
age
32
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
273
expires
Sat, 19 Jun 2021 13:19:31 GMT
MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.175.1615315435!/ 		456 B
505 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.175.1615315435!/MainElement.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
fb66d50466654410ed1aba9e24bb40f3e64594968136cfc472c1afd1eb180dba

Request headers

:path
/polopoly_fs/3.175.1615315435!/MainElement.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.175.1615315435!/MainElement.css
last-modified
Tue, 09 Mar 2021 18:43:55 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:31 GMT
font-awesome.min.css
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/css/font-awesome.min.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0

Request headers

:path
/polopoly_fs/3.163.1615315420!/fontawesome/css/font-awesome.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/fontawesome/css/font-awesome.min.css
last-modified
Tue, 09 Mar 2021 18:43:42 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:31 GMT
fontscorreio.css
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/ 		398 B
435 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
57214cdcf15665a435ed82c94b38f24c078b11949eb3a706ad8ae67a3318be5a

Request headers

:path
/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
last-modified
Tue, 09 Mar 2021 18:43:43 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
133
expires
Sat, 19 Jun 2021 13:19:31 GMT
fontsbelamais.css
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontsbelamais/css/ 		244 B
444 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontsbelamais/css/fontsbelamais.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
38c8cf532fa433d258c72dc8b5df1c1497720980a953c1072ec8538006fe79df

Request headers

:path
/polopoly_fs/3.163.1615315420!/fontsbelamais/css/fontsbelamais.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/fontsbelamais/css/fontsbelamais.css
last-modified
Tue, 09 Mar 2021 18:43:44 GMT
server
nginx/1.12.2
age
42
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
140
expires
Sat, 19 Jun 2021 13:19:31 GMT
stylenovo.css
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/ 		46 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/stylenovo.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
8de1758d33f2f42d6812a8c146fd5c785b12e4d071ecab06b9b05848072bb850

Request headers

:path
/polopoly_fs/3.163.1615315420!/stylenovo.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/stylenovo.css
last-modified
Tue, 09 Mar 2021 18:43:45 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:31 GMT
style.css
www.correiodopovo.com.br/polopoly_fs/3.153.1615315412!/ 		140 B
388 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.153.1615315412!/style.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
e0a652a1bd36b70149fa3c6fdb4bd8641593273e261f2c43ae5e5309fa98bd56

Request headers

:path
/polopoly_fs/3.153.1615315412!/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.153.1615315412!/style.css
last-modified
Tue, 09 Mar 2021 18:43:32 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:31 GMT
MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.150.1615315409!/ 		470 B
552 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.150.1615315409!/MainElement.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
923c7bc114115535d3859aa2a1ab45e35c6a674d7b221d6cb3b3520f6550d053

Request headers

:path
/polopoly_fs/3.150.1615315409!/MainElement.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.150.1615315409!/MainElement.css
last-modified
Tue, 09 Mar 2021 18:43:29 GMT
server
nginx/1.12.2
age
54
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
261
expires
Sat, 19 Jun 2021 13:19:31 GMT
autotrack.min.js
www.correiodopovo.com.br/polopoly_fs/3.137.1615315402!/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.137.1615315402!/autotrack.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
deaa8c25f96a0b2b3f348a5f55da84b402621e4a4be31baeb56ba3de133c99d6

Request headers

:path
/polopoly_fs/3.137.1615315402!/autotrack.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.137.1615315402!/autotrack.min.js
last-modified
Tue, 09 Mar 2021 18:43:24 GMT
server
nginx/1.12.2
age
62
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7269
expires
Sat, 19 Jun 2021 13:19:31 GMT
jquery.cookie.min.js
www.correiodopovo.com.br/polopoly_fs/3.137.1615315402!/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.137.1615315402!/jquery.cookie.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
cfcc22d197db65b2991542ddb35450493e299781d1491c95015d0f8537ccdf4f

Request headers

:path
/polopoly_fs/3.137.1615315402!/jquery.cookie.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.137.1615315402!/jquery.cookie.min.js
last-modified
Tue, 09 Mar 2021 18:43:24 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:31 GMT
jquery-1.11.0.min.js
www.correiodopovo.com.br/polopoly_fs/3.143.1551460756!/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.143.1551460756!/jquery-1.11.0.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

:path
/polopoly_fs/3.143.1551460756!/jquery-1.11.0.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.143.1551460756!/jquery-1.11.0.min.js
last-modified
Fri, 01 Mar 2019 17:19:16 GMT
server
nginx/1.12.2
age
39
vary
Accept-Encoding User-Agent
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
33417
expires
Sat, 19 Jun 2021 13:19:31 GMT
58b07fec4121.js
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain
  • https://platform.instagram.com/en_US/embeds.js
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f22d:e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 19:12:53 GMT
content-encoding
br
etag
"58b07fec4121"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
content-length
4824
priority
u=3,i

Redirect headers

date
Thu, 20 May 2021 13:19:31 GMT
x-fb-trip-id
1679558926
x-ig-origin-region
vll
content-type
text/html; charset=utf-8
location
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
cache-control
max-age=21600
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
patrocinio-topo-7.22393
www.correiodopovo.com.br/cmlink/ 		581 B
602 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/cmlink/patrocinio-topo-7.22393
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
f9b29e7257cfb5e783e10b78557c63f08b5fe7766a6dcb327d759d4fc91904ab

Request headers

:path
/cmlink/patrocinio-topo-7.22393
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 60.000 /cmlink/patrocinio-topo-7.22393
last-modified
Sat, 03 Apr 2021 13:36:32 GMT
server
nginx/1.12.2
age
50
x-cacheable
YES
vary
Accept-Encoding
x-cache
HIT
content-type
text/css;charset=utf-8
v
5
cache-control
max-age=240
accept-ranges
bytes
content-length
303
expires
Thu, 20 May 2021 13:23:31 GMT
eleicao3-o-7.22099
www.correiodopovo.com.br/cmlink/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/cmlink/eleicao3-o-7.22099
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
f7c79cdfc8317fd3bb217ed0e5c96b3d6d60ac583ce428f71b4e0e3aec776273

Request headers

:path
/cmlink/eleicao3-o-7.22099
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 60.000 /cmlink/eleicao3-o-7.22099
last-modified
Fri, 13 Nov 2020 12:20:54 GMT
server
nginx/1.12.2
age
64
x-cacheable
YES
vary
Accept-Encoding
x-cache
HIT
content-type
text/css;charset=utf-8
v
5
cache-control
max-age=240
accept-ranges
bytes
content-length
1659
expires
Thu, 20 May 2021 13:23:31 GMT
grid-n-7.21805
www.correiodopovo.com.br/cmlink/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/cmlink/grid-n-7.21805
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
7eb8885efae2977beda6754183d187ebf2b43c928d5bf0d0875c3a12a54454ae

Request headers

:path
/cmlink/grid-n-7.21805
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 60.000 /cmlink/grid-n-7.21805
last-modified
Tue, 08 Dec 2020 11:08:53 GMT
server
nginx/1.12.2
age
0
x-cacheable
YES
vary
Accept-Encoding
x-cache
MISS
content-type
text/css;charset=utf-8
v
5
cache-control
max-age=240
expires
Thu, 20 May 2021 13:23:31 GMT
cssbellamais-7.21806
www.correiodopovo.com.br/cmlink/ 		748 B
582 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/cmlink/cssbellamais-7.21806
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
441e54b1dba4df6b3fc07406d82f1e6069bb799c4c42f7296bf1830717c1aae7

Request headers

:path
/cmlink/cssbellamais-7.21806
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 60.000 /cmlink/cssbellamais-7.21806
last-modified
Wed, 30 Sep 2020 20:24:59 GMT
server
nginx/1.12.2
age
30
x-cacheable
YES
vary
Accept-Encoding
x-cache
HIT
content-type
text/css;charset=utf-8
v
5
cache-control
max-age=240
accept-ranges
bytes
content-length
285
expires
Thu, 20 May 2021 13:23:31 GMT
com.atex.gong.paywall.membership.js
www.correiodopovo.com.br/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/js/com.atex.gong.paywall.membership.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
9ff5526fbe195ceaf4c14ad2a2adb2ebb1428fc3fade5a2bccc9a00a14bb24d8

Request headers

:path
/js/com.atex.gong.paywall.membership.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 86400.000 /js/com.atex.gong.paywall.membership.js
last-modified
Thu, 04 Oct 2018 03:33:34 GMT
server
nginx/1.12.2
age
2
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2011
expires
Sat, 19 Jun 2021 13:19:31 GMT
ws-GTAYHGT2.js
wfpscripts.webspectator.com/bootstrap/ 		1 KB
934 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/bootstrap/ws-GTAYHGT2.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-252-251.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
fbd1edd661c3eeeae3650b9b6511e253dfe96ea8b4d016407025d439d40def1a

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
last-modified
Tue, 03 Dec 2019 16:04:01 GMT
server
nginx/1.10.3 (Ubuntu)
etag
W/"b0dccc480294ce8e2bfa6b534879b285"
x-cache-status
HIT
content-type
application/x-javascript
cache-control
max-age=31536000
denakop.js
v3.denakop.com/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.denakop.com/denakop.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a05de7c3de0c9029a963830574fff9cc4a44e93f985d2f1aa2e680f211220af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1642
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a2b877a44000016ea31098000000001
last-modified
Wed, 28 Apr 2021 18:55:39 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"6089afab-cdf3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
6525db706a8216ea-FRA
cf-bgj
minify
barra.js
barra.r7.com/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://barra.r7.com/barra.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
184.30.20.54 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5ba8490cc60fe0c0371c0acd84716072305214b84aa2959bd231c6cbc30c004d

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 17:02:28 GMT
server
AkamaiNetStorage
etag
"703e196e3c0da18c7b8365fb7bd025d7:1618419748.848626"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=390988
accept-ranges
bytes
content-length
8872
Correio_do_Povo_branco.png
portal.correiodopovo.com.br/imagens/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.correiodopovo.com.br/imagens/Correio_do_Povo_branco.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 , Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2709dcd48925c938d98757dd3cbc7708d9f49eb46212174d7954a68ff66390e2

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
last-modified
Mon, 15 Jul 2019 19:56:33 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"e0743667473bd51:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
3706
Correio_do_Povo.png
portal.correiodopovo.com.br/imagens/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.correiodopovo.com.br/imagens/Correio_do_Povo.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 , Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f4a852bdf0dfa921e7144308a4c48b1aed1695389eb76bdd71d4a48799441052

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
last-modified
Mon, 15 Jul 2019 19:56:33 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"e99a3667473bd51:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
15396
linkedin.png
portal.correiodopovo.com.br/imagens/social/ 		347 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.correiodopovo.com.br/imagens/social/linkedin.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 , Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
29fc8c47a94d2164aa2cbedd171d0975dc9d2ba60921e36eb580467f0a68af13

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
last-modified
Fri, 28 Aug 2020 14:48:23 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"282b6474a7dd61:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
347
instagram.png
portal.correiodopovo.com.br/imagens/social/ 		676 B
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.correiodopovo.com.br/imagens/social/instagram.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 , Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fe55f6306326e8e0ae4495684d8d742eeb3565d40bc0c9d95e0c6f557a65e64c

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
last-modified
Fri, 28 Aug 2020 14:48:33 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"a8a1ae4d4a7dd61:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
676
facebook.png
portal.correiodopovo.com.br/imagens/social/ 		295 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.correiodopovo.com.br/imagens/social/facebook.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 , Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3e4cf41484e16a8e99ea65620ecac036df5d23dc0b60adfa7ced3f7793f26f72

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
last-modified
Fri, 28 Aug 2020 14:48:57 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"dfbde25b4a7dd61:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
295
youtube.png
portal.correiodopovo.com.br/imagens/social/ 		382 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.correiodopovo.com.br/imagens/social/youtube.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 , Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8cba0effb5b2fe3741e8a4c0e81f3eec76b8d864e39d05b3c3182dcb427ce308

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
last-modified
Fri, 28 Aug 2020 14:49:17 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"e2d595674a7dd61:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
382
twitter.png
portal.correiodopovo.com.br/imagens/social/ 		484 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.correiodopovo.com.br/imagens/social/twitter.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 , Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
401c305a433d8f0ec7bcad2bf9acd9637e04aa91fe02d5c6ee4ffefafc8fd206

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
last-modified
Fri, 28 Aug 2020 14:49:09 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"e73b13634a7dd61:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
484
gtm.js
www.googletagmanager.com/ 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f2223ba3cdce251b5827734b4b97a3f918fc8829688dc351eb00b47f410a36ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34628
x-xss-protection
0
last-modified
Thu, 20 May 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 20 May 2021 13:19:31 GMT
all.min.js
plugins.soclminer.com.br/v3/sdk/ 		129 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugins.soclminer.com.br/v3/sdk/all.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b1c7f8e22a158eaf4528dc6837ddf54344b27aac55c98ba4d843b7a6cba6970

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
15037
x-amz-request-id
60TRXWSBGQM310BK
x-amz-id-2
EJZu3UUbXA7h7NED8H8yX15+RQLh8+0s8gxHdK6dt2F9RQpXrY6YW3HFk9PXuNc37A2d/4Tj1+E=
last-modified
Tue, 27 Apr 2021 23:29:34 GMT
server
cloudflare
etag
W/"5add67ef8194e067ee0fd36a665defc3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p1TzqVAnK85Ngfmk3O0cXQ7c7DeYjj3r%2BK7F2gVsMpFjZc9F%2BsOvmbJKzOF%2FCmVLWKuGExmctoE5K%2B4eiQql97Q7bfw5ZX1U7cmDp6NKclTK6HCzDCxNQoTHf61SXf8iqwWSbKY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400
cf-request-id
0a2b877aa900002bd2ffb79000000001
cf-ray
6525db710e192bd2-FRA
universal.min.js
tag.navdmp.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/universal.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0478f8a286d5e8074dd717ecfdea6fbff972a2a0a4103d7dc9dc4fe680a37c25

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id
0a2b877a9f00002c22b4209000000001
last-modified
Mon, 26 Apr 2021 21:14:53 GMT
server
cloudflare
etag
W/"60872d4d-1f5f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
6525db70fb052c22-FRA
expires
Thu, 20 May 2021 14:19:30 GMT
fbevents.js
connect.facebook.net/en_US/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23959
x-fb-rlafr
0
pragma
public
x-fb-debug
H3yGKs1OWxOharu9jZSrzw+QCME7wS1e03yibOKU0vwnBvybpZFvKZizmte4f7TIBN7x1Tuo3TRitzxThPmRIA==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 20 May 2021 13:19:31 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
hiltor.png
www.correiodopovo.com.br/image/policy:1.490139:1601522967/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490139:1601522967/image/hiltor.png?f=1x1&q=0.6&w=120&$p$f$q$w=3ce26f5
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
9c9ac6a6240e80e9c27305fbf104935e6276c8cad2ef9081377735cfea02ae47

Request headers

:path
/image/policy:1.490139:1601522967/image/hiltor.png?f=1x1&q=0.6&w=120&$p$f$q$w=3ce26f5
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
server
Azion IMS
x-original-image-size
24267
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4874
expires
Sat, 19 Jun 2021 13:19:31 GMT
pitlane.png
www.correiodopovo.com.br/image/policy:1.490575:1601576032/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490575:1601576032/image/pitlane.png?f=1x1&q=0.6&w=120&$p$f$q$w=e0931c8
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
6c3baac1987f8ea44ed14204bedd2a588a8480e33a1162df639433fa32c3ec43

Request headers

:path
/image/policy:1.490575:1601576032/image/pitlane.png?f=1x1&q=0.6&w=120&$p$f$q$w=e0931c8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
server
Azion IMS
x-original-image-size
20789
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4136
expires
Sat, 19 Jun 2021 13:19:31 GMT
bella_preto.png
portal.correiodopovo.com.br/imagens/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.correiodopovo.com.br/imagens/bella_preto.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 , Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
406fc2ecaa46e7c318d304cadec8b18681d750884c0e1ea0e42f9fcd4f37932a

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
last-modified
Mon, 28 Sep 2020 22:24:00 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0c02610e695d61:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
40820
platform.js
apis.google.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
image.jpg
www.correiodopovo.com.br/image/policy:1.622782:1621512874/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.622782:1621512874/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
c7d5f6634a0f8fce8d15073fe52566a01f8d0b18821728cb2372f6defbabad7a

Request headers

:path
/image/policy:1.622782:1621512874/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
server
Azion IMS
x-original-image-size
9070
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
10152
expires
Sat, 19 Jun 2021 13:19:31 GMT
image.jpg
www.correiodopovo.com.br/image/policy:1.622802:1621515519/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.622802:1621515519/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
d0eed6847355ded30be066907ce2a995bf769371745fa0f6d5c80007271c2d90

Request headers

:path
/image/policy:1.622802:1621515519/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
server
Azion IMS
x-original-image-size
17661
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
24746
expires
Sat, 19 Jun 2021 13:19:31 GMT
image.jpg
www.correiodopovo.com.br/image/policy:1.621547:1621345802/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.621547:1621345802/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
4753680a0b899df277d3af917c4f23001db8938d16f4d0873c6ae10d2cdb6399

Request headers

:path
/image/policy:1.621547:1621345802/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
server
Azion IMS
x-original-image-size
7851
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
8328
expires
Sat, 19 Jun 2021 13:19:31 GMT
image.jpg
www.correiodopovo.com.br/image/policy:1.622797:1621514765/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.622797:1621514765/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
302edabe4f3cfa2f63114b093892010d48ebd3403da5a033e8f19e7ebceb0101

Request headers

:path
/image/policy:1.622797:1621514765/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
server
Azion IMS
x-original-image-size
5911
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
5248
expires
Sat, 19 Jun 2021 13:19:31 GMT
image.jpeg
www.correiodopovo.com.br/image/policy:1.622804:1621515802/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.622804:1621515802/image.jpeg?a=2%3A1&q=0.6&w=360&$p$a$q$w=ef7ceb5
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
b87fd5ecb8d9b1c33f0a6ba0687b5ef3e3767d7a1f95f157dbf31f8d5b015f3f

Request headers

:path
/image/policy:1.622804:1621515802/image.jpeg?a=2%3A1&q=0.6&w=360&$p$a$q$w=ef7ceb5
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
server
Azion IMS
x-original-image-size
7804
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
7876
expires
Sat, 19 Jun 2021 13:19:31 GMT
Correiodopovo_horizontal.png
portal.correiodopovo.com.br/imagens/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.correiodopovo.com.br/imagens/Correiodopovo_horizontal.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 , Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
607a6a5706bbca51e1eb64a7d83783362e92d1ffcd2e91116e778d2d7fe6424b

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
last-modified
Mon, 21 Sep 2020 16:18:26 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0b593d53290d61:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
35024
bootstrap.min.js
www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/js/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/js/bootstrap.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Request headers

:path
/polopoly_fs/3.146.1551460757!/js/bootstrap.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.146.1551460757!/js/bootstrap.min.js
last-modified
Fri, 01 Mar 2019 17:19:18 GMT
server
nginx/1.12.2
age
1
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8536
expires
Sat, 19 Jun 2021 13:19:31 GMT
Imager.min.js
www.correiodopovo.com.br/polopoly_fs/3.159.1615315419!/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.159.1615315419!/Imager.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
cb8645e0bd04e1ff25faa1c0e956ad2f12f35d752d55ba2ae97cee37d37e2836

Request headers

:path
/polopoly_fs/3.159.1615315419!/Imager.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.159.1615315419!/Imager.min.js
last-modified
Tue, 09 Mar 2021 18:43:39 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:31 GMT
jquery.cookie.min.js
www.correiodopovo.com.br/polopoly_fs/3.191.1615315451!/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.191.1615315451!/jquery.cookie.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
cfcc22d197db65b2991542ddb35450493e299781d1491c95015d0f8537ccdf4f

Request headers

:path
/polopoly_fs/3.191.1615315451!/jquery.cookie.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.191.1615315451!/jquery.cookie.min.js
last-modified
Tue, 09 Mar 2021 18:44:12 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:31 GMT
users.min.js
www.correiodopovo.com.br/polopoly_fs/3.191.1615315451!/ 		810 B
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.191.1615315451!/users.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
2b87ad2e3dbfb1efc89a89bc0da9f724824d1612ae8db8bf7e47dd337fdc7151

Request headers

:path
/polopoly_fs/3.191.1615315451!/users.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.191.1615315451!/users.min.js
last-modified
Tue, 09 Mar 2021 18:44:12 GMT
server
nginx/1.12.2
age
40
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
404
expires
Sat, 19 Jun 2021 13:19:31 GMT
persona.min.js
www.correiodopovo.com.br/polopoly_fs/3.194.1594145527!/ 		441 B
574 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.194.1594145527!/persona.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
4f90beb9c5ce266d97c88013d263ba85320e90d5fc6f3ab016d42aafd330d70e

Request headers

:path
/polopoly_fs/3.194.1594145527!/persona.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.194.1594145527!/persona.min.js
last-modified
Tue, 07 Jul 2020 18:12:08 GMT
server
nginx/1.12.2
age
1
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
280
expires
Sat, 19 Jun 2021 13:19:31 GMT
poll.min.js
www.correiodopovo.com.br/polopoly_fs/3.302.1615315537!/ 		1 KB
849 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.302.1615315537!/poll.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
d97edfe6552e3143d0007b5e8103f3b39a3dd32898a97c20cb7337978feaf83f

Request headers

:path
/polopoly_fs/3.302.1615315537!/poll.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.302.1615315537!/poll.min.js
last-modified
Tue, 09 Mar 2021 18:45:37 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:31 GMT
autosize.min.js
www.correiodopovo.com.br/polopoly_fs/3.259.1551461019!/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.259.1551461019!/autosize.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
78ac6beb4da15e1e9f06a07eeb39f8f7ea755cd4c3e5958fddb4aa14fc72e123

Request headers

:path
/polopoly_fs/3.259.1551461019!/autosize.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.259.1551461019!/autosize.min.js
last-modified
Fri, 01 Mar 2019 17:23:39 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:31 GMT
video.js
www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/ 		66 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/video.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
db4243fcb42af79e27f42ebeb09f99e3ef5b4e0ea12f99cbd10d29e28e6966fd

Request headers

:path
/polopoly_fs/3.256.1551461012!/video.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.256.1551461012!/video.js
last-modified
Fri, 01 Mar 2019 17:23:32 GMT
server
nginx/1.12.2
age
1
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
20089
expires
Sat, 19 Jun 2021 13:19:31 GMT
tags.carousel.js
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/ 		46 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/tags.carousel.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
5f86eaa44bebd90324fd49d796ef010ec39f6af364018066d4e2ace0bab956fe

Request headers

:path
/polopoly_fs/3.231.1615315500!/js/tags.carousel.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/js/tags.carousel.js
last-modified
Tue, 09 Mar 2021 18:45:02 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:31 GMT
tags.navigation.js
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/tags.navigation.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
6bb3c7d3cd8b6ae6301a23cafa2167ed0fe548f5dc0826af8643c16844333c2e

Request headers

:path
/polopoly_fs/3.231.1615315500!/js/tags.navigation.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/js/tags.navigation.js
last-modified
Tue, 09 Mar 2021 18:45:02 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:31 GMT
owl.carousel.js
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/owl.carousel.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
c8be74ac4dc355f0a46acec8e7ab86091eca59c2eaac5d21a0b403bd6241291e

Request headers

:path
/polopoly_fs/3.231.1615315500!/js/owl.carousel.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/js/owl.carousel.js
last-modified
Tue, 09 Mar 2021 18:45:02 GMT
server
nginx/1.12.2
age
40
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7137
expires
Sat, 19 Jun 2021 13:19:31 GMT
social-auth.min.js
www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/ 		490 B
580 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/social-auth.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
1b084d429d350edc68e28a4b0f291b97bfcc1a8ae416b5c16cf8b0d11e1e59fd

Request headers

:path
/polopoly_fs/3.212.1615315469!/social-auth.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.212.1615315469!/social-auth.min.js
last-modified
Tue, 09 Mar 2021 18:44:30 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:31 GMT
fotorama.js
www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/js/ 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/js/fotorama.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
dfaff480d3d69518a9293729aeb2d9c8c651d4bf6f1a38d1d64afab8566ed817

Request headers

:path
/polopoly_fs/3.203.1615315462!/js/fotorama.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.203.1615315462!/js/fotorama.js
last-modified
Tue, 09 Mar 2021 18:44:22 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:31 GMT
namespace.min.js
www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/ 		220 B
453 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/namespace.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
e9a50c3fbd67964dcbfc166909d19e96f25f32c40ad50d656899f2aa381973b0

Request headers

:path
/polopoly_fs/3.200.1615315459!/namespace.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.200.1615315459!/namespace.min.js
last-modified
Tue, 09 Mar 2021 18:44:20 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:31 GMT
SearchElement.min.js
www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/ 		549 B
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/SearchElement.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
be735dbbce112db814813ebefa31710c76e242cce684d3daf6a9598bcac039f7

Request headers

:path
/polopoly_fs/3.200.1615315459!/SearchElement.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.200.1615315459!/SearchElement.min.js
last-modified
Tue, 09 Mar 2021 18:44:20 GMT
server
nginx/1.12.2
age
3
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
297
expires
Sat, 19 Jun 2021 13:19:31 GMT
personalization.min.js
www.correiodopovo.com.br/polopoly_fs/3.197.1615315455!/ 		887 B
827 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.197.1615315455!/personalization.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
a752ad4a6219ea21dec555f682ff9e49ed22c8c4c4e2d992312b13c8cebcec31

Request headers

:path
/polopoly_fs/3.197.1615315455!/personalization.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.197.1615315455!/personalization.min.js
last-modified
Tue, 09 Mar 2021 18:44:15 GMT
server
nginx/1.12.2
age
11
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
526
expires
Sat, 19 Jun 2021 13:19:31 GMT
infiniteScroll.js
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/js/infiniteScroll.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
59758d6213ae16ffc0498f7ec1747b84047dd0cc9ff2c1da7aeb66b47f9bda5c

Request headers

:path
/polopoly_fs/3.163.1615315420!/js/infiniteScroll.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/js/infiniteScroll.js
last-modified
Tue, 09 Mar 2021 18:43:42 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:31 GMT
funcoes.js
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/js/funcoes.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
c740d8dd4494a96507134e544fb09e2d7e7812ded83f4978c7e5878188414647

Request headers

:path
/polopoly_fs/3.163.1615315420!/js/funcoes.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/js/funcoes.js
last-modified
Tue, 09 Mar 2021 18:43:42 GMT
server
nginx/1.12.2
age
43
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2358
expires
Sat, 19 Jun 2021 13:19:31 GMT
plugin.min.js
www.correiodopovo.com.br/polopoly_fs/3.153.1615315412!/ 		192 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.153.1615315412!/plugin.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
98344eec8842ef328890a29cd19a5d3b308eb9db3906b47e8146e5231d4a2eb0

Request headers

:path
/polopoly_fs/3.153.1615315412!/plugin.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.153.1615315412!/plugin.min.js
last-modified
Tue, 09 Mar 2021 18:43:32 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:31 GMT
footer-portal.js
barra.r7.com/footer/footer-portal/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://barra.r7.com/footer/footer-portal/footer-portal.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
184.30.20.54 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
65929976a7474811485e91671303abba0e9073934a7712e9426cfc0996bb21f2

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 17:02:48 GMT
server
AkamaiNetStorage
etag
"03c8813a4f64a6f90678d2a446a049d9:1618419768.260441"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=329379
accept-ranges
bytes
content-length
3659
pubads_impl_2021051801.js
securepubads.g.doubleclick.net/gpt/ 		308 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js?31061259
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
77e7ad71599b73f06bcaea11c25e128d50c80f6e7fb0cc10f317779fc285d954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 08:37:05 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110938
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:31 GMT
init
webservices.webspectator.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webservices.webspectator.com/init?appId=GTAYHGT2&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1621516771877
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-GTAYHGT2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.207.18.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-207-18-4.compute-1.amazonaws.com
Software
WildFly/10 / Undertow/1
Resource Hash
370e76f4c0fc60b3be74832230f06e22f3b070c59218aed1dee29472f37465f1

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:32 GMT
Content-Encoding
gzip
Server
WildFly/10
X-Powered-By
Undertow/1
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=UTF-8
X-NoCache
true
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Jan 1970 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-GTAYHGT2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-82.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 12:49:38 GMT
via
1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
2568
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
44MBdJLnIgGpU2ZBHS2uY-8dmZL80htaYjmPS-pJkKeTovApKUoKGg==
quant.js
secure.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-GTAYHGT2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
content-encoding
gzip
etag
"WhyxmPkT7L77qVDcrjxwGw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Thu, 27 May 2021 13:19:32 GMT
loader.js
cdn.taboola.com/libtrc/correiodopovo/ 		382 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4922f1f24da0717dd235134de97891c5f25557741655b02f70eb5b5b7b365b5

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
us5sB2J.Psu3Xu1pGscrCmpqd_XNP4sr
content-encoding
gzip
etag
"aaaa0df6d7f97c9182888af3584fe6da"
age
8151
x-cache
HIT
content-length
32274
x-amz-id-2
T6lJHLmmVhrhdan7wFAZ4auIziUkNZePDm2UpWyb4rIhak3Eyi+FlyBmqSG+au+1a088s2kXUcI=
x-served-by
cache-fra19179-FRA
last-modified
Thu, 20 May 2021 11:02:38 GMT
server
AmazonS3
x-timer
S1621516772.116327,VS0,VE1
date
Thu, 20 May 2021 13:19:32 GMT
vary
Accept-Encoding
x-amz-request-id
P3RFCSJ6SSR6T2FF
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
71
x-cache-hits
1
newsroom.js
c2.taboola.com/nr/correiodopovo/ 		54 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c2.taboola.com/nr/correiodopovo/newsroom.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dace3c80f41ab245b0c1ed8ee192cfda1cc764a4a15e83c28bdbae529b1d1ee3

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
"6d0a3d0a56a0d3318f9c30ce3d5680fb"
age
0
x-cache
HIT
content-length
16138
x-amz-id-2
H8S4s6u21fATwCp8hV/aKlAiuVJyYItkwdgALBcU3yO1vWnQ3vRrQm6ik4SxWAG0Jgv8ZdNt2+s=
x-served-by
cache-hhn11580-HHN
last-modified
Fri, 04 Sep 2020 23:39:48 GMT
server
AmazonS3
x-timer
S1621516772.134158,VS0,VE200
date
Thu, 20 May 2021 13:19:32 GMT
vary
Accept-Encoding
x-amz-request-id
H7ZV76F4E5G9N77S
via
1.1 varnish
cache-control
max-age=14400
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
css
fonts.googleapis.com/ 		4 KB
643 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 20 May 2021 13:19:31 GMT
server
ESF
date
Thu, 20 May 2021 13:19:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 May 2021 13:19:31 GMT
58ee86211d42061afb000002
cms-media-api.r7.com/menu/ 		29 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cms-media-api.r7.com/menu/58ee86211d42061afb000002
Requested by
Host: barra.r7.com
URL: https://barra.r7.com/barra.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
184.30.20.54 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
223388978aaf4afaa72e2a1fb610909140b5e2da8ff02d6db799615d8d0c25db

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 13:19:32 GMT
Content-Encoding
gzip
ETag
Vary
Accept-Encoding
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
!no-store, must-revalidate, max-age=120
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4856
JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.correiodopovo.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 09:15:18 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:13:07 GMT
server
sffe
age
533053
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19264
x-xss-protection
0
expires
Sat, 14 May 2022 09:15:18 GMT
glyphicons-halflings-regular.woff
www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/fonts/glyphicons-halflings-regular.woff
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
7f98ff9434849daca0cadf865d4639a48d85a7ad473a30961680c7f285a885eb

Request headers

:path
/polopoly_fs/3.146.1551460757!/fonts/glyphicons-halflings-regular.woff
pragma
no-cache
origin
https://www.correiodopovo.com.br
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.correiodopovo.com.br
Referer
https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.146.1551460757!/fonts/glyphicons-halflings-regular.woff
last-modified
Fri, 01 Mar 2019 17:19:18 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-font-woff;charset=utf-8
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:31 GMT
ClanOT-Book.otf
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ 		95 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ClanOT-Book.otf
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
c9ef226218315b5804f91c7ae1b34352194e14f1dac157c814325d179dbcc25d

Request headers

:path
/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ClanOT-Book.otf
pragma
no-cache
origin
https://www.correiodopovo.com.br
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.correiodopovo.com.br
Referer
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ClanOT-Book.otf
last-modified
Tue, 09 Mar 2021 18:43:43 GMT
server
nginx/1.12.2
age
42
vary
Accept-Encoding
x-cache
HIT
content-type
application/octet-stream;charset=utf-8
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
45109
expires
Sat, 19 Jun 2021 13:19:31 GMT
ClanOT-News.otf
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ 		95 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ClanOT-News.otf
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
9a877726a7ea75d3ff46da702d8e1efbf615f7af09763ac702b2fe96f3e6f998

Request headers

:path
/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ClanOT-News.otf
pragma
no-cache
origin
https://www.correiodopovo.com.br
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.correiodopovo.com.br
Referer
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:31 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ClanOT-News.otf
last-modified
Tue, 09 Mar 2021 18:43:43 GMT
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
application/octet-stream;charset=utf-8
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:31 GMT
hiltor.png
www.correiodopovo.com.br/image/policy:1.490139:1601522967/image/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490139:1601522967/image/hiltor.png?f=1x1&q=0.9&w=360&$p$f$q$w=4b00dcf
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
ee02e8a1152b104e2b5eeba69154b873ad70a9422be49e4e4909ab016c9257df

Request headers

:path
/image/policy:1.490139:1601522967/image/hiltor.png?f=1x1&q=0.9&w=360&$p$f$q$w=4b00dcf
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
189676
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
22188
expires
Sat, 19 Jun 2021 13:19:32 GMT
juremir.png
www.correiodopovo.com.br/image/policy:1.490137:1601522967/image/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490137:1601522967/image/juremir.png?f=1x1&q=0.9&w=360&$p$f$q$w=f0c0c40
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
e67c7005f97f0b57b13f0725ab31c7b0c27aff3753701b6e8fd7631e163e5209

Request headers

:path
/image/policy:1.490137:1601522967/image/juremir.png?f=1x1&q=0.9&w=360&$p$f$q$w=f0c0c40
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
176728
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
18528
expires
Sat, 19 Jun 2021 13:19:32 GMT
guilherme.png
www.correiodopovo.com.br/image/policy:1.490140:1601522968/image/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490140:1601522968/image/guilherme.png?f=1x1&q=0.9&w=360&$p$f$q$w=76b46ee
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
f7a939d43320bc1e8606404dfb97b3ac8cd6c32bb3f821d47112c36f343f3109

Request headers

:path
/image/policy:1.490140:1601522968/image/guilherme.png?f=1x1&q=0.9&w=360&$p$f$q$w=76b46ee
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
157332
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
15166
expires
Sat, 19 Jun 2021 13:19:32 GMT
conill.png
www.correiodopovo.com.br/image/policy:1.490143:1601522968/image/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490143:1601522968/image/conill.png?f=1x1&q=0.9&w=360&$p$f$q$w=5265847
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
d3674fcd1c65192a32ebf67cc37b9aa3dbd5a83b1f67b590c7e2d08d30eae1d4

Request headers

:path
/image/policy:1.490143:1601522968/image/conill.png?f=1x1&q=0.9&w=360&$p$f$q$w=5265847
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
141166
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
15134
expires
Sat, 19 Jun 2021 13:19:32 GMT
taline.png
www.correiodopovo.com.br/image/policy:1.490134:1601522966/image/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490134:1601522966/image/taline.png?f=1x1&q=0.9&w=360&$p$f$q$w=4c53641
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
49582fd71fd13d10cd0d8071d8ddbf9abc5f5292e5f2bf83ff4028cd99dc16ea

Request headers

:path
/image/policy:1.490134:1601522966/image/taline.png?f=1x1&q=0.9&w=360&$p$f$q$w=4c53641
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
190658
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
18710
expires
Sat, 19 Jun 2021 13:19:32 GMT
nando.png
www.correiodopovo.com.br/image/policy:1.490125:1601522850/image/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490125:1601522850/image/nando.png?f=1x1&q=0.9&w=360&$p$f$q$w=94728cc
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
ee2eb05a42f913e9d0b507359bf249acc024088eae85e30976cca0169a557cd2

Request headers

:path
/image/policy:1.490125:1601522850/image/nando.png?f=1x1&q=0.9&w=360&$p$f$q$w=94728cc
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
154908
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
16348
expires
Sat, 19 Jun 2021 13:19:32 GMT
jurandir.png
www.correiodopovo.com.br/image/policy:1.490138:1601522967/image/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490138:1601522967/image/jurandir.png?f=1x1&q=0.9&w=360&$p$f$q$w=44f0cae
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
06312eaf6212c106b7eb9c622c7023c9a0991b83a098b666ca0ca40efc503a2b

Request headers

:path
/image/policy:1.490138:1601522967/image/jurandir.png?f=1x1&q=0.9&w=360&$p$f$q$w=44f0cae
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
169649
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
21864
expires
Sat, 19 Jun 2021 13:19:32 GMT
bessi.png
www.correiodopovo.com.br/image/policy:1.490144:1601522969/image/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490144:1601522969/image/bessi.png?f=1x1&q=0.9&w=360&$p$f$q$w=0159d65
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
af1f381103707015c1efb1924b9104a024a2a78c7c9e8a94f374764d19e6529e

Request headers

:path
/image/policy:1.490144:1601522969/image/bessi.png?f=1x1&q=0.9&w=360&$p$f$q$w=0159d65
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
176614
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
18416
expires
Sat, 19 Jun 2021 13:19:32 GMT
gonzaga.png
www.correiodopovo.com.br/image/policy:1.490141:1601522968/image/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490141:1601522968/image/gonzaga.png?f=1x1&q=0.9&w=360&$p$f$q$w=f2519d3
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
e1525da0eb146a3c688ebfdb6c6e70e0488f8e39fbc4c61a7fbd62c906dd0747

Request headers

:path
/image/policy:1.490141:1601522968/image/gonzaga.png?f=1x1&q=0.9&w=360&$p$f$q$w=f2519d3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
194247
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
21096
expires
Sat, 19 Jun 2021 13:19:32 GMT
Prancheta%2048.png
www.correiodopovo.com.br/image/policy:1.490135:1601522966/image/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490135:1601522966/image/Prancheta%2048.png?f=1x1&q=0.9&w=360&$p$f$q$w=bce90c1
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
13ccb9daf82a23a5a1c8b7fbcd074b720fa6bb5144ab2a95d17ab6fc83a2f913

Request headers

:path
/image/policy:1.490135:1601522966/image/Prancheta%2048.png?f=1x1&q=0.9&w=360&$p$f$q$w=bce90c1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
164232
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
17390
expires
Sat, 19 Jun 2021 13:19:32 GMT
alexandre.png
www.correiodopovo.com.br/image/policy:1.488037:1601342579/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.488037:1601342579/alexandre.png?f=1x1&q=0.9&w=360&$p$f$q$w=885fff7
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
fa7f3e34aeffa172cebd8a89c53a94f3fb5804b9c6b2ddeccdfc14e95d163ffb

Request headers

:path
/image/policy:1.488037:1601342579/alexandre.png?f=1x1&q=0.9&w=360&$p$f$q$w=885fff7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
172753
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
17428
expires
Sat, 19 Jun 2021 13:19:32 GMT
JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2fca2ae6ff4ffea8690cb747cfb9237c873b227c4ad3425a1d84598c8bd0148
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.correiodopovo.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:21 GMT
server
sffe
age
357353
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19240
x-xss-protection
0
expires
Mon, 16 May 2022 10:03:38 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.correiodopovo.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 03:56:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:03 GMT
server
sffe
age
552158
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19272
x-xss-protection
0
expires
Sat, 14 May 2022 03:56:53 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/ 		231 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87252
x-xss-protection
0
server
cafe
etag
5322897297824761394
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 20 May 2021 13:19:32 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/ Frame 2C4E 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210517/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 19 May 2021 22:33:52 GMT
expires
Wed, 02 Jun 2021 22:33:52 GMT
content-type
text/html; charset=UTF-8
etag
15349191498103243965
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4506
x-xss-protection
0
age
53140
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
prebid.js
v3.denakop.com/ 		193 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.denakop.com/prebid.js
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:5a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c20f4e658ca4e7fae8204a198a8c770d19b8eb3e13cca4ddab9769f108173f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7176
cf-polished
origSize=197617
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a2b877afe0000c290a51e3000000001
last-modified
Wed, 12 May 2021 13:06:05 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"609bd2bd-303f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
6525db719f40c290-FRA
cf-bgj
minify
correiodopovo.com.br
v3.denakop.com/ad-request/10102/desktop/ 		656 B
762 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.denakop.com/ad-request/10102/desktop/correiodopovo.com.br
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:5a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9536f1a343804be256fc5fbdf07ae30c27b6024d9cdfe4b16c52f150e439f2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.correiodopovo.com.br
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
private, max-age=1800
access-control-allow-credentials
true
cf-ray
6525db719f3ec290-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a2b877afd0000c290de909000000001
profiles.js
d.tailtarget.com/ Frame 63D9 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/profiles.js
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:26:38 GMT
content-encoding
gzip
age
75174
x-guploader-uploadid
ABg5-UyFCvug5zP9JCNeioffbM51Q1gVEJ2l2_PtDL_MKEmxOCauiBl5FLTKfoTZPuyTFxOxfFbhJEZ42NFvSaYky-I
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
5285
last-modified
Mon, 19 Apr 2021 15:43:34 GMT
server
UploadServer
etag
"603f25fd36318626ab410174bd3e1cd3"
x-goog-hash
crc32c=QOm0Sg==, md5=YD8l/TYxhiarQQF0vT4c0w==
content-language
en
x-goog-generation
1618847014064238
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
5285
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 20 May 2021 16:26:38 GMT
dialogosnovo.png
www.correiodopovo.com.br/image/policy:1.490809:1601591726/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490809:1601591726/image/dialogosnovo.png?f=1x1&q=0.9&w=360&$p$f$q$w=e228cf0
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
466acd3ef2156a1e8d6d03e52cce266d34fc3bcc6935dfaacd538ec88c0b198d

Request headers

:path
/image/policy:1.490809:1601591726/image/dialogosnovo.png?f=1x1&q=0.9&w=360&$p$f$q$w=e228cf0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
11381
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
3930
expires
Sat, 19 Jun 2021 13:19:32 GMT
planocarreira.png
www.correiodopovo.com.br/image/policy:1.490585:1601576035/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490585:1601576035/image/planocarreira.png?f=1x1&q=0.9&w=360&$p$f$q$w=fd4fad1
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
600ff561432bee59a33c280363a5581abc236781c2f29d56d04a8588d9546359

Request headers

:path
/image/policy:1.490585:1601576035/image/planocarreira.png?f=1x1&q=0.9&w=360&$p$f$q$w=fd4fad1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
27000
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
3708
expires
Sat, 19 Jun 2021 13:19:32 GMT
cenarock.png
www.correiodopovo.com.br/image/policy:1.490576:1601576032/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490576:1601576032/image/cenarock.png?f=1x1&q=0.9&w=360&$p$f$q$w=121b5d6
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
f9a3c8c5712cba189115d7a63fbd487719a42ab0d628dc63b0cd506cf1914e97

Request headers

:path
/image/policy:1.490576:1601576032/image/cenarock.png?f=1x1&q=0.9&w=360&$p$f$q$w=121b5d6
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
42068
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4618
expires
Sat, 19 Jun 2021 13:19:32 GMT
dialogos.png
www.correiodopovo.com.br/image/policy:1.490581:1601576033/image/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490581:1601576033/image/dialogos.png?f=1x1&q=0.9&w=360&$p$f$q$w=3cf7946
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
5b8e349fe54136e445a39b530704cf05270fb20a6c144ea0267bd8176eb3698b

Request headers

:path
/image/policy:1.490581:1601576033/image/dialogos.png?f=1x1&q=0.9&w=360&$p$f$q$w=3cf7946
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
8640
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
3468
expires
Sat, 19 Jun 2021 13:19:32 GMT
pitlane.png
www.correiodopovo.com.br/image/policy:1.490575:1601576032/image/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490575:1601576032/image/pitlane.png?f=1x1&q=0.9&w=360&$p$f$q$w=b981aef
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
6cd2df3d9315f215316ec08d7fe62c380aa3617e04bf459924e12b5f2e263c7a

Request headers

:path
/image/policy:1.490575:1601576032/image/pitlane.png?f=1x1&q=0.9&w=360&$p$f$q$w=b981aef
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
24799
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
3556
expires
Sat, 19 Jun 2021 13:19:32 GMT
cinecp.png
www.correiodopovo.com.br/image/policy:1.490582:1601576034/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490582:1601576034/image/cinecp.png?f=1x1&q=0.9&w=360&$p$f$q$w=8ecc1e0
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
65b902c64261cb352f2ee7f0c06de82d636f5e2a026fac7894e8cc505ccc7624

Request headers

:path
/image/policy:1.490582:1601576034/image/cinecp.png?f=1x1&q=0.9&w=360&$p$f$q$w=8ecc1e0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
28419
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4402
expires
Sat, 19 Jun 2021 13:19:32 GMT
fotocorreio.png
www.correiodopovo.com.br/image/policy:1.490574:1601576031/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490574:1601576031/image/fotocorreio.png?f=1x1&q=0.9&w=360&$p$f$q$w=2ca0c40
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
14cc03bc3cb62a25bc65bb84d6a79e30a8e18abfdd395ecc9000861ee45443dd

Request headers

:path
/image/policy:1.490574:1601576031/image/fotocorreio.png?f=1x1&q=0.9&w=360&$p$f$q$w=2ca0c40
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
41706
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4336
expires
Sat, 19 Jun 2021 13:19:32 GMT
carrosemotos.png
www.correiodopovo.com.br/image/policy:1.490586:1601576035/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490586:1601576035/image/carrosemotos.png?f=1x1&q=0.9&w=360&$p$f$q$w=b7bd3d6
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
508fba79123a7eca704546da35ebb132e46337686b8a5a67c4211e0a16e28e8e

Request headers

:path
/image/policy:1.490586:1601576035/image/carrosemotos.png?f=1x1&q=0.9&w=360&$p$f$q$w=b7bd3d6
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
26579
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4220
expires
Sat, 19 Jun 2021 13:19:32 GMT
correiofeminino.png
www.correiodopovo.com.br/image/policy:1.490579:1601576033/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490579:1601576033/image/correiofeminino.png?f=1x1&q=0.9&w=360&$p$f$q$w=89a48d9
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
5e9053378edea86a34d5c4cbe3c55b92694ff648e79930224b842a730de76189

Request headers

:path
/image/policy:1.490579:1601576033/image/correiofeminino.png?f=1x1&q=0.9&w=360&$p$f$q$w=89a48d9
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
40227
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4758
expires
Sat, 19 Jun 2021 13:19:32 GMT
seculonovo.png
www.correiodopovo.com.br/image/policy:1.490810:1601591727/image/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490810:1601591727/image/seculonovo.png?f=1x1&q=0.9&w=360&$p$f$q$w=8c77f46
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
d4852e0c1e28302c1d482a7afe0c0cd2caf3207aa83bb34cdfa182dd2e6386ae

Request headers

:path
/image/policy:1.490810:1601591727/image/seculonovo.png?f=1x1&q=0.9&w=360&$p$f$q$w=8c77f46
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
49818
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
8110
expires
Sat, 19 Jun 2021 13:19:32 GMT
logo%20of-jor02.png
www.correiodopovo.com.br/image/policy:1.515193:1604606827/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.515193:1604606827/logo%20of-jor02.png?f=1x1&q=0.9&w=360&$p$f$q$w=995a2dd
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
e2d9bd9f5ffc43461e3a39c12001ed9c90664a090e83eb7985434dd93c283e21

Request headers

:path
/image/policy:1.515193:1604606827/logo%20of-jor02.png?f=1x1&q=0.9&w=360&$p$f$q$w=995a2dd
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
34768
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
12048
expires
Sat, 19 Jun 2021 13:19:32 GMT
campereada.png
www.correiodopovo.com.br/image/policy:1.490577:1601576032/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490577:1601576032/image/campereada.png?f=1x1&q=0.9&w=360&$p$f$q$w=e6f6f9b
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
8248af8592a78954b8050a4f78d12e1680a57a0f2a8884bae9eec06116d3d8c5

Request headers

:path
/image/policy:1.490577:1601576032/image/campereada.png?f=1x1&q=0.9&w=360&$p$f$q$w=e6f6f9b
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
24813
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4240
expires
Sat, 19 Jun 2021 13:19:32 GMT
bichoamigo.png
www.correiodopovo.com.br/image/policy:1.490578:1601576033/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490578:1601576033/image/bichoamigo.png?f=1x1&q=0.9&w=360&$p$f$q$w=19ed566
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
74c58dceae9cbe820cdf7d14bf41fd03a98f9e19cfc5a96327d0c13db2777390

Request headers

:path
/image/policy:1.490578:1601576033/image/bichoamigo.png?f=1x1&q=0.9&w=360&$p$f$q$w=19ed566
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
33055
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4332
expires
Sat, 19 Jun 2021 13:19:32 GMT
livrosamais.png
www.correiodopovo.com.br/image/policy:1.490584:1601576034/image/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490584:1601576034/image/livrosamais.png?f=1x1&q=0.9&w=360&$p$f$q$w=57ef8e7
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
66623b0935ee7dfbc98fcace56472beb123f03c695a443c8793ae1d0f9c22b3b

Request headers

:path
/image/policy:1.490584:1601576034/image/livrosamais.png?f=1x1&q=0.9&w=360&$p$f$q$w=57ef8e7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
40778
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
5496
expires
Sat, 19 Jun 2021 13:19:32 GMT
/
vacina.saude.rs.gov.br/ Frame D6C4 		3 MB
642 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0 ASP.NET
Resource Hash
ccd9a6015e8b5f982a3e135cfbf1fee3f53925720dde880567544a11a58a000f

Request headers

:method
GET
:authority
vacina.saude.rs.gov.br
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

content-type
text/html
content-encoding
gzip
last-modified
Thu, 20 May 2021 13:11:15 GMT
accept-ranges
bytes
etag
"375d3f-5c2c2ad9376e6"
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0 ASP.NET
date
Thu, 20 May 2021 13:19:33 GMT
204496277643064
connect.facebook.net/signals/config/ 		254 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/204496277643064?v=2.9.39&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
425986da2e02da8b34033595c0bc8208f07136653cae6b24393ee50bd35b8415
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
TBZjeZ0oh+YR2KALgXL7h07GR1+X5xc24JMr5TYqXYhSA/pbs2v3hyQE8k/zMNb11372TEFxC0N4AJ0pdmkHEg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 20 May 2021 13:19:32 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
rules-p-HGAVM7nQJ_sep.js
rules.quantcount.com/ 		3 B
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-HGAVM7nQJ_sep.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:6a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 00:53:25 GMT
via
1.1 a7631312afe99e40229aa0da70662113.cloudfront.net (CloudFront)
age
44768
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 20:26:00 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
Nl2ko_fUo97c_d0Cjsjybzx0ubIrE_m9ykmuJ1ldg8Iuhz6P08wvfQ==
ricardo-salles_mcamgo_abr_220420211818-9.jpg
www.correiodopovo.com.br/image/policy:1.622312:1621444914/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.622312:1621444914/ricardo-salles_mcamgo_abr_220420211818-9.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=8c63775&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
cd62db48fe38b5f3ec0ab5eb8a38167f7fa7d360d9c73ac44439416f6f7b550d

Request headers

:path
/image/policy:1.622312:1621444914/ricardo-salles_mcamgo_abr_220420211818-9.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=8c63775&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
10808
expires
Sat, 19 Jun 2021 13:19:32 GMT
51158600218_783f4a39eb_o.jpg
www.correiodopovo.com.br/image/policy:1.621360:1621295241/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.621360:1621295241/51158600218_783f4a39eb_o.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=e968d53&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
b5299a75c461bd083e7b974222999d4df3957c9ed4ec34662a1e8830c0d37d41

Request headers

:path
/image/policy:1.621360:1621295241/51158600218_783f4a39eb_o.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=e968d53&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
11436
expires
Sat, 19 Jun 2021 13:19:32 GMT
ROLLINGSTONESEMPOA160302D.jpg
www.correiodopovo.com.br/image/policy:1.619101:1620926310/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.619101:1620926310/ROLLINGSTONESEMPOA160302D.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=150889b&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
9bb352c2fc96520ae890ff0c1d27abe98ee00df999294febf4f194dcc80d9702

Request headers

:path
/image/policy:1.619101:1620926310/ROLLINGSTONESEMPOA160302D.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=150889b&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
18838
expires
Sat, 19 Jun 2021 13:19:32 GMT
wind-farm-1209335.jpg
www.correiodopovo.com.br/image/policy:1.584689:1615486900/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.584689:1615486900/wind-farm-1209335.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=745a0aa&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
8048551008ffd51823ff935cfe8b20691143984aa7bc3b7d2e720af92ee54a98

Request headers

:path
/image/policy:1.584689:1615486900/wind-farm-1209335.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=745a0aa&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
16146
expires
Sat, 19 Jun 2021 13:19:32 GMT
NOITEDOSMUSEUS2019_PUBLICO190518J.jpg
www.correiodopovo.com.br/image/policy:1.532081:1607100841/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.532081:1607100841/NOITEDOSMUSEUS2019_PUBLICO190518J.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=81d69d8&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
a6b771e9d8e68cfa8ef0d0bc8e3cbe90ed3e4cb2767155953383360caae1b4ac

Request headers

:path
/image/policy:1.532081:1607100841/NOITEDOSMUSEUS2019_PUBLICO190518J.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=81d69d8&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
14188
expires
Sat, 19 Jun 2021 13:19:32 GMT
CABINEDEVOTACAODOTREPOA.jpg
www.correiodopovo.com.br/image/policy:1.520273:1605302767/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.520273:1605302767/CABINEDEVOTACAODOTREPOA.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f70c9a3&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
cfef45803dc66cb82642977c78b48f4f53b9d03a7bb0c0ed3c91f1f17fada608

Request headers

:path
/image/policy:1.520273:1605302767/CABINEDEVOTACAODOTREPOA.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f70c9a3&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
6594
expires
Sat, 19 Jun 2021 13:19:32 GMT
INCENDIONAAMAZONIA190825.jpg
www.correiodopovo.com.br/image/policy:1.456793:1595967208/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.456793:1595967208/INCENDIONAAMAZONIA190825.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=64205f1&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
d14a92927736ceba28302c4a9912a202758709026fa4b609183b224c254fce6a

Request headers

:path
/image/policy:1.456793:1595967208/INCENDIONAAMAZONIA190825.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=64205f1&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
23524
expires
Sat, 19 Jun 2021 13:19:32 GMT
CONFLITONAALEMANHAEM1920.jpg
www.correiodopovo.com.br/image/policy:1.406675:1584663803/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.406675:1584663803/CONFLITONAALEMANHAEM1920.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f0a14f3&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
75046723690e555b59fc656ce2b75707fb2e249e7d9446d007210cbec429007c

Request headers

:path
/image/policy:1.406675:1584663803/CONFLITONAALEMANHAEM1920.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f0a14f3&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
29062
expires
Sat, 19 Jun 2021 13:19:32 GMT
gremiocoronaGT13.jpg
www.correiodopovo.com.br/image/policy:1.406650:1584655134/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.406650:1584655134/gremiocoronaGT13.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=4b0672b&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
814fbfc1804f477d3a12ef1a73ab55d287331f176ef7c96ea0049c4cfeb806f4

Request headers

:path
/image/policy:1.406650:1584655134/gremiocoronaGT13.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=4b0672b&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
9148
expires
Sat, 19 Jun 2021 13:19:32 GMT
WhatsApp%20Image%202020-02-26%20at%2015.49.33.jpeg
www.correiodopovo.com.br/image/policy:1.401717:1582743154/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.401717:1582743154/WhatsApp%20Image%202020-02-26%20at%2015.49.33.jpeg?a=1%3A1&q=0.9&w=250&$p$a$q$w=54b6129&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
ec2e1296380c1680aef32b3123b5d26e3a343b94e14fda81520920cecc93cee4

Request headers

:path
/image/policy:1.401717:1582743154/WhatsApp%20Image%202020-02-26%20at%2015.49.33.jpeg?a=1%3A1&q=0.9&w=250&$p$a$q$w=54b6129&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
14730
expires
Sat, 19 Jun 2021 13:19:32 GMT
000_1P67ML.jpg
www.correiodopovo.com.br/image/policy:1.401058:1582333779/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.401058:1582333779/000_1P67ML.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=701184a&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
4c051a904ed3bc243e02450daa9e52e53f378348f4e3e997c8c94134b1553484

Request headers

:path
/image/policy:1.401058:1582333779/000_1P67ML.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=701184a&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
20584
expires
Sat, 19 Jun 2021 13:19:32 GMT
CONCEICAOEVARISTO.jpg
www.correiodopovo.com.br/image/policy:1.397524:1580848385/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.397524:1580848385/CONCEICAOEVARISTO.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=6da6c81&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
42fc70955f09c40a96eb48b58d9f6e088a33b41ce5e925906b3c6eaae32e90c2

Request headers

:path
/image/policy:1.397524:1580848385/CONCEICAOEVARISTO.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=6da6c81&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
14550
expires
Sat, 19 Jun 2021 13:19:32 GMT
the-dead-line-in-the-raod-1175899-1599x1024.jpg
www.correiodopovo.com.br/image/policy:1.392853:1578957861/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.392853:1578957861/the-dead-line-in-the-raod-1175899-1599x1024.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=678551e&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
46fd479ffb31457f997272daabf4e1791a0f0814c2127888ef6ecd526d37d00b

Request headers

:path
/image/policy:1.392853:1578957861/the-dead-line-in-the-raod-1175899-1599x1024.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=678551e&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
2438
expires
Sat, 19 Jun 2021 13:19:32 GMT
IAR%202019-79.jpg
www.correiodopovo.com.br/image/policy:1.377823:1572903045/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.377823:1572903045/IAR%202019-79.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f20df16&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
18c87d635507565f16cae963e310d041099274a6788a409f49ca7dcb1fd5d0bb

Request headers

:path
/image/policy:1.377823:1572903045/IAR%202019-79.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f20df16&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
16342
expires
Sat, 19 Jun 2021 13:19:32 GMT
prebid.js
tagmanager.smartadserver.com/ 		601 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagmanager.smartadserver.com/prebid.js
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-113.deploy.static.akamaitechnologies.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
17f51b6b7becd307827ebd7e0184f13419a7df47827d58f758d958534ef32c58

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 13:19:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Apr 2021 13:48:07 GMT
Server
Apache/2.4.25 (Debian)
ETag
"964ff-5c0539461064b-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=477
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
192545
Expires
Thu, 20 May 2021 13:27:29 GMT
profiles.js
barra.r7.com/tailtarget/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://barra.r7.com/tailtarget/profiles.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
184.30.20.54 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c3325fba4bc0b8a61018adb2d0bb0fa89a1ab92e7fb8459bc16d39209b82ad7f

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 17:02:29 GMT
server
AkamaiNetStorage
etag
"8004950a941b96d9c812191aaaa6ce00:1618419749.19302"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=380613
accept-ranges
bytes
content-length
5253
ac
www5.smartadserver.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=99869&async=1&visit=s&tmstp=2216440575&tag=sas_99869&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
6844649b3ba012bb5f4ecf36df70fa1ee23a951aae5596823a3992d04295b0fb

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:32 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b22%3b124
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i
10108470
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
js
www.googletagmanager.com/gtag/ 		118 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B73LS4GNNN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ac236d488ce8c272fc5d08b70cb2f9630aa481e321be283cf1c2a209fd144241
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46489
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:32 GMT
329022_2819.js
receiver.posclick.dinamize.com/forms/js/ 		87 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://receiver.posclick.dinamize.com/forms/js/329022_2819.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.23.208.81 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-23-208-81.us-east-2.compute.amazonaws.com
Software
Dinamize-PcReceiver /
Resource Hash
961cb61d6a9bbaa0ef6485fcd8bb7b8dc500ab65e287cb3e98fff3ff75e48454

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 13:19:32 GMT
server
Dinamize-PcReceiver
etag
2021-05-19 14:53:24.074365618 -0300 -03 m=+1.147663895
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
content-length
24502
platform.js
apis.google.com/js/ 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1533a0437bab2af5169ff33ed8f37ebb2791793bb3e7001bbd6452a8db798216
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-npTeLLsewkDfl+CT71oJqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"a68431d28598ca094cc7a5b791b0415c"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-npTeLLsewkDfl+CT71oJqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Thu, 20 May 2021 13:19:32 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.correiodopovo.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 21:32:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:50 GMT
server
sffe
age
143246
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
expires
Wed, 18 May 2022 21:32:06 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=22153319&ns__t=1621516772253&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1621516772253&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F&c9=
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1621516772253&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F&c9=
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-82.fra6.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
via
1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
kciudFXHFoTzs0I--0h-6-DiLdrUHxG3Gj_fCeo_GOkqFlP7cPRDEw==

Redirect headers

date
Thu, 20 May 2021 13:19:32 GMT
via
1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1621516772253&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F&c9=
content-length
184
x-amz-cf-id
S7nrEpyZvGot8TwRXv5hYOTMTjpd55the6ietyZ8Y2xR2GWdXRN3xg==
load.js
widget.perfectmarket.com/correiodopovo/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/correiodopovo/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
423ae58602522fab7a5f245fa6f8a214da4a76f0a8d8a6b1f809a5ef6dd75b86

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
OX_wFyoLLxdy6CvRXTBfoc.VwLgDWCuR
content-encoding
gzip
etag
"958ac9562841470c9f6dee2a6538099e"
age
0
x-cache
MISS, MISS
content-length
1253
x-amz-id-2
iZrv5u+vsXU3vcZ2fDn2nRj4XOEnG4As9vkzdnK3ALu4oTjHf6xfhbSLyTMoVtAiR2BdcBQWPwA=
x-served-by
cache-lax10628-LGB, cache-fra19135-FRA
last-modified
Thu, 09 Apr 2020 05:41:41 GMT
server
AmazonS3
x-timer
S1621516772.435288,VS0,VE332
date
Thu, 20 May 2021 13:19:32 GMT
vary
Accept-Encoding,,
x-amz-request-id
7C0SY5QNBQHPGWPH
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
0, 0
impl.20210520-3-RELEASE.js
cdn.taboola.com/libtrc/ 		491 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210520-3-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
986007c6e5ee35ac075b04c5eb0a766f9d5d744acb8f9e55122fd5aec690d94c

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
nRv7kaSu.jFsYmfRc9Y0WguRov_K62vI
content-encoding
br
etag
"199965e0ca4e9a0d105c520257461a50"
age
17403
x-cache
HIT
content-length
114965
x-amz-id-2
AbOYB8sRPlTRzZMWENOpEoX/xSCi6xkTMdwEUzqBoMcLBR7dX50mKf1IkbAClF9MMzuO5jGaYKQ=
x-served-by
cache-fra19179-FRA
last-modified
Thu, 20 May 2021 08:28:07 GMT
server
AmazonS3-br
x-timer
S1621516772.346360,VS0,VE0
date
Thu, 20 May 2021 13:19:32 GMT
vary
Accept-Encoding
x-amz-request-id
NBBHC5R1DXGFV816
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
15
x-cache-hits
41745
cookie.js
partner.googleadservices.com/gampad/ 		210 B
414 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.correiodopovo.com.br&callback=_gfp_s_&client=ca-pub-3488053582622085
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
a0344654400c543fe5276f74fccb78123bd1e4ccc649ece2fff96aa20cbd0d46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
198
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 13:19:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 13:19:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0B44 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488053582622085&output=html&adk=1812271804&adf=3025194257&lmt=1621516772&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A134217856%2C9%3A134250632%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516772018&bpp=5&bdt=518&idt=309&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2101811417430&frm=20&pv=2&ga_vid=1256743437.1621516772&ga_sid=1621516772&ga_hid=1177652325&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066434%2C21065724%2C31060840&oid=3&pvsid=1397360267801707&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=331
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3488053582622085&output=html&adk=1812271804&adf=3025194257&lmt=1621516772&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A134217856%2C9%3A134250632%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516772018&bpp=5&bdt=518&idt=309&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2101811417430&frm=20&pv=2&ga_vid=1256743437.1621516772&ga_sid=1621516772&ga_hid=1177652325&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066434%2C21065724%2C31060840&oid=3&pvsid=1397360267801707&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=331
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 20 May 2021 13:19:32 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 20-May-2021 13:34:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 20 May 2021 13:19:32 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621424113157718"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27995
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:32 GMT
pixel;r=1994451072;rf=0;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fwww.correiodopovo.com.br%2F;uht=2;fpan=1;fpa=P0-1638930444-1621516772359;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1994451072;rf=0;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fwww.correiodopovo.com.br%2F;uht=2;fpan=1;fpa=P0-1638930444-1621516772359;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=correiodopovo.com.br;je=0;sr=1600x1200x24;dst=1;et=1621516772359;tzo=-120;ogl=title.Correio%20do%20Povo%2Csite_name.Correio%20do%20Povo%2Curl.https%3A%2F%2Fwww%252Ecorreiodopovo%252Ecom%252Ebr%2F%2Cdescription.%2Ctype.website
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:32 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ 		237 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38925d240f4b29b4c9fa9607af4efac53ada2ed1659acdf69262934abb6223a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:32:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 20:19:21 GMT
server
sffe
age
586029
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83874
x-xss-protection
0
expires
Fri, 13 May 2022 18:32:23 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=204496277643064&ev=PageView&dl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&rl=&if=false&ts=1621516772416&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.2.1621516772405.396594661&it=1621516772146&coo=false&exp=l1&rqm=GET
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 20 May 2021 13:19:32 GMT
collect
www.google-analytics.com/g/ 		0
78 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-B73LS4GNNN&gtm=2oe5c1&_p=1177652325&sr=1600x1200&ul=en-us&cid=1256743437.1621516772&_s=1&dl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&dt=Correio%20do%20Povo&sid=1621516772&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B73LS4GNNN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210520
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dda7802e5d3be02ad2054fc3e8dd05ab2a9318637120997c750ab89f0af5965d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
28740
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
931
etag
W/"69b-cH6n5LUWwabKB7JoV+QKkXIieYg"
x-served-by
cache-fra19178-FRA, cache-hhn4073-HHN
date
Thu, 20 May 2021 13:19:32 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cdb
bidder.criteo.com/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.29.0&cb=87063306843
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Thu, 20 May 2021 13:19:32 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Thu, 20 May 2021 13:19:32 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Thu, 20 May 2021 13:19:33 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.29.0&cb=22382850900
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Thu, 20 May 2021 13:19:32 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
iframe_api
www.youtube.com/ 		980 B
824 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af0968fb178c7fcb64ce8b722be02a0bd1df0b61aa5329d69660098869ea6e01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:32 GMT
profile
d.t.tailtarget.com/ Frame 63D9 		92 B
268 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.t.tailtarget.com/profile
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/profiles.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 20:26:00 GMT
server
nginx/1.17.8
etag
W/"5e333bd8-5c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
via
1.1 google
cache-control
max-age=3600
alt-svc
clear
expires
Thu, 20 May 2021 14:19:32 GMT
cdb
bidder.criteo.com/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.29.0&cb=73444166216
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Thu, 20 May 2021 13:19:32 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Thu, 20 May 2021 13:19:32 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.29.0&cb=5362958537
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Thu, 20 May 2021 13:19:31 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Thu, 20 May 2021 13:19:33 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
postmessageRelay
accounts.google.com/o/oauth2/ Frame 395B 		566 B
862 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
552de1ad5c0467eb8ec1a7947ccce51a01d3438d6d86da47549467cb20046d6b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Y7ecWWdZXHx0xBneDA8JDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=216=aYXeCvpB83JJrGm5oFvMYKUm846c-yqHT3P81LYCcQrm9_BiRYNe1WPoJ44Xh5DCt63p0SZaj3IeeqvR5wh7wCHM5p8P26U5A05Yq9_urEWuzuxSnG4syZ2D4Te9D__pUNNnymd8uawUQ_wQ9VzIlpjfsJ6fNIEvq2JYf99Yi9Q
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 20 May 2021 13:19:32 GMT
content-security-policy
script-src 'report-sample' 'nonce-Y7ecWWdZXHx0xBneDA8JDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
stories-vertical-ui.20210520-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		585 B
712 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/stories-vertical-ui.20210520-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9eb8abd21cd55dccbf594f924fc021a47ad55572e0f621d5cb3fd587e9f668f8

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
h2LnXsN1MEUIgc.BGm.TF4zswzpOi_My
content-encoding
gzip
etag
"938a8cab946323c5b078805ed527becd"
age
8259
x-cache
HIT
x-amz-replication-status
PENDING
content-length
316
x-amz-id-2
iuak4YquRPURwu/bAi80s4ZG4K7F+AoiTGi4Gwde5c9ozNbpVCy+9YVnzO81MHGlIho64HopMM8=
x-served-by
cache-fra19179-FRA
last-modified
Thu, 20 May 2021 11:01:52 GMT
server
AmazonS3
x-timer
S1621516773.693119,VS0,VE0
date
Thu, 20 May 2021 13:19:32 GMT
vary
Accept-Encoding
x-amz-request-id
2DDT45Q2YDQ841XY
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
15
x-cache-hits
46972
get-action
nr-events.taboola.com/newsroom/1.0/correiodopovo/ 		132 B
229 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nr-events.taboola.com/newsroom/1.0/correiodopovo/get-action?page.url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&view.id=167223364140485368&page.template=home&page.dashboard=home
Requested by
Host: c2.taboola.com
URL: https://c2.taboola.com/nr/correiodopovo/newsroom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4324a6a9a00b6f60ae885d39ce1fc3cbdcfdc81cc2a89e67a12e084d5a98c91d

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.45.228.66:8080
date
Thu, 20 May 2021 13:19:33 GMT
via
1.1 varnish
server
nginx
x-timer
S1621516773.706229,VS0,VE541
x-served-by
cache-hhn11580-HHN
x-cache
MISS
content-type
application/json;charset=UTF-8
accept-ranges
bytes
content-length
132
x-application-context
front-page-event-server:production
x-cache-hits
0
www-widgetapi.js
www.youtube.com/s/player/fba90263/www-widgetapi.vflset/ 		120 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fba90263/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24c019d75ebd646300d09cf1961f824ae2cc235afbe807354660f7b88a4822b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:27:51 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 19 May 2021 01:59:33 GMT
server
sffe
age
6701
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40852
x-xss-protection
0
expires
Fri, 20 May 2022 11:27:51 GMT
notify-impression
nr-events.taboola.com/newsroom/1.0/correiodopovo/ 		0
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nr-events.taboola.com/newsroom/1.0/correiodopovo/notify-impression?page.url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&view.id=167223364140485368&page.template=home&page.dashboard=home
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.45.114.254:8080
date
Thu, 20 May 2021 13:19:32 GMT
via
1.1 varnish
server
nginx
x-timer
S1621516773.774738,VS0,VE9
x-served-by
cache-hhn11580-HHN
x-cache
MISS
accept-ranges
bytes
x-application-context
front-page-event-server:production
x-cache-hits
0
cdb
bidder.criteo.com/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.34.0&cb=60320866963
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Thu, 20 May 2021 13:19:31 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Thu, 20 May 2021 13:19:33 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edb9ac0dc0015&pos=8a96983d017575db4b3edb9cb50d0018&cmd=bid&secure=1
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
afff77b14f4fd39a8df9c4af489f376b4ee451b9183302d7a56d134ac2b505a2

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 20 May 2021 13:19:32 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.correiodopovo.com.br
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edb9ac0dc0015&pos=8a96983d017575db4b3edb9cb50d0018&cmd=bid&secure=1
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
39aa17e99f5b39e1ef53ff580629f3275869a7151e266afc646d9eaf51c49d79

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 20 May 2021 13:19:33 GMT
Server
ATS/7.1.2.128
Age
1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.correiodopovo.com.br
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edb9ac0dc0015&pos=8a96983d017575db4b3edb9cb50d0018&cmd=bid&secure=1
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e8e6dcb13b124bea507bcde9ea4f2c591f6c7c277e041277cb14619c6d2fd411

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 20 May 2021 13:19:32 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.correiodopovo.com.br
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edb9ac0dc0015&pos=8a96983d017575db4b3edb9d8d750019&cmd=bid&secure=1
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
f233796ee55fd25944984755fcaea084557dd93d9e3c4d603c307966cb0f0ff3

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 20 May 2021 13:19:33 GMT
Server
ATS/7.1.2.128
Age
1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.correiodopovo.com.br
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
prebid
ib.adnxs.com/ut/v3/ 		496 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
906fbc467bc895c76cc9abf45c15cbcd8a995c7d0a13ee0511549a79984bfd74
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:32 GMT
X-Proxy-Origin
37.120.131.196; 37.120.131.196; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.147:80
AN-X-Request-Uuid
15388164-9429-4788-bc2b-a4db9ba6cbb1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.correiodopovo.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
496
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		496 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
16c46281a5757747fdd6ca090df54b1d2b5c8ef9b24332addfbede65d9f371cb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:33 GMT
X-Proxy-Origin
37.120.131.196; 37.120.131.196; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.7:80
AN-X-Request-Uuid
76c82fac-8393-4468-ae96-db0a4be34de7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.correiodopovo.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
496
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
capajornal.aspx
portal.correiodopovo.com.br/includes/input/ Frame 8B47 		224 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.correiodopovo.com.br/includes/input/capajornal.aspx
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 , Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
36215762f0b34afa1fa38acacb43aa2b609bfa3ae29b2d660302930653b40997

Request headers

:method
GET
:authority
portal.correiodopovo.com.br
:scheme
https
:path
/includes/input/capajornal.aspx
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_fbp=fb.2.1621516772405.396594661; _ga_B73LS4GNNN=GS1.1.1621516772.1.0.1621516772.0; _ga=GA1.1.1256743437.1621516772; __qca=P0-1638930444-1621516772359; __gads=ID=c75972a526bd2d33-224f268718c800d0:T=1621516772:RT=1621516772:S=ALNI_MYdcQp05Q2mmvCuUZzBkB0H57O0QQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

cache-control
public, max-age=294
content-type
text/html; charset=utf-8
expires
Thu, 20 May 2021 13:24:27 GMT
last-modified
Thu, 20 May 2021 12:54:27 GMT
vary
*
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-origin
*
date
Thu, 20 May 2021 13:19:32 GMT
content-length
224
index.php
stg.truvidplayer.com/ 		977 B
757 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/index.php?sub_user_id=870&widget_id=3680&playlist_id=2617&m=a&cb=3291169207650453
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-97.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
61336b29cb6b82ae8722d1ad8af37e23c0b3983e80642f22c4e07746122ca0a9

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
content-encoding
gzip
x-amz-cf-id
aUln4X-uolO5X3rlZG4GdMyAVF-dcjc9dckR8DWrg69rnZTK6aqSGg==
1
paywall.correiodopovo.com.br/wid/script/ 		376 B
546 B 		Script
General
Check archive.org
Download Go to
Full URL
https://paywall.correiodopovo.com.br/wid/script/1?tags=&loc=https://www.correiodopovo.com.br/&is_visitor=true&is_freemium=true&is_customer=true
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.20.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-20-194.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42ed8aca96bf1e9bb25a813a1176242c2f722734bf4d5048846278b95ae2ae2c

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 13:19:33 GMT
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Content-Length
376
Content-Type
text/plain;charset=UTF-8
ac
www5.smartadserver.com/ 		22 B
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=38077&async=1&visit=s&tmstp=2216440575&tag=sas_38077&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e5b77e18f570c03a69866a02eb1e7281e5ef072043fe6afd68abba126920919a

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:32 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b1%3b116
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
ac
www5.smartadserver.com/ 		22 B
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=31549&async=1&visit=s&tmstp=2216440575&tag=sas_31549&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
de4725cc1de7a73311f5c3cae1a2bd989f59f404fc53f8b216b8c5efe1b93bea

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:32 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b27%3b61
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
usync.html
eus.rubiconproject.com/ Frame A0AA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Requested by
Host: www5.smartadserver.com
URL: https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=99869&async=1&visit=s&tmstp=2216440575&tag=sas_99869&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.correiodopovo.com.br/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"40005-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 20 May 2021 13:19:33 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Date
Thu, 20 May 2021 13:19:33 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
sas-banner-1.2.js
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by
Host: www5.smartadserver.com
URL: https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=99869&async=1&visit=s&tmstp=2216440575&tag=sas_99869&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b5fae5af4f5970094cc33b7f9e835218efb988926e77acc342bf5fb6062f7251

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 13:19:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 May 2021 10:50:13 GMT
Server
AkamaiNetStorage
ETag
"5b8169d94c5f1fd4282490a69ae925c6:1621507950.742921"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9969
client:platform.js
apis.google.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/client:platform.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
14b4b96ca6818049f6d6832323f29955d13f0f01413760e8b483b7a5aa1dba39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
RqOZvYtRBL6x1n7ay0Kq4Q==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1781
x-fb-rlafr
0
x-fb-debug
P3vg0bd6zwtEjDYn0Os0X4n8SDlCwEbKxoYBMISfUsHb43X6y9A8wQ8Ja01K1lnbWYyRBz0gHrbj3paI0W+1FA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
af3bc38996bc0394d1e1f42d194c4cdc
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 20 May 2021 13:19:32 GMT
vary
Accept-Encoding
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"100dcfcfc1d8a67e2f3df5d0c798634c"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 20 May 2021 13:30:26 GMT
widgets.js
platform.twitter.com/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F2) /
Resource Hash
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 13:19:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
1292
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length
28779
x-tw-cdn
VZ
Last-Modified
Wed, 28 Apr 2021 17:57:32 GMT
Server
ECS (frb/67F2)
Etag
"9eb59e5602fef4b3ebf6090856ff21db+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
truncated
/ 		51 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b715761e92524c9442ef612af378e2fdf19167f92492568f4961260e9f377a0a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
p.gif
www.correiodopovo.com.br/logger/ 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/logger/p.gif?d=/2.200
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

:path
/logger/p.gif?d=/2.200
pragma
no-cache
cookie
_fbp=fb.2.1621516772405.396594661; _ga_B73LS4GNNN=GS1.1.1621516772.1.0.1621516772.0; _ga=GA1.1.1256743437.1621516772; __qca=P0-1638930444-1621516772359; denakop_freq={}; __gads=ID=c75972a526bd2d33-224f268718c800d0:T=1621516772:RT=1621516772:S=ALNI_MYdcQp05Q2mmvCuUZzBkB0H57O0QQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
content-encoding
gzip
x-cacheable
NO:Not-Cacheable
server
nginx/1.12.2
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
image/gif
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
57
expires
Sat, 19 Jun 2021 13:19:32 GMT
json
trc.taboola.com/correiodopovo/trc/3/ 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/correiodopovo/trc/3/json?tim=15%3A19%3A32.850&lti=deflated&data=%7B%22id%22%3A105%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1621508545502%2C%22vi%22%3A1621516772848%2C%22cv%22%3A%2220210520-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.correiodopovo.com.br%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A11007%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Mid%20Article%20Thumbnails%22%2C%22cd%22%3A2534.96875%2C%22mw%22%3A1140%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-d%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%201x1%20Home%20Page%22%2C%22orig_uip%22%3A%22Right%20Rail%201x1%20Home%20Page%22%2C%22cd%22%3A6326.625%2C%22mw%22%3A336%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210520-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3bed1f4bad3b984456ba03a05d45cba1da86a34b2e0657b0c855f3478d9fe874

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
333
date
Thu, 20 May 2021 13:19:33 GMT
content-encoding
gzip
server
nginx
x-timer
S1621516773.876947,VS0,VE333
x-served-by
cache-hhn11580-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.correiodopovo.com.br
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
t3m.js
tags.t.tailtarget.com/ 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
6343215ec319675cb28ea91dedd674c1ef83d3fe9ab2cb8c6c0ead70ab810894

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:31:49 GMT
content-encoding
gzip
age
6463
x-guploader-uploadid
ABg5-Uyqxq6ZvS_GwuSqiVbJ_fzzxEVFaZAV5TCCeJJankDa3m430UbSx_1vT4rpOJ5Bdkh1_C6UOtXHx95JY2cXzPeWEobNtA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
15516
last-modified
Wed, 05 May 2021 14:08:42 GMT
server
nginx/1.8.1
etag
"271c70c22b5e385a9b05ca52ce2d90e2"
vary
Accept-Encoding
x-goog-hash
crc32c=srZ4Cw==, md5=JxxwwiteOFqbBcpSzi2Q4g==
x-goog-generation
1620223722043093
via
1.1 google
cache-control
max-age=7200,public
x-goog-stored-content-length
15516
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 20 May 2021 13:31:49 GMT
5adf2406bbb3eb0c0b000002
snippets.r7.com/snippet/ 		20 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippets.r7.com/snippet/5adf2406bbb3eb0c0b000002?callback=r7JsonpCallbackFooter
Requested by
Host: barra.r7.com
URL: https://barra.r7.com/footer/footer-portal/footer-portal.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
184.30.20.54 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6152bfeecad2d29b475f5c67e4e649551203ff8fe5aa99112964bdac59f138f8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
etag
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
!no-store, must-revalidate, max-age=1800
accept-ranges
bytes
content-length
2112
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.correiodopovo.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 21:31:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
age
143276
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
expires
Wed, 18 May 2022 21:31:36 GMT
fontawesome-webfont.woff
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/fonts/ 		82 KB
82 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/fonts/fontawesome-webfont.woff?v=4.1.0
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
7a1d9a7fdb9f6de569ac49bbaafa22ad4dbd395d58bd166ea1b3689113de7f0b

Request headers

sec-fetch-mode
cors
origin
https://www.correiodopovo.com.br
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
_fbp=fb.2.1621516772405.396594661; _ga_B73LS4GNNN=GS1.1.1621516772.1.0.1621516772.0; _ga=GA1.1.1256743437.1621516772; __qca=P0-1638930444-1621516772359; denakop_freq={}; __gads=ID=c75972a526bd2d33-224f268718c800d0:T=1621516772:RT=1621516772:S=ALNI_MYdcQp05Q2mmvCuUZzBkB0H57O0QQ
:path
/polopoly_fs/3.163.1615315420!/fontawesome/fonts/fontawesome-webfont.woff?v=4.1.0
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/css/font-awesome.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.correiodopovo.com.br
Referer
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/fontawesome/fonts/fontawesome-webfont.woff?v=4.1.0
last-modified
Tue, 09 Mar 2021 18:43:42 GMT
server
nginx/1.12.2
age
43
x-cache
HIT
content-type
application/x-font-woff;charset=utf-8
v
5
cache-control
max-age=2592000
expires
Sat, 19 Jun 2021 13:19:32 GMT
temperaturatopo
www.correiodopovo.com.br/cmlink/ 		240 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/cmlink/temperaturatopo
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.143.1551460756!/jquery-1.11.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
bce49d1d03ca581a9c1559e1d5595d03ebaa1123cb5d3f96f532279fc1750b51

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_fbp=fb.2.1621516772405.396594661; _ga_B73LS4GNNN=GS1.1.1621516772.1.0.1621516772.0; _ga=GA1.1.1256743437.1621516772; __qca=P0-1638930444-1621516772359; denakop_freq={}; __gads=ID=c75972a526bd2d33-224f268718c800d0:T=1621516772:RT=1621516772:S=ALNI_MYdcQp05Q2mmvCuUZzBkB0H57O0QQ
:path
/cmlink/temperaturatopo
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html, */*; q=0.01
cache-control
no-cache
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/html, */*; q=0.01
Referer
https://www.correiodopovo.com.br/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:32 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 60.000 /cmlink/temperaturatopo
x-cacheable
YES
server
nginx/1.12.2
age
46
vary
Accept-Encoding
x-cache
HIT
content-type
text/html;charset=utf-8
v
5
cache-control
max-age=300
accept-ranges
bytes
content-length
162
expires
Thu, 20 May 2021 13:24:32 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ 		763 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fe2709db54fb3d3dc405af9a6dc0ba3f8b0a9c48bcd65866c971fa908e87965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 20:19:21 GMT
server
sffe
age
586024
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
498
x-xss-protection
0
expires
Fri, 13 May 2022 18:32:28 GMT
subscribe_embed
www.youtube.com/ Frame 6067 		2 KB
865 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c706449f1d1d901bcaa4d4b17eeb823f18ff517fd4c4c2fe781bf6e4a9fed16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
YSC=WRGhGo4dVKw; VISITOR_INFO1_LIVE=LRSf_7JBJy0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 20 May 2021 13:19:33 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
CONSENT=PENDING+369; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
uozZOzXSBi4
www.youtube.com/embed/ Frame FE17 		52 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/uozZOzXSBi4?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c590aca54c4c209cf85c327fbb0588ff79aaf3767f4a5738cd9de9ac5e62d7e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/uozZOzXSBi4?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
YSC=WRGhGo4dVKw; VISITOR_INFO1_LIVE=LRSf_7JBJy0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 20 May 2021 13:19:33 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
CONSENT=PENDING+463; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
b
sb.scorecardresearch.com/ 		0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1621516773026&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F&c9=
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-82.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:33 GMT
via
1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
e7XnNfBwZu32RIj38DFMSG7l62AsSaVoiRirr57oikEAVDHCimetiQ==
x-cache
Miss from cloudfront
b
sb.scorecardresearch.com/ 		0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=14194541&ns__t=1621516773027&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F&c9=
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-82.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:33 GMT
via
1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
t6L7f-1irrxgOmcGQGaXOsfeGoXpG68Dr7l3mrhPx2k_wuiZB7viqw==
x-cache
Miss from cloudfront
pmk-202003261.4.js
widget.perfectmarket.com/correiodopovo/ 		111 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/correiodopovo/pmk-202003261.4.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/correiodopovo/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a233fdc512c16069e544a929f5289021f796b2e9c439fd8fd867ab01c9ae6eb

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
kqTxPFH_D9zExzTB0PjSGPERIWhbAJJ0
content-encoding
gzip
etag
"722c612becdf55d8463d1c4ea96bd7ea"
age
2497303
x-cache
HIT, HIT
content-length
30933
x-amz-id-2
OzU4x+gQsj3aRNq7o3SccjN4Dj2rLLMvzJjWbqvTqpiL86VBh4HTPPD+tBIG2nXn6WvKP/lwrT0=
x-served-by
cache-lax10631-LGB, cache-fra19135-FRA
last-modified
Thu, 09 Apr 2020 05:41:41 GMT
server
AmazonS3
x-timer
S1621516773.055119,VS0,VE1
date
Thu, 20 May 2021 13:19:33 GMT
vary
Accept-Encoding,,
x-amz-request-id
JFRFR018GQ6120RK
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 1
/
www.facebook.com/tr/ 		0
113 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryxmBJtb3mJieLWryf

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Thu, 20 May 2021 13:19:33 GMT
content-type
text/plain
access-control-allow-origin
https://www.correiodopovo.com.br
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
.jpeg
www.correiodopovo.com.br/image/policy:1.622804:1621515802/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.622804:1621515802/.jpeg?f=3x2&$p$f=c0bd4c2&w=1200&$w=9c05b01
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
ff01449b1bea94db745889e4cf6a95aca957ea1d548392c6219826cdd5763352

Request headers

:path
/image/policy:1.622804:1621515802/.jpeg?f=3x2&$p$f=c0bd4c2&w=1200&$w=9c05b01
pragma
no-cache
cookie
_fbp=fb.2.1621516773116.1981219292
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:33 GMT
server
Azion IMS
x-original-image-size
38066
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
26440
expires
Sat, 19 Jun 2021 13:19:33 GMT
.jpg
www.correiodopovo.com.br/image/policy:1.622777:1621511636/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.622777:1621511636/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
45018ab3be2b4e2e89eda17e73a7ec0a5ec26872ff6ef5cad680919059db39bc

Request headers

:path
/image/policy:1.622777:1621511636/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
pragma
no-cache
cookie
_fbp=fb.2.1621516773116.1981219292
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:33 GMT
server
Azion IMS
x-original-image-size
35778
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
34044
expires
Sat, 19 Jun 2021 13:19:33 GMT
.jpg
www.correiodopovo.com.br/image/policy:1.622721:1621506169/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.622721:1621506169/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
893efdec71c96ce1943ef1aa4aad90b17c69c4605b06363cb67d91161219fa7b

Request headers

:path
/image/policy:1.622721:1621506169/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
pragma
no-cache
cookie
_fbp=fb.2.1621516773116.1981219292
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:33 GMT
server
Azion IMS
x-original-image-size
24058
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
19416
expires
Sat, 19 Jun 2021 13:19:33 GMT
.jpg
www.correiodopovo.com.br/image/policy:1.622690:1621510038/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.622690:1621510038/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
7afd6d7382de0268a425325597decbe50a203c95a3ce5f06624ccd5e00cd7543

Request headers

:path
/image/policy:1.622690:1621510038/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
pragma
no-cache
cookie
_fbp=fb.2.1621516773116.1981219292
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:33 GMT
server
Azion IMS
x-original-image-size
29212
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
26868
expires
Sat, 19 Jun 2021 13:19:33 GMT
.jpg
www.correiodopovo.com.br/image/policy:1.622764:1621510529/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.622764:1621510529/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
56730c46a744459aa3e621b4c911bea63cfd419ae0b83ba88517d09ebf97e838

Request headers

:path
/image/policy:1.622764:1621510529/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
pragma
no-cache
cookie
_fbp=fb.2.1621516773116.1981219292
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:33 GMT
server
Azion IMS
x-original-image-size
31390
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
26478
expires
Sat, 19 Jun 2021 13:19:33 GMT
.jpg
www.correiodopovo.com.br/image/policy:1.622741:1621506607/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.622741:1621506607/.jpg?f=3x2&$p$f=3d7bc82&w=360&$w=1071b2b
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
d48def4cae4a07986d7ba7a0489bbe7c2d4669f2aba3d98c556e353d160d2e37

Request headers

:path
/image/policy:1.622741:1621506607/.jpg?f=3x2&$p$f=3d7bc82&w=360&$w=1071b2b
pragma
no-cache
cookie
_fbp=fb.2.1621516773116.1981219292
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:33 GMT
server
Azion IMS
x-original-image-size
16763
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
15626
expires
Sat, 19 Jun 2021 13:19:33 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
6577
date
Thu, 20 May 2021 11:29:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Thu, 20 May 2021 13:29:56 GMT
2038943760-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame 395B 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/2038943760-postmessagerelay.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5bd9ca2f57b6c388332dd095d8c9be87dc71c2e1b78b843515ae758fe05a1223
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 15:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 23:24:11 GMT
server
sffe
age
78586
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4265
x-xss-protection
0
expires
Thu, 19 May 2022 15:29:47 GMT
rpc:shindig_random.js
apis.google.com/js/ Frame 395B 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dcd36419da7937e52754772f60380387c49f3243240a21f41ca6d87346f72a0e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yJHYctvVnGP9PAoaR78qhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"9315aed2f49db41de65f19f75330f816"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-yJHYctvVnGP9PAoaR78qhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Thu, 20 May 2021 13:19:33 GMT
11.png
www.correiodopovo.com.br/imagens/icons/93x93/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/imagens/icons/93x93/11.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
ce52949e9b1d83b7909932a5a0893e2f7aa0a447c853e21956cf91bc7fbc902d

Request headers

:path
/imagens/icons/93x93/11.png
pragma
no-cache
cookie
_fbp=fb.2.1621516773116.1981219292
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:33 GMT
server
Azion IMS
x-original-image-size
2083
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
1762
expires
Sat, 19 Jun 2021 13:19:33 GMT
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Thu, 20 May 2021 13:19:33 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.29.0&cb=85754079163
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Thu, 20 May 2021 13:19:32 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
ac
www5.smartadserver.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=55382&async=1&visit=s&tmstp=2216440575&tag=sas_55382&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
8a4ce8c10cf1326eb424a47723b85a0aa1de2c19df4216e167a0648636b48264

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:33 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b1%3b118
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i
9041896
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Thu, 20 May 2021 13:19:33 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.29.0&cb=53570506531
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Thu, 20 May 2021 13:19:32 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
ac
www5.smartadserver.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=31547&async=1&visit=s&tmstp=2216440575&tag=sas_31547&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
bd2a0b865bd8877704bae5d0802071a7da620a59190a3173ef020779b67d2de5

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:32 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b1%3b88
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i
10191367
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Thu, 20 May 2021 13:19:33 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.29.0&cb=63790940581
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Thu, 20 May 2021 13:19:32 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
ac
www5.smartadserver.com/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=31546&async=1&visit=s&tmstp=2216440575&tag=sas_31546&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
24cfe6aaecec13b113f8d41e60e0c0588e66e16b22e87e89ff0e99d919e72f17

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:32 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b17%3b71
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i
10142324
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Thu, 20 May 2021 13:19:33 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.29.0&cb=97466526362
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Thu, 20 May 2021 13:19:32 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
ac
www5.smartadserver.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=53988&async=1&visit=s&tmstp=2216440575&tag=sas_53988&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
f0bc367042f0949be4b4930174c39c95b78d1aa1b448a0e28eb8097575122beb

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:32 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b6%3b122
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i
9122889
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
0001_Desktop_f3e6784c-eb64-42c5-af93-57818538b06c.jpg
creatives.sascdn.com/diff/1320/10108470/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/diff/1320/10108470/0001_Desktop_f3e6784c-eb64-42c5-af93-57818538b06c.jpg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1522e3c015d201d5754016ab5fe55a980dec1b7c2f0e631cd08fcca92f4ad771

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 13:19:33 GMT
Last-Modified
Tue, 06 Apr 2021 15:25:33 GMT
Server
AkamaiNetStorage
ETag
"bf57624907354fbc39809ee1a74865da:1617722733.822942"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21417
Expires
Fri, 20 May 2022 13:19:33 GMT
widget_iframe.06c6ee58c3810956b7509218508c7b56.html
platform.twitter.com/widgets/ Frame 31D4 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.correiodopovo.com.br
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6760) /
Resource Hash
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.correiodopovo.com.br/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
573117
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Thu, 20 May 2021 13:19:33 GMT
Etag
"dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified
Wed, 28 Apr 2021 17:56:54 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6760)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105298
3680.js
go.trvdp.com/init/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.trvdp.com/init/3680.js?pid=2617
Requested by
Host: stg.truvidplayer.com
URL: https://stg.truvidplayer.com/index.php?sub_user_id=870&widget_id=3680&playlist_id=2617&m=a&cb=3291169207650453
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9800:3:7e1c:5b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00fed2da5781a8401ff55ba3fd96b6f29e17c802c7636c1be141a7705cd7ee48

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:17:54 GMT
via
1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
last-modified
Tue, 27 Oct 2020 11:05:42 GMT
server
AmazonS3
age
8827300
etag
"270eed6f93a6caf3e2976ddfbf017ed6"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
23347
x-amz-cf-id
Kk1Ho6VixiNKl_wKf-88od75f3cernTF2X5CPSlThQUsv2VX8Ek5rQ==
sdk.js
connect.facebook.net/en_US/ 		215 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=69f0e8855987ce7916c1c19774669e41&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9b7a012dab4a4d1e5902a407b8eb9169935186368a4bbca4e43bce919adf221f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.correiodopovo.com.br
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
hHzn+fw7yWT3t6o9jRHRSg==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
64954
x-fb-rlafr
0
x-fb-debug
EcbCIg+p/9o9HUrCP66FnFDThPeZGLykRnyzM620JR7nmE9HqM4kMNJ203rPGNhTU1AwjH+3R2PZ+VMU+EumuQ==
x-fb-trip-id
2050670934
x-fb-content-md5
09f3f6f14bb8d2a291fba7eef4b3b666
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 20 May 2021 13:19:33 GMT
vary
Accept-Encoding
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"52a51e188c1eb2fb39c160eb594683d9"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 20 May 2022 11:43:05 GMT
8n0akrsyq_6uxg5pnqyh_file
img.r7.com/images/2017/08/08/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.r7.com/images/2017/08/08/8n0akrsyq_6uxg5pnqyh_file
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
184.30.20.54 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5b3373d26e094f2aa6c1c6093de6870d8df1c1412389eaee206bd38f3c5ff81d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:33 GMT
content-encoding
gzip
x-content-digest
28c1724991fa2ce3ead82a1bdae2fe8de11afbc6
x-original-content-length
2183
etag
W/"PSA-aj-a1LSeY01_9"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
!no-store, must-revalidate, max-age=31536000
content-disposition
filename="8n0akrsyq_6uxg5pnqyh_file.png"
accept-ranges
bytes
content-length
1804
x-content-type-options
nosniff
expires
Fri, 20 Nov 2020 21:05:18 GMT
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210520-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2f6d277e9a00330022be2b7ef4441ed84127e2359bfe7f7800c10f294e81917

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
scc9i0WjBcezJETEcKeKlmIHFeg5X8y4
content-encoding
gzip
etag
"559c107d74fc83d8062b2553a1818b07"
age
2139
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5911
x-amz-id-2
oaWjtoybwXcf/v4WF3utsrEWOVBLZIrki4l6iAzPN8PIUxUS/oRUXtX5vCXEBwWMVIZpQj6Qwv0=
x-served-by
cache-fra19179-FRA
last-modified
Mon, 03 May 2021 12:43:43 GMT
server
AmazonS3
x-timer
S1621516773.324665,VS0,VE0
date
Thu, 20 May 2021 13:19:33 GMT
vary
Accept-Encoding
x-amz-request-id
7QP61W5ZQ629Q8FB
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
15
x-cache-hits
11009
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 		2 KB
992 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210520-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding
gzip
etag
"10c372ee2c83a7fd12df18aebc5320c6"
age
23428
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
719
x-amz-id-2
UmOOaCltTJva9V4gBfdf27Oy7jykaqbYXsCDo0A/soIFodQTYZAaWWoYstK76SsHg3hRgjqb/Fo=
x-served-by
cache-fra19179-FRA
last-modified
Tue, 06 Apr 2021 14:48:01 GMT
server
AmazonS3
x-timer
S1621516773.324478,VS0,VE0
date
Thu, 20 May 2021 13:19:33 GMT
vary
Accept-Encoding
x-amz-request-id
CR41745BE06MC588
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
15
x-cache-hits
177713
tfa-eid.20210520-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210520-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7a74171254ab21da9204f07a8a8db491930cd68dda782bcb63cda652d0d51be

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
OzMc1SmFhdY4.7hm0FSiM2fn73h7J0h5
content-encoding
gzip
etag
"b032d92bf00d3226560ba840469d5361"
age
8263
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4866
x-amz-id-2
9FPZoV/wSwYqNn40fLQpuB7uEQFUXec/w/I62VNTj7tPP08RomX8jOrIS4zKACaL/NALE84x+BE=
x-served-by
cache-fra19179-FRA
last-modified
Thu, 20 May 2021 11:01:48 GMT
server
AmazonS3
x-timer
S1621516773.326535,VS0,VE0
date
Thu, 20 May 2021 13:19:33 GMT
vary
Accept-Encoding
x-amz-request-id
GBC5J2GCWZMX1MXX
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
15
x-cache-hits
36483
sha256.20210520-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210520-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
905da32b08c8d9c19cfebee75485321140cc70fda679def3978e3453747adf04

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
AdHycweaudCz.nO6XjOGDT28AlEoyYQE
content-encoding
gzip
etag
"eaf18145b52f845fda67246e8102fbc5"
age
8253
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2595
x-amz-id-2
3pjyUVjLyEOJhkksC/hh3DV1WXAm8fedRyDT0BvxPeSer7go3zLi1ww00tPej+VGzpcUIEgeD/E=
x-served-by
cache-fra19179-FRA
last-modified
Thu, 20 May 2021 11:01:59 GMT
server
AmazonS3
x-timer
S1621516773.351790,VS0,VE0
date
Thu, 20 May 2021 13:19:33 GMT
vary
Accept-Encoding
x-amz-request-id
5DAKF5S6NY4DP13V
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
15
x-cache-hits
34570
userx.20210520-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210520-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ae6763914a4246a02a4714f279e826675c8fbab8d644e93c3fe9de0da330d11

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
1L83uCdnysNTi0j6jfbfmoBL9YoWuSUm
content-encoding
gzip
etag
"fd6998ff90b9ebd39572e0d78f4b2147"
age
8269
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7954
x-amz-id-2
B+Jif/mDIH21kE93a/WxK68VQCg99O+jn2ZRlLHANP5kwumTLwdMZL0m9pjMZjc5KW2EX0TTHvs=
x-served-by
cache-fra19179-FRA
last-modified
Thu, 20 May 2021 11:01:43 GMT
server
AmazonS3
x-timer
S1621516773.360272,VS0,VE0
date
Thu, 20 May 2021 13:19:33 GMT
vary
Accept-Encoding
x-amz-request-id
3Z3TDM5H0J7VAQP5
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
15
x-cache-hits
11167
api.gif
v3.denakop.com/ 		0
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=4cGaVHu7RjeAGC7uqb62aA%2F0&v=5.0.0&sw=1600&sh=1200&ac=a&aa=scroll&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1621516773357&cb=0.18630212909007615
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:33 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
0a2b877fef000016eae29a2000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
6525db797e4416ea-FRA
expires
Sun, 01 Jan 2014 00:00:00 GMT
integrator.js
adservice.google.dk/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.dk/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js?31061259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 13:19:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js?31061259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 13:19:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		53 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1397360267801707&correlator=3026652108240593&output=ldjh&impl=fifs&eid=31060033%2C31060790%2C31061041%2C31061259%2C21065724%2C31060840&vrg=2021051801&ptt=17&sc=1&sfv=1-0-38&ecs=20210520&iu_parts=21715141650%2Cdesktop_scroll%2Cdesktop_under&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F2&prev_iu_szs=970x90%7C728x90%7C970x250%7C728x180%2C970x90%7C728x90%7C970x250%7C728x180%2C970x90%7C728x90%7C970x250%7C728x180%2C970x90%7C728x90&prev_scp=dk_refresh%3Dtrue%26index%3D1%26hostname%3Dwww.correiodopovo.com.br%26pathname%3D%252F%7Cdk_refresh%3Dtrue%26index%3D2%26hostname%3Dwww.correiodopovo.com.br%26pathname%3D%252F%7Cdk_refresh%3Dtrue%26index%3D3%26hostname%3Dwww.correiodopovo.com.br%26pathname%3D%252F%7Cdk_refresh%3Dtrue%26index%3D1%26hostname%3Dwww.correiodopovo.com.br%26pathname%3D%252F&cookie_enabled=1&bc=31&abxe=1&lmt=1621516773&dt=1621516773387&dlt=1621516771500&idt=739&frm=20&biw=1600&bih=1200&oid=3&adxs=315%2C315%2C315%2C315&adys=2037%2C4163%2C6756%2C0&adks=2724556673%2C2508406636%2C1912914939%2C1743014972&ucis=1%7C2%7C3%7C4&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1%7C1600x-1%7C1600x-1%7C970x-1&msz=1600x-1%7C1600x-1%7C1600x-1%7C970x-1&ga_vid=1256743437.1621516772&ga_sid=1621516772&ga_hid=1177652325&ga_fc=false&fws=4%2C4%2C4%2C516&ohw=1600%2C1600%2C1600%2C1600&btvi=1%7C2%7C3%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js?31061259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
1cd03b6e08d2fe23841083e3f99fa8b72d931e70567789831131df06234c5957
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19499
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js?31061259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js?31061259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
api.gif
v3.denakop.com/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=4cGaVHu7RjeAGC7uqb62aA%2F0&v=5.0.0&sw=1600&sh=1200&ac=a2&aa=scroll&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1621516773396&cb=0.5770979882937233
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:33 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
0a2b878013000016eafc009000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
6525db79beab16ea-FRA
expires
Sun, 01 Jan 2014 00:00:00 GMT
api.gif
v3.denakop.com/ 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=4cGaVHu7RjeAGC7uqb62aA%2F0&v=5.0.0&sw=1600&sh=1200&ac=a2&aa=scroll&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1621516773396&cb=0.9824247135801609
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:33 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
0a2b878013000016ea38a50000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
6525db79beac16ea-FRA
expires
Sun, 01 Jan 2014 00:00:00 GMT
api.gif
v3.denakop.com/ 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=4cGaVHu7RjeAGC7uqb62aA%2F0&v=5.0.0&sw=1600&sh=1200&ac=a&aa=under&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1621516773397&cb=0.5483722558105193
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:33 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
0a2b878014000016eaff1d1000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
6525db79bead16ea-FRA
expires
Sun, 01 Jan 2014 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ Frame 395B 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ed7961b640cad3efd4a453277533d8f8c87368d0b46fde38fd5d8d7d9a7dea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:28:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 20:19:21 GMT
server
sffe
age
586244
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18016
x-xss-protection
0
expires
Fri, 13 May 2022 18:28:49 GMT
ac
www5.smartadserver.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=43190&async=1&visit=s&tmstp=2216440575&tag=sas_43190&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
7dca19845fb8fa47d28ddfcda2b6ee88166065fe5418d93c2491765db61cc6b3

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:33 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b7%3b114
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i
9122920
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
ac
www5.smartadserver.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=59524&async=1&visit=s&tmstp=2216440575&tag=sas_59524&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e0f51425326244714ce3cad94c4ee1c40c669860d10b15a734bbd5ec6af88536

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:32 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b5%3b78
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i
9122923
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
ac
www5.smartadserver.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=68987&async=1&visit=s&tmstp=2216440575&tag=sas_68987&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
738be620a1014ae4177469369cec8187151014303746bcd7f32522926b82d776

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:32 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b26%3b57
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i
9122927
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 6067 		38 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 12:26:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 18 Nov 2020 18:15:00 GMT
server
sffe
age
521558
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6066
x-xss-protection
0
expires
Sat, 14 May 2022 12:26:55 GMT
www-subscribe-embed_v0.js
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 6067 		252 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 18:23:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 21:45:00 GMT
server
sffe
age
68140
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73785
x-xss-protection
0
expires
Thu, 19 May 2022 18:23:53 GMT
ac
www5.smartadserver.com/ 		22 B
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=75721&async=1&visit=s&tmstp=2216440575&tag=sas_75721&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
a3c33c7b5803c16252a349b24b1e736c922b0cbe23196c0016428847d7901b25

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:33 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b2%3b114
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
social
trc-events.taboola.com/correiodopovo/log/3/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/correiodopovo/log/3/social?route=AM:IL:V&tvi2=84&lti=deflated&ri=c32e0e4d5b6c67785d53b3c70c18ae4a&sd=v2_2d5ae490bf2a5eb7e63aa2c1392bfabd_101f2a7a-3cf6-47b0-bd48-310b1e38a8f4-tuct79fe764_1621516772_1621516772_CIi3jgYQzeNHGPDLuc-YLyABKAEwOjj5twhAn4oQSLyD2QNQv9kMWABgAGixr-m1yv33zq0B&ui=101f2a7a-3cf6-47b0-bd48-310b1e38a8f4-tuct79fe764&pi=/&wi=-5703500169402860967&pt=home&vi=1621516772848&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.correiodopovo.com.br%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_undefined_%22%2C%22hdl%22%3A%22Correio%20do%20Povo%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=15%3A19%3A33.440&id=2157&llvl=1&cv=20210520-3-RELEASE&
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:33 GMT
server
nginx
x-fastly-to-nlb-rtt
13901
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
tbl-x-upstream
10.40.0.134:10213
e3822e74fae78a27fb19ffd0b416a080.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3822e74fae78a27fb19ffd0b416a080.jpg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
902fd0729bfc758cd0497c1e3d8f4ee08ce57daa4c550d90a9a69a0686c6412f

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 20 May 2021 13:19:33 GMT
via
1.1 varnish, 1.1 varnish
age
1154607
edge-cache-tag
386702319668146069564797337986263358463,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3822e74fae78a27fb19ffd0b416a080.jpg
content-length
9424
x-request-id
cfe9d10a81320cf0c328e4b9f5f951d4
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Thu, 06 May 2021 14:31:43 GMT
server
nginx
x-timer
S1621516774.566400,VS0,VE1
etag
"bbf3bd368acbc60eb8ff8134b612da00"
x-served-by
cache-wdc5564-WDC, cache-dca12921-DCA, cache-hhn11580-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
8e4dd95879be16c55f50e29c8b7071db.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e4dd95879be16c55f50e29c8b7071db.jpg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0ea7a5cf34e2d3962b8bed59055411f4fe67aa93f24317f31620d48898145dd8

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 20 May 2021 13:19:33 GMT
via
1.1 varnish, 1.1 varnish
age
2439836
edge-cache-tag
322089413535885002890087190934422546620,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Thu, 13 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e4dd95879be16c55f50e29c8b7071db.jpg
content-length
15616
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Mon, 12 Apr 2021 15:28:46 GMT
server
nginx
x-timer
S1621516774.616036,VS0,VE0
etag
"c2d50a453d4853c520519686934829ab"
x-served-by
cache-wdc5540-WDC, cache-dca12929-DCA, cache-hhn11580-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
1f7e0ee38ac5e7f75f28f4edbf3452c9.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1f7e0ee38ac5e7f75f28f4edbf3452c9.jpeg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8d9ab80d054d2e605b9041ee3ecfdfd69a53efe23a4cb3a52de658fd3c47b43a

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 20 May 2021 13:19:33 GMT
via
1.1 varnish, 1.1 varnish
age
2053146
edge-cache-tag
522371784233386667397516713562002035343,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Fri, 07 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1f7e0ee38ac5e7f75f28f4edbf3452c9.jpeg
content-length
36944
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Tue, 06 Apr 2021 08:08:47 GMT
server
nginx
x-timer
S1621516774.669814,VS0,VE1
etag
"c709207c279eeba31d855e3b8b502ae5"
x-served-by
cache-wdc5537-WDC, cache-dca17749-DCA, cache-hhn11580-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
e275d41ede11137b466458a1d068e82a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e275d41ede11137b466458a1d068e82a.jpg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d40f2b4afef1f4eed946a3d960a6c88e0ec4f8bb03d7e45c24ab063488425a46

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Thu, 20 May 2021 13:19:33 GMT
via
1.1 varnish, 1.1 varnish
age
3037158
edge-cache-tag
545838514662658732393906782959908545131,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Sun, 02 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e275d41ede11137b466458a1d068e82a.jpg
content-length
5686
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified
Thu, 01 Apr 2021 23:13:23 GMT
server
nginx
x-timer
S1621516774.687042,VS0,VE3
etag
"8e530f283b64e6a06b99535955c7b37c"
x-served-by
cache-wdc5534-WDC, cache-dca17720-DCA, cache-hhn11580-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
www-player-webp.css
www.youtube.com/s/player/fba90263/ Frame FE17 		359 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fba90263/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/uozZOzXSBi4?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32fb46e37490028d33d014af2fa2446ddbab6ecbf50318e488483b3b9aa59ad0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/uozZOzXSBi4?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 02:54:52 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 19 May 2021 01:59:33 GMT
server
sffe
age
123881
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46235
x-xss-protection
0
expires
Thu, 19 May 2022 02:54:52 GMT
www-embed-player.js
www.youtube.com/s/player/fba90263/www-embed-player.vflset/ Frame FE17 		191 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fba90263/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/uozZOzXSBi4?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e581acc738cba51dead610202c58d80a9ab824bbda760b8764d82d0cd5949015
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/uozZOzXSBi4?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 02:54:52 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 19 May 2021 01:59:33 GMT
server
sffe
age
123881
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64431
x-xss-protection
0
expires
Thu, 19 May 2022 02:54:52 GMT
base.js
www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/ Frame FE17 		2 MB
465 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/uozZOzXSBi4?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6356dab2c76e9e8b9b9fe33f36effc4b58d2268854e1f4d2609204c4752a765a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/uozZOzXSBi4?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 02:55:43 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 19 May 2021 01:59:33 GMT
server
sffe
age
123830
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
476171
x-xss-protection
0
expires
Thu, 19 May 2022 02:55:43 GMT
fetch-polyfill.js
www.youtube.com/s/player/fba90263/fetch-polyfill.vflset/ Frame FE17 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fba90263/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/uozZOzXSBi4?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/uozZOzXSBi4?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 02:54:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 19 May 2021 01:59:33 GMT
server
sffe
age
123886
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8543
x-xss-protection
0
expires
Thu, 19 May 2022 02:54:47 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FE17 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/uozZOzXSBi4?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 06:54:04 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
455129
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Sun, 15 May 2022 06:54:04 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1177652325&t=pageview&_s=1&dl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ul=en-us&de=UTF-8&dt=Correio%20do%20Povo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=1359913301&gjid=1608551986&cid=1256743437.1621516772&tid=UA-4083550-1&_gid=465375410.1621516773&_r=1&gtm=2wg5c1MFKL3B&did=i5iSjo&z=1069026755
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame 6067 		156 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 04:57:47 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Sep 2020 20:15:00 GMT
server
sffe
age
375706
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156
x-xss-protection
0
expires
Mon, 16 May 2022 04:57:47 GMT
16214781565951_normal.jpg
digital2.correiodopovo.com.br/files/flip/CPOVO/15322/up/ Frame 8B47 		176 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digital2.correiodopovo.com.br/files/flip/CPOVO/15322/up/16214781565951_normal.jpg
Requested by
Host: portal.correiodopovo.com.br
URL: https://portal.correiodopovo.com.br/includes/input/capajornal.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.160.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-160-141.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
999e9d04a207ec40f3fc8ef2c55e5e0076f4733a20681dd180096825da1c6367

Request headers

Referer
https://portal.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Thu, 20 May 2021 13:19:33 GMT
Last-Modified
Thu, 20 May 2021 02:53:51 GMT
Server
Apache-Coyote/1.1
ETag
16214781565951_normal.jpg_180329_1621479231000
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public; max-age=31536000
Content-Disposition
inline; filename=16214781565951_normal.jpg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
180329
Expires
Sun, 06 Jun 2021 14:00:02 GMT
js
www.googletagmanager.com/gtag/ 		118 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VH600BGGZW
Requested by
Host: paywall.correiodopovo.com.br
URL: https://paywall.correiodopovo.com.br/wid/script/1?tags=&loc=https://www.correiodopovo.com.br/&is_visitor=true&is_freemium=true&is_customer=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e52e9748877c5d37dda20d44b5990b8d6d961b9be111e8d3531eabda37185ec3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:33 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46489
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:33 GMT
js
www.googletagmanager.com/gtag/ 		118 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VH600BGGZW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e4f2ee4e6cab3237e279603d00e40eb3c565c199a20aeffba0e9a34e83033395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:33 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46489
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:33 GMT
rm_16003_aede0edf-0394-4ec6-b345-fef31694d5cb.gif
creatives.sascdn.com/diff/1320/10191367/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/diff/1320/10191367/rm_16003_aede0edf-0394-4ec6-b345-fef31694d5cb.gif
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
49ce699bc2f71d32d49cdcfcdc1e115436b3eb12dd672249d0777cc17deceea3

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 13:19:33 GMT
Last-Modified
Wed, 19 May 2021 15:05:25 GMT
Server
AkamaiNetStorage
ETag
"58ad36a0188bf0ce25436a4e4779f3d4:1621436725.797794"
Content-Type
image/gif
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38161
Expires
Fri, 20 May 2022 13:19:33 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame F383 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
801dd0d65553bfc907e50b162eccece494a8e153ae228b9f8d7e385a0e37166e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32609
x-xss-protection
0
server
cafe
etag
1087242138440545812
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 20 May 2021 13:19:33 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-4083550-1&cid=1256743437.1621516772&jid=1359913301&gjid=1608551986&_gid=465375410.1621516773&_u=YAhAAEAAAAAAAC~&z=2118814688
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 20 May 2021 13:19:33 GMT
content-type
text/plain
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=898700906848364&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.correiodopovo.com.br%2F&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=69f0e8855987ce7916c1c19774669e41&ua=modern_es6
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
GdrMlLGftKRSWoSUDn7yivZoZErO1TLorB9kZsXFdWOo6b7zttcPusceqrs+40Dykx5+JdbyQsdj5ZGrtT/ezw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 20 May 2021 13:19:33 GMT
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.correiodopovo.com.br
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ Frame 6067 		120 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdbb929d9ca1e2ce7b2b4227a6e752b820a215a1e4a7e6bc56f943887210e2d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 20:19:21 GMT
server
sffe
age
586245
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41440
x-xss-protection
0
expires
Fri, 13 May 2022 18:28:48 GMT
ga-audiences
www.google.com/ads/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-4083550-1&cid=1256743437.1621516772&jid=1359913301&_u=YAhAAEAAAAAAAC~&z=345680746
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-4083550-1&cid=1256743437.1621516772&jid=1359913301&_u=YAhAAEAAAAAAAC~&z=345680746
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
CR-0002-21_-_Aumento_Margem_Consignado_300x250_(1)_fb540eb3-1f82-4950-9119-a96b9fd4171e.jpg
creatives.sascdn.com/diff/1320/10142324/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/diff/1320/10142324/CR-0002-21_-_Aumento_Margem_Consignado_300x250_(1)_fb540eb3-1f82-4950-9119-a96b9fd4171e.jpg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
35b49913cbbf24416c04b5a74bf0ff74b7c976c964e2304f30d579ffd70f1171

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 13:19:33 GMT
Last-Modified
Fri, 07 May 2021 19:54:34 GMT
Server
AkamaiNetStorage
ETag
"736079f186dcf86f97ea5db268532e55:1620417274.260396"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
69464
Expires
Fri, 20 May 2022 13:19:33 GMT
all.min.css
vacina.saude.rs.gov.br/vendor/fontawesome-free/css/ Frame D6C4 		55 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/fontawesome-free/css/all.min.css
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:33 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 17:58:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"dcc5-592af5a54eb00"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
14961
css
fonts.googleapis.com/ Frame D6C4 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0a5cfbf045af61b12e14293d0f7bec876e592d4d6ada400c3701d2c42fbe498e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 20 May 2021 11:22:19 GMT
server
ESF
date
Thu, 20 May 2021 13:19:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 May 2021 13:19:33 GMT
sb-admin-2.css
vacina.saude.rs.gov.br/css/ Frame D6C4 		200 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/css/sb-admin-2.css
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
595b403da260ce0bca3c5c65929755b33f32e3cfc402863713273dbf4782b9a1

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:33 GMT
content-encoding
gzip
last-modified
Fri, 23 Apr 2021 13:28:27 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"31f5d-5c0a3c55e5818"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
42872
dataTables.bootstrap4.min.css
vacina.saude.rs.gov.br/vendor/datatables/ Frame D6C4 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/datatables/dataTables.bootstrap4.min.css
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
17e0da2800a542eb7cee178c202ea84e101132e5a77bcf96cf12034fb8d7b8f0

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:33 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 17:58:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"1466-592af5a54eb00"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1284
style2.css
vacina.saude.rs.gov.br/css/ Frame D6C4 		1 KB
815 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/css/style2.css
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
eed7ceea33ee3b5f6159f6513e4ffd02bf00ab1acfa88ed898195249cb61bf76

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:33 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 12:02:00 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"549-5c001a181d90e"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
726
js
www.googletagmanager.com/gtag/ Frame D6C4 		118 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-61N8QP7DNJ
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
634cd65be298df0c37ecc08654b1335f8a36558a6174996d78870268d1a67fc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46489
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:34 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/ Frame F383 		231 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87252
x-xss-protection
0
server
cafe
etag
5322897297824761394
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 20 May 2021 13:19:33 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 475A 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
801dd0d65553bfc907e50b162eccece494a8e153ae228b9f8d7e385a0e37166e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32609
x-xss-protection
0
server
cafe
etag
1087242138440545812
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 20 May 2021 13:19:33 GMT
p.php
stg.truvidplayer.com/ 		8 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/p.php?sid=870&wid=3680&cb=6445.125077924255&pid=2617&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&isab=0
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/3680.js?pid=2617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-97.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
5ea49dce4ed7b5d04a4ed0f5cf264062e31c4a2e6959e29e59a3084728010087

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:33 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.correiodopovo.com.br
access-control-allow-credentials
true
x-amz-cf-id
ibrL9bAcOjFt46zIt1jzoLbAyiGU7-_1ep5c1sGPQtz-rhMvUsx1hg==
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
id
googleads.g.doubleclick.net/pagead/ Frame FE17
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/uozZOzXSBi4?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c71ae879b1a05ea9dd1ab5091b5ffc554087c41e1718d05f203f9b71321c5641
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 20 May 2021 13:19:33 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame FE17 		29 B
113 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:18:40 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
53
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Thu, 20 May 2021 13:33:40 GMT
usync.js
eus.rubiconproject.com/ Frame A0AA 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3d83af555220c88b18850ee3fbf69a98d6075c6222996861065acc2d619c492d

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 13:19:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 May 2021 17:03:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=20954
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9264
Expires
Thu, 20 May 2021 19:08:47 GMT
remote.js
www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/ Frame FE17 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
187b2130cdd7857365f314352097dd414d0bea425b98dfb3d0423d7d184d6197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/uozZOzXSBi4?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 02:55:44 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 19 May 2021 01:59:33 GMT
server
sffe
age
123829
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30864
x-xss-protection
0
expires
Thu, 19 May 2022 02:55:44 GMT
AUGvlSuEtHOcWRQLUt13huJM0vW_5kL1XylCO744oBE.js
www.google.com/js/th/ Frame FE17 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/AUGvlSuEtHOcWRQLUt13huJM0vW_5kL1XylCO744oBE.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0141af952b84b4739c59140b52dd7786e24cd2f5bfe642f55f29423bbe38a011
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 22:05:48 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 03 May 2021 11:00:00 GMT
server
sffe
age
141225
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13218
x-xss-protection
0
expires
Wed, 18 May 2022 22:05:48 GMT
embed.js
www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/ Frame FE17 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5367b985d0e7260be2ad1a7dcf0578da95c507ba93b57f0facb134374fd4da4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/uozZOzXSBi4?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 02:56:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 19 May 2021 01:59:33 GMT
server
sffe
age
123807
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25226
x-xss-protection
0
expires
Thu, 19 May 2022 02:56:06 GMT
truncated
/ Frame FE17 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AAUvwnhPjf2CY-hOrlkq3KThxuXfnmURz9WT9cYC9Vc8iQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame FE17 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AAUvwnhPjf2CY-hOrlkq3KThxuXfnmURz9WT9cYC9Vc8iQ=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/uozZOzXSBi4?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b5b1f8c0ce1ab29cca4050e19cdb04030d00671931d88126bc8f9c4ebb492aa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 12:34:52 GMT
x-content-type-options
nosniff
age
2681
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2270
x-xss-protection
0
server
fife
etag
"v9f7"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 14 May 2021 10:18:32 GMT
sddefault.jpg
i.ytimg.com/vi/uozZOzXSBi4/ Frame FE17 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/uozZOzXSBi4/sddefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/uozZOzXSBi4?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43ddc3b38bd724d5ee9b39f5f972b778343408f9afd7725def7cabe0d46fee66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:15:41 GMT
x-content-type-options
nosniff
server
sffe
age
232
etag
"1621462926"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59049
x-xss-protection
0
expires
Thu, 20 May 2021 13:20:41 GMT
settings
syndication.twitter.com/ Frame 31D4 		256 B
441 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=1390727914e1504dbffd2f28d3e68b820e3eda10
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.correiodopovo.com.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:33 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 13:19:34 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
98b7f5d49c3a9e515e268e449b1c324d72b0e06545c9e3627c17e100e3b86742
content-length
176
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/ Frame 475A 		231 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87252
x-xss-protection
0
server
cafe
etag
5322897297824761394
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 20 May 2021 13:19:34 GMT
container.html
245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6DD0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js?31061259
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 20 May 2021 13:19:33 GMT
expires
Fri, 20 May 2022 13:19:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5D4B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js?31061259
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 20 May 2021 13:19:33 GMT
expires
Fri, 20 May 2022 13:19:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 999D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js?31061259
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 20 May 2021 13:19:33 GMT
expires
Fri, 20 May 2022 13:19:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5BD7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js?31061259
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 20 May 2021 13:19:33 GMT
expires
Fri, 20 May 2022 13:19:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ 		262 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f266202b591aab2563e8ef52fcc7cf8d2358f48600ad7f52bc62462787dca01

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
iframe
accounts.google.com/o/oauth2/ Frame E288 		513 B
613 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
69ad0dce761d33049d410d61d1717f194672f08fe532bf88ab2f62866db19f09
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-+YDH6CtkKqbLsoy8ClmHnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=216=S2Q7BXfuBiTyHk_dPkF0xXAxyJh2xUFjh7JOsvK08jzcYAETu02OOGfNzxdk-fA-lPjH-fqWtFvKbGoe8nZnMAV3z4Ns7j9yq-rBYXum2r5PYo8AlCQZSMPGm27cb6SkAlGD4-2Ajs5mC2YFJVM_JIBHb2SU8Zzvbbt2gKsc8KM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

content-type
text/html; charset=utf-8
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 20 May 2021 13:19:34 GMT
content-language
en-US
content-security-policy
script-src 'report-sample' 'nonce-+YDH6CtkKqbLsoy8ClmHnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ins.js
s.trvdp.com/scripts/v5.647/ 		432 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.trvdp.com/scripts/v5.647/ins.js
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/3680.js?pid=2617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2a00:d:3c0f:bcc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf487f0a51b3f46d2b7dc753ce7141f2cecf3e50e0df3bdf0b23fc24e7e8e17e

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 09:14:36 GMT
content-encoding
br
last-modified
Thu, 13 May 2021 08:38:42 GMT
server
AmazonS3
age
619499
etag
W/"058a5846135b56cbf0b381935acdfe32"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
4H-C_fMczm3pPYwHCmgjXQeOqucPjSlRW_Ffata36uWCJoETrwa7AQ==
cookie.js
partner.googleadservices.com/gampad/ Frame F383 		12 B
100 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.correiodopovo.com.br&callback=_gfp_s_&client=ca-pub-6379854420851476&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame F383 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F383 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A65E 		15 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382142&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773664&bpp=22&bdt=110&idt=428&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=2&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=1436711205&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5980&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&oid=3&pvsid=2379931329817778&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2u1af1lkdq99&btvi=1&fsb=1&dtd=446
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1621c49c695a43466f2c965969d87f5307967a62eda30228a1e4f923fb2b70e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382142&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773664&bpp=22&bdt=110&idt=428&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=2&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=1436711205&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5980&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&oid=3&pvsid=2379931329817778&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2u1af1lkdq99&btvi=1&fsb=1&dtd=446
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl0-CzSWNdSYCOA6Fg-HQRFAl7jLecXWvcGRu4sW4GK6oRT-YFkELV1xrTi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 20 May 2021 13:19:34 GMT
server
cafe
content-length
6863
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame F383 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621424113157718"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27995
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:34 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame A356 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
801dd0d65553bfc907e50b162eccece494a8e153ae228b9f8d7e385a0e37166e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32609
x-xss-protection
0
server
cafe
etag
1087242138440545812
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 20 May 2021 13:19:34 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 0E66 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
801dd0d65553bfc907e50b162eccece494a8e153ae228b9f8d7e385a0e37166e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32609
x-xss-protection
0
server
cafe
etag
1087242138440545812
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 20 May 2021 13:19:34 GMT
khaos.jpg
token.rubiconproject.com/ Frame A0AA 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VH600BGGZW&gtm=2oe5c1&_p=1177652325&sr=1600x1200&ul=en-us&cid=1256743437.1621516772&_s=1&dl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&dt=Correio%20do%20Povo&sid=1621516773&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VH600BGGZW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 5292 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
801dd0d65553bfc907e50b162eccece494a8e153ae228b9f8d7e385a0e37166e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32609
x-xss-protection
0
server
cafe
etag
1087242138440545812
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 20 May 2021 13:19:34 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/ Frame A356 		231 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87252
x-xss-protection
0
server
cafe
etag
5322897297824761394
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 20 May 2021 13:19:34 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/ Frame 0E66 		231 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87252
x-xss-protection
0
server
cafe
etag
5322897297824761394
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 20 May 2021 13:19:34 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame DF07 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvS4AEQho6NjgIY4pbBogEwAQ&v=APEucNXFk-BsKnIefE2dmae40JBtvmLthCVWFDN0oCTp5FU_lVR4o7Y-jDEdpRdVdLMtvYTckHop526OIjaHzOeLVx81IXv7uGIjBvkBvkScV3ILG9If2FeZAnihdSGPAZFkXXxzYcu61v3Y6TVgkYuEuMOhIbbcjDQgw_qgk2eQS7YEYFZwEBfbRx03sWoMTh9ZT0V7COtnK6tFjj022CJmHfk8yshcpBrJ84wEfA23j2g0bg0w6wY
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CPvS4AEQho6NjgIY4pbBogEwAQ&v=APEucNXFk-BsKnIefE2dmae40JBtvmLthCVWFDN0oCTp5FU_lVR4o7Y-jDEdpRdVdLMtvYTckHop526OIjaHzOeLVx81IXv7uGIjBvkBvkScV3ILG9If2FeZAnihdSGPAZFkXXxzYcu61v3Y6TVgkYuEuMOhIbbcjDQgw_qgk2eQS7YEYFZwEBfbRx03sWoMTh9ZT0V7COtnK6tFjj022CJmHfk8yshcpBrJ84wEfA23j2g0bg0w6wY
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl0-CzSWNdSYCOA6Fg-HQRFAl7jLecXWvcGRu4sW4GK6oRT-YFkELV1xrTi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 20 May 2021 13:19:34 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 6DD0 		59 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bnfk1jXnb-Do5Y5n1VppYzUTDel8926HZOLFY7EyVi7yEU_gCCTySvbRez4qnq42-EHjN5G-2Fvn98QBq-uq19bnxOwdrrOm9wydB9_m6w0cm01SMxT9zzs3dm79dn8AO8VgkxxjXtO-lPAOfdMl95WNm-lw&dbm_d=AKAmf-DFdPJm2Tw8DLD5K7Vuxae7CCLdvfr6Fi4lFHpsKHO4B_2f42lcaWB-lLUpcyeCUGNAoeJNUyPmIyzQzuLxo95HNy9voYk8TV3MsUgwFIrx3-XBkGCPmw3Zu3LU-INKmlK16qGpVld21vtjxj0OgCkMC3QV5pLZU8Tfyy9TELswDE4vKO3_Bd4ZABqJJtuD_5cBnQrM0FaOox6fFT4e3gOQg73jSl7xnOagyj3y40CxvFg8ShMS90sUUhR6h7NFAp0IKseRtZJX6R3TI6H_9I2xrljBnqF4mjey87FxeIIvnGcsH0xRIQNMcpgAF0AGzWeXglwJbKHR6yFVER-iFbFTw-n2vqVOfYHvodMj8glK0Bwp4_qI4Q2FtKrKMMErl_MXUOLraZyZ4EEXVyNPZxEQ6Dr3RHk7RiPlKBc24rKM02HPdgdwg1Vw2_BE74yElMYgNAUh10yGTx4SQppAhoCtAgIaVbp9d97-Yt3T1luZt1kTq3rBihIvAUSok4-5vKv__rkrR9du2_SH6YfuDXQgkiIXXHv3zfdYdnPmkjaM9qy3CfIjASYsAogEROcQ4TX5NGtezJPNPXDtz-bGXKgnredKGXmFlKVqVSs4p4d78gqbvGSRPyAOhy4D0f6-ADy73QmkZRUw1Gjagmz3hnC0VvUPIJuanyUnekp8tCtC20j7Db2Ael4CFKqAlGTBL5uLMxJzhQ3gP5rOmaFhiWGOZ4vz98-y61fEfPYjjkR5U5MAzgXC4yHrIQ40aTZCvcCqHYAm_OnXQRS_z7tUTmMvQsdCkkyr527ofQpiWFOq78d2VWyUowhYHO--v-t7aKKonC07lOx8jEJ2vf2Pk6_2lM9yzHeWETS_iifa_vpKSEBFDhzGeeO5hVnQcbgUK0CdIECXgmbL9YVzIXgsuYZFaXNPfwPxemgtQlyMecw8hGgQWqctSH9-R6wN0gBpa5b2atx7pRsUdkFEGc7OV-NZNMHNqaGgjBPL2bBr4hX956nP2eLSrbmf86opiWFfVbzs_stp8B1vDqm8kMVjmTHiNA8idBsRZyLwvfPtlECGgX7MwhIwGZcZgardc6ArSeUNjdCSQfw6NxFsw1w-_Fp7OfiBhRsuArMIa7-dFyho_F0o-WVecNwIPT_v4seZY1Q3BEQaAwQeQ_hr13Y-Q2RFAKFliayHUnvG60W1M1f7-iVWPfs0ejuC21G1-8w_dcfvHnUNVNl_2HuNK2TMADx6ys8L6ZrP99IZqErMfKPslA5PyNdmVNe7oSes_2VSoTifTy8a6BTRxIBexmHLl2AGKVongVjQnLCWzMpys_ZlK5WPxmq-V8RXapzMxmj2NPu3I21Wxw0m3HWKwx6ZBphw0HnEh9Ya2qfbXYW65pRRiz-KIFm8ELRXOw9idreUajBUN0iWzK84Udp7JH0aZVmg9MjTvnAN1cxOj9ENt9PojD9xxWaNtBdrT7t-lgh2LxzK081HE77f3k7hIg102VWezL5S4LvC-xEzGCeD3yND5ZzTin2KbezU79o_fE2HTdGc2uBEXY5ovFi2_8vxxxd_MvInHTzo9s8RuUF0azZvyq9bVQpAjf0iJQjbjJDMSPk4OktGn2dvUW2wmLQklDjTK_5CarLZVmOhRHov477bPCaTJpxFKkxpWFIjVmi1DGnZq-CCba_6tmWgsfX2KWxsdjm6GX3MOGpbGu45DlWsiqn5cDJpv2xcbtDH29N3R-BmCQYbrhIPrF-I9wMM0bI_kwuX6jhpU2QnU6sh9Cwaz1MzTQmXYP8i5GOVhoAmkdLW6nGS_awUqfwmBj4txVjvvDvUfulPBJ548RVDTxilGP9_cbEWaFMQ0475Sf5kBc_Ob5SeB8a9qG5IsQ9pW78-jgBOkop0dUU5EtUq-XxsnlCbJT-Qd6s74y67Ur88dXD5FKL-K1AeEMCgZE9osSNG2lMqqeSXOv0TRJT6LUWOBC0MS0jKkk4Y9zDyMtpiH5X5XAhW4ycvWqZ6amrs6CLCw_1_0w3YMZDTTC-vL80I_QCLP4rBhuPfuryoR70tvJuNdQDfxHbSoMCENFG1FlA-sBKVlNaaARDrfV_9LpEjeDVAT263aXBjwWnCrvPOtoiusiapOESfV1-sQ1t1IJE0RTAJWLaE98vNrR5PmwfHMV-IOJH0kNZ-mT_wPuJzp-I0B883Uj5nZMG6klWtxPshYDz0IK-0Yl8bN1PWAx6MSlKnWYGYaons3I-8GJTF8N_pzwFpRnHNjFjkDuS2WLSgDrcIoo2_HgEOE4tpxzvTlD5-ZLrxCYGTQRpKVAX3nX5TNCtyTbImU2EgbbitfmfCOqJIrjUMMfRszRSSpb9MZzdsRlbhGC2gT7-80tx_clLIpvD2eyBlq3IkoBEXqdasNkj0CEjomLG6yUNAScoPIm4656zs0GWeF4EIMFA-bp4uBOkWJmjfPPT-xL3jQ5MtGlQxzUq0egBzRE-2RCjKS-qN0Oke6dQ_cnN_vyXXke2Klv-8EGND5LbctWb8B-fW-KNsQdgd39PPvk2rSfmo1v_ofzCTXHAobmkaiW1LqUfSN4pGLc4_5XPhT9sYjgrsHn3Gph-2GSREKfv5TnIxb7NVVY4eHw8Hxts_kVnMZgqExaOHHt14W65RyuAvWTVsAmfs9c4SCxBSeJklCYYz3BeQ9UKn2vmqsCMSrwG_R-pb2m9B8FLlZb-UW3xkMlE5HiMI5XE1GKCopHbvmFL91WXqQiu8W4A-PJ-zGl48hxsSDdhBCK_8waENNT1bYntmXsuIH01tLG3iDwjEgqay6YampA2auiS7-YAJzz9-60LUHgHuGlwLsY9UmI1r3WW2N0sKpApPMMPXK6KXdOhKNKOdLyn4jhnVuPeFCAUhLKkiNha9mpiLitFKCffQz-GR4rsMouiuUTJ8MAaE6gn4YE6zUNg0_Ak2D_Mt_qQtrUiwsbDj59t1Ihs8nOKoLDkpakL_M7_9NQZPHr8Lgdh0CsAJp7uB8u58CfS3FgBg_qCiiQy9MnCIkWRpqayGNMYJPVQ1EHyeUKXy5OKp7Qke4DkBVjhPOxiN0gKXjEeU_DI2UpGtyRc52aZLqI2aCwNUZHGWVXNfCPOCig32MitBnT23_y_bpHgp5DZB_SDCl1p74RA8_3jT2LcwA-5ORWJp_1JaRHr3zTz8s5tX3EOl6ytxdCQ&cid=CAASPeRo9Wed5ufrqJqHwFiGkfQP-VfHtBnTb5MnwtRdVcWCpTxVy60Fb9ymG-HlcMSy-GqwI3v3Bu4qK1okUhk&rfl=1%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14a52656d0960c81a878231728f482aa83820d6cfd22c41430ce477f9ab6c3a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6DD0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D0K27igXIodmlbFQF-bmdEsZZSqeqAtDEl0VbRpSKQgR2L9mBIcXk1bVkztJcJ867ulRNZA844ia_3KMZzRxEWiFKUZ9tHkn3KOc7MtX7npeeT_T8
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 6DD0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:17:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 13:17:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6DD0 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621424119306032"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36804
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 6DD0 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
175
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 13:16:39 GMT
l
www.google.com/ads/measurement/ Frame 6DD0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRjLKhHR8F-NBIdhjX9vpnkAeDnucYYFpLN9UtXv3k_stRBd-JwZIrVUoSf2mUAXyaqM0ah
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame BE84 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRC89b-RAhiDr8meATAB&v=APEucNUmqFkm5WwT9VzAr-Nxx99J5TeHi9c5caII90310lDa6Ge6OgfKxyALwns6rZFSdBq4AjI75UTc2jqnejCCRnzUZhwhJLZkMmlGY0alo5jIi02v0rmUj9kfWqO6fbz1O47IGypuZ__aL0tnpcnrSd5BBtEUOxMkqVRCkRLveR-mqU82K9hucYk9XMZStyL_eY2nntZOy-3lM657TJoE-y7L38SpwOUPILtHQIEnGKcdunwSb-0
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=COXQcRC89b-RAhiDr8meATAB&v=APEucNUmqFkm5WwT9VzAr-Nxx99J5TeHi9c5caII90310lDa6Ge6OgfKxyALwns6rZFSdBq4AjI75UTc2jqnejCCRnzUZhwhJLZkMmlGY0alo5jIi02v0rmUj9kfWqO6fbz1O47IGypuZ__aL0tnpcnrSd5BBtEUOxMkqVRCkRLveR-mqU82K9hucYk9XMZStyL_eY2nntZOy-3lM657TJoE-y7L38SpwOUPILtHQIEnGKcdunwSb-0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl0-CzSWNdSYCOA6Fg-HQRFAl7jLecXWvcGRu4sW4GK6oRT-YFkELV1xrTi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 20 May 2021 13:19:34 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 5BD7 		43 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A7NydyyZ8TY1WoZR2xOwTbH62paKlEOSBNW5gZC5GDnFvUr9eDIwoWbPT5TnwPlAiq8IzQp0rF3MSFerfrwi7O8LQ6dmlukbWgLwPREkfHjixgsUOzg_xIGdlfOOUty1v3c64e9DjyKneTRuZ57z9gI_yx3w&dbm_d=AKAmf-BG75Lozn3Otyi6RrLxIsBZwRGK0ZBhClOc0LzJqWD9-Y8rWFuS03G9eoCUSPk9WdLfK1DUIvto8Za5t_fPPQ3hqXQIIpbCS0smDUAKj0CuxMT3IpIiPftCnzm3lNqybF34Ha_uzBsIBAeyriC0wy533obNJPcmNcLX_WCKhyvwfJwi9IgVm8Y1_4bDWAQaMMR9Jgue6t3V1RjGsKRhdPZQPpOx11wCOk-ZdrUEwrn9lnu94iJiuyvRm8dXYWWT0vQSlUvf_n0QrcjSpU8VezlLomLehHy0L3KHAqAdofLBGi04D5I5DxFRhdeLXk2U-E96J45xMyMN1hB1rHaq4r0TekIHvAoKs9yfiQKIcyJ12RzoEeVwGWDGqmaBQz5cZKOeyXfYSfjUCOu_2DLZpTbRv4cMBMKk2b1pyRDeFcVgV-3_NYRpH0VAw2VsFJEsqi8FD-wyL5j2fkbMTiCoGH6J7pT_1fhQ65ICKgVcimPhrsy0aBYi23FAqCISO77YsekZPxolq0Z1OZmgyVEmRMIpGsS5ociZ7B1v1Jmv78fYydECg29GimWSCkEJS-hAGZOks0ZY5fPljs4V2ebTwRZpF-k5h9pRVGCPi74oEwfgoaKy6YrcglflzybcY5zdI_zl9uy3y0Aseyue4u7zueEN3p4gPdNEDGUWFt8Q5sxie70osgcTf_YZyYXx4Klrhgk7cap3EAPlf3a6CCEzqKD64G9jy9okmHcQsurtcK0FmW5QDZf-lhsoYH1x5pT2G-4Q1zvNubZFHU6GeOYEetWi_Wc0ShR_i_XeTfb3Y1o_T7SzziqoGQlm_A9T8sQp9njjzqiaRietJYu2sdVVLnp_FSDLZID9pb8O4hjYYaiEADR35u8mojDt1fJakMPtAD1GcmCf24sL4ey5RziFjI0vg3g1BfARqtNtRI5D4ExiNV55_ayl1DFMTf2OhTP4F3elY_p4vlEpoiCAKBUlEurrV3ONVqFqYJ2fbiXHwFHBNhmAfJbbjG8U1UiuItzggViqsgyGvOMddm6VSbVSP8qeaKT29NSEMovA-3JfW9ZN3VTGHjy_UCOB81UC4dOPZbE4ysjRIdTYpYWDtkUpZm0TW8_q_fd5ncQB187HJv76q61IKMBk5sZHxUGb3dvagQmgJh1OpoAAG-HFsttigD2ygeGZtztlKAz-Fcq5srWh_ClJDmICeMKx06mDWTq4lcP0x5ob2pG3HQxP2DfXEWFofhNPU5CCY_HykxJl-w3kAlvPFuyFiioZVajur-p49Da_v5_XWcdYZ0yb5Wc2awrAZT5vVwmX5A9bp2WwoJkPNsNzdV0VOchJes5zNIvctYmKajxOMzdG3ujALZrDAW6Vm4lSS2q7vtrIdZip92lyg0z8Svd8j23W3NHFLYwWRKPUugBP2qX7jm6Gr0AOh0QQqkJIdLSuf0pWDyJ7FHjnKjiHxYJqZTcRN6IeUmWfGqts5WwtCTyjGRB6rrq-UnYFEYa0RzZrWsqeXO0ce_c_ngOBkmYhSHOKaJnKnNTvgyLlsHj7wkpeAupQBg8qa9q4mC6KhfF4rLzeizL364JkAtbTDEXWmlWB6BcGF1ru1LlZSMRKZyriaCx3f0IurXC_FpGamoAKgJKKZLgFk6d_If_PUAd6buZN_tE7LqIK5dgP2qinBrs1o-tKTGyXzEFvhEvNnCo5k7QTzdhSdiIUSWpmmil6cvr4GCraTA0W_d-VsK-ujp8ArIsl7_zjx_GFnnKFYklw97SWirX-lZgO15vlG56h0ayJvbk_n9xpTz-kXBAX0VSQ2bUFjtvTTFSVanwwMMoIrtwuPCNeHgbEBoaLmDEGWQ_BMvytNE1edBx1ao56QTB_5iaiTYyyCcPI1Nz_jRQyZ12Pb8OeCl9FWrGq6HaHb5v06v7DDOCE-vfEMcH48-YJt0IIO19j6cCBetnu0Bp0xv018EOgJojcUTgfTxGXcqtsMWgkgwhTW1nv2g_tz7TqE6q8B4TuwPE6AXKLFoAPXHKegwKucyUCXUvLzBrY_4lX8r7L-XVBX48tfF8aNaVlKrUBNLQpyougovQZRh5NlDfYRMV__G08F2p54q7_oCqfRapHthfMkbGkhHB1lcOHSJ08h25Cd2epJ6AdSLHsXdELy7PJl53P9jTCuCOnUwn7Q24EaJkNKq11AETltpZZYdmLj6ZgrFyj75Zh5trbNhtK3prtu-Pbcpt3CHKqMuF59WT7WwYR_00NhlJryZKfbqSx6kjSESoQ0Sq8mg6ZLRA6J0Z-6q0HbDbXlPi5qInjtpTuOzaf3zOimNujRat8qaCXJly0ngXLd402Z6SekXzFCdYcodruOc0o9J7z8xWvF2fXze1iU5RwKgD5FcgDY7CFV23rTzlUBTDBmclyYm6kKzYPLrKRJB-nVIgCpm9VsAIqPfBMpYa7c2nnz5vw4CtEF1fbFEp8Be1s2qbyhapSHqTwT5BwCRgaMb9wTzoExXlIjNXgD9g32ICNqZjrDf6uEPhg-P-b6NcQd5LlQ2GFOOLKQGbj6ALHPPbL0T_PeKtYqdOZmh1V4o7qNs5syJTetxc2FU4-fxs_VShHhgfSkMUuMFHkBaEzfmXWhuLjTHlhmmuW30w070aj4kViVFYYwDWuUHQ8ZaUFUz9-QHBKUGt0nPMW8P-oZjfc5YG9XLuP-Btx2KpE5bD2XYtZ42A5P1O5fUE0ZkiOqhcM7r5cWcdZONRBeH-um93Nd7oSuDHPTQr8p22q415hljjXesDKLzB_wpaw5Isye7CcXUzdHD2c7l-WtrHuO2RqWpKHhOWyiM7elSF1kKjG1z6bmgYmZe2S8ClpDsgVlWCMwp9P6rbEdOIjTBZ0Af9LGJObflJxdmF0r5O8YaiZriGQxBkRR1rhY7nWjmj1yDsw5a_aszl7pJ42i3NJGB589snS99Zsj-89GrRet-5uI6YSi_4VvU-B2dxDszZ5ql8MxXlGFP1gYfgOFJ2RdR9Hw4Lf3RAThiXwQzBu0ZTq3ttpkTmAoQUimWIaPk0YNHTo0S7FS0VySb6-EbpD57LF5ZIyFo6Gk8k6kpUqzuV1HTIwhPrPL3e8BDSzLjUp5ZHfc7sq4n4Z-GAkWLJQA8If855bw_HOJDi8DRp9M8y8b6pEtC4jXmBOpUuNeUgcDnP0QRhxFr7IcI4ohM3TCFM&cid=CAASPeRo3g8jddz4zEhOwyNZAL1LxL1s2fzzBLArwmpa13eV-VCPqXO6YwfBObxyrAezzpkF3DU3rwcHti9GjC8&rfl=1%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc82356ef7a919c86e09c2443e566fca222945e2dd484899fab2fb94e0c74cf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19795
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5BD7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CvrgipRltCQQdS2uv0_dfLRsB0SIOxQFLOcRFqOAONhTqKou_5J5yUMZ8HoV8F11eEevREvzhuqY-k0YHMWVNGxjkzKuSRYhXfSsEvDN0vcyaMf8o
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 5BD7 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=14526021&cmp=145089&plc=vtnwou&sid=45f3d18e47f96c&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0jZB6lo92cduQd2kJl6TN71&DVP_DBM_1=1861733&DVP_DBM_2=18245953&DVP_DBM_3=47028839&DVP_DBM_4=332552067&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=30617691154&turl=https://www.correiodopovo.com.br/&DVP_PP_BUNDLE_ID=&dvregion=2&unit=728x90
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:287::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
423293fe3c2551b1a4bb465173ceaa7679df304828662b202aad33265b1a101a

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 13:19:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 May 2021 11:55:03 GMT
Server
Microsoft-IIS/10.0
ETag
"5cc948f86e4dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1338
dvtp_src.js
cdn.doubleverify.com/ Frame 5BD7 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0jZB6lo92cduQd2kJl6TN71&DVP_DBM_1=1861733&DVP_DBM_2=18245953&DVP_DBM_3=47028839&DVP_DBM_4=332552067&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=30617691154&turl=https://www.correiodopovo.com.br/&DVP_PP_BUNDLE_ID=
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:287::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
92585ced325c8cb308504f95b18f6fb8ec1089a52453f9c9b73a30ddf9182ae8

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 13:19:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 May 2021 09:37:19 GMT
Server
Microsoft-IIS/10.0
ETag
"80b114ba5b4dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3133
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 5BD7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:17:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 13:17:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5BD7 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621424119306032"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36804
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 5BD7 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
175
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 13:16:39 GMT
l
www.google.com/ads/measurement/ Frame 5BD7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSVYNlGC1g0EVL221fU4RIQFLEQ_fJZ8b92uBgvJSc48F4BqGsQOeeeajn7wwhOYSKlZEHD
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame F1F8 		482 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvS4AEQho6NjgIY4pbBogEwAQ&v=APEucNVpPmM8ermDJ36DmoOI-W6TFx-ie4HvE389OWqHfzgDCMH0taCvEjZf3AWSI3zFLwmc7n46pr3F6gtJX7Ieldylpp0CcIWLFCpHyAGfm8dJqtyT6EiVetkHhxKQp9VUXxbpdT---_qLiHq52Vv7N9ZyuYwH9XpIoYKHJbKhWAJuGAETintM42J4Hdu2NNSweUsZxKAfWz98zR_vHaBlaJMIm_TTC_82R1gooTzPJghVDFkReEY
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CPvS4AEQho6NjgIY4pbBogEwAQ&v=APEucNVpPmM8ermDJ36DmoOI-W6TFx-ie4HvE389OWqHfzgDCMH0taCvEjZf3AWSI3zFLwmc7n46pr3F6gtJX7Ieldylpp0CcIWLFCpHyAGfm8dJqtyT6EiVetkHhxKQp9VUXxbpdT---_qLiHq52Vv7N9ZyuYwH9XpIoYKHJbKhWAJuGAETintM42J4Hdu2NNSweUsZxKAfWz98zR_vHaBlaJMIm_TTC_82R1gooTzPJghVDFkReEY
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl0-CzSWNdSYCOA6Fg-HQRFAl7jLecXWvcGRu4sW4GK6oRT-YFkELV1xrTi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 20 May 2021 13:19:34 GMT
server
cafe
cache-control
private
content-length
253
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 5D4B 		59 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BGFOFhH7HB135maUr6WvV_Gws1617X1XyYBGUPy5mVf45xdUHiRq7oNuOZnz3Kp6WRk6BvmhYiFS7Bj_c_C7LpJkJ6nnV62QKsEqDQyT3YUWBqJU8MrPNyk4g1JZK5OpbUADhNr5q8oKc2k8vsrqB9_OG3Kg&dbm_d=AKAmf-APCQyf4PHkjiV1KQx0Wi4iqWuqcrGuQTKtuXw1VScWKeXsA0Oi-SnKOD91tUHRdO0SzCyUxuImRooGO0MdkChNRZ6ojUS1Ton_f3-m7ryNfx9OPvI99XHgFwe5ndadKaMvvA8WGj6iQW2B9OQjBvxO2Z1sbkdKBatu9wqMwCiTu89DJNz-l2nNpYxwR3szVK9yBuoCxMxWIbdE1Xwujg8i21aS9IZuNjigYVqGQBVpvt5rSJAwB-WWJkIQhiW6d748id2TWHmvI87lZkWRG9ktZsDfrbxBzs4V66_2s6juFf0PWmU462xBim9BUnL56eprP1O-yrphOW_C3W9rFGUEDDQiGZWpeyXWZOpefqO6qUnXzjxXXrIdzlGFnYSQXQAfLHvhu3B2K8CujdargDHphUD3kj7cFp9IHYxxW4Ize7AWIBHttuFebP344tg24OG_WYfu5EsMf3O96jqYFvhG9aFaZ4uamOjNhlLtxJ9TaNfXLKXTWlwPX02zwhLe2pgUrtR0Edj_zj0ZX5jXXJI4F13F6gQ6PWxd3nRE1L1-3dcnhlk2II42cYaDfQGx4KCr5srZUiil0b59uams6lL3OEkt_O8V5Sqa5AdZxzIipBotgbUd_MXwrlB9RIq2CM4O7i4e7z6n0kODFDLtGLP0zw2Lq2D3W2otHp1UFLj4sXTLWFAq0Tv7ULgv-niHSDa8p2SepyQUatM-ECUe-jmJgrUEncjpiIlpm9UMQCRH8392Lluw6cg4NsAR26SqRYHj3BGQkJoJIvHvocDT3o4yPhNxhFuiPPNQ6iW5exjA511hvpHcPPARMHva5NvPPqQRLiJKAc9e-ITfEMR2jiOWsO-Hoah3-KP2Xx_OsapaGwESnk0eAuFQYL8m0DmFsdSigi9geQRqUzYRHsmYkZms_N6LCQmJdhjDbsuyyfWGVnL9KXZQUujGT4dRKTemJYM_RzagPRdDGe9CjsPmbUd6T09AV99bqP7Y9qiSbqrWdKFxV_AngJMLdPXRW7f6VWBfgF1T-GD-ZRSB8anYbhvfgwQCj8GbW1qjDGnH8X2kYi8Rsgge9qFnr7ZhZZtgui7nZgz9ru0A_xzRLuMN-Wfl7mS4jkRXGZ_fZbW-4-jAOv1KOlwLKtF1hPzn5eeEBRwuef5vmg9vIyzpdfWJ6-FnqLLGaY20-TsHta6lXC71JydK0Zg1OzFgeq3AFqmEExToF7ZBVThapOtFQFETohg4ZcHK0bxfiTW_91deeKmO6VAKOPUExG9gr4q77UplDNluZMqa7_Dqd5u-lEuba_hSfjlN9Ehwgfkq8z1UNA0S2o7IjBLlV3Q64Zp2rYxIxQsdMvHqjCCDwExyc8hYdUO833eEHlDQtY8DQt9S2xXdrAoQkh-cKPLj8F-VAitNMg-6gPyzzYluY7TX7ROWL7gHB68ruA920U02enWLarTEryOVl4oJh67tCQrDfaM0rUtPjktHenodzgDO_zEDcvW6wBhrepEuMAiXK2KO_HB9rcQDF9uPMfnnv5vOwKTL9kP6Is14lkof0otY_ELrzPHrZAOl3ntG_xjJiDCcQ0rNIHC4YVtCVy78UjIIOnZC1nPvq1vF0WpaSY7ajHTDImGQdjGf8zWUNBxpzBbbzmOR0qL03ajAyttq3_XJ7AoIMRPSA5WO3BWJRxd-JU7uwWU9dSgjhFSsymCrl-Yh3z9ifEYahkIENnIP1aOmvLhjcMJE61Ik8oH_VLl3OmFs6VyU5aQSVMRHSzYjNJIgEq2bRVMKWURtA4_i7k57hOS_9BvdGLdIPQkpz0tqT0612g8vOeIxCVeSHYxUih4HRn7egqCk8i3cw0w0Y6um-tXeWrY1qqpRU25_TpKwNb92q3Owv3NOuESqKICLV0dQgyv6UpiK_Q9dqu29ckdNSEAR2f3KRaTvn4itdfKg8T31C8Wit8Ec4swJYs0qsf1ZP9VUruFeeRSddRUteCFeZARI13tM2TBwSUT2LwyTBgxcazotJlei_9HYpeLlJ-Iq-sVEXzsHqSlLv-CNC-7jEngTv1tj5Bzwbpr6EM8D79U7rsIAZ9EWiwG8dl8rSDS7zhPIDN-QBuVUGRRZ_WCo82hTmQi63zRdxPHqhxdrjTj62B_adnVjSZvfADv1IjTqyUYmtEraXgbgHpq-sN6gmhWM7o4gm1LQvOapWiIAct-NzTT91artH7PyMiAvSQEDOwEN5aZ5tfLrVwLTfQ5p36Yv3dau-7OQ1rPYPrsh1Axn_VgwVmscRhDLi0jA4j4W53YD-laHZAGN7uN-jchpr9DbG1HHl3OZaG3TRLz9QCz-n556TqwEU9SMduEzH5FN7ScGXHOCd5H45N-c1UOYVoj5jOpYdebDhZEQmq6BLtBgVFc1N9E3gUW4BlKfgPtZIB3XJdh-PvCftOCUULljpuaZ6WaAl3qySe5EQHZO8K4yxN4jLzMGBzNM026OpXOiZ5VMXB_5GBJu9MPxE52tXvMmMgd64Ce-Yq9XhnGnrhWgJA0wJAlWvec9lnojkLf_AwUk4vaH0uBFbQw3zK7D6uIOdVmKeYVQ04Hn2bXZI3WmTYK-Lhn6LQgqWfFVQnpkmaPQj1Ou_71fEJcZrQeWPihuUKdSaq7RcwovK9PJ0ukkatkochTriLPNwmRvdzge9pnNCs9tXISGqVCBqVhkDwMWA7SCm3goDiQSifhEjvBcuAj_Bc5l1_2UAF8Ct4YTfW6uGa1ghzvilDhgf7ZSjaUP4slv_ROArdI4EW3Nl6p642t_hG2Q8e4DGAzfmohjS4UgksdW9d-AyvVuu4Tf2QErjnDr7Mwu0ik2jN4xCuhNF4InyVptZYfMf8cfCwl5JPO_RIz-9Ty8_ZfNqQ5zZzIKb9xpfaM6i-hAvPoviV6yMXA6cprC4TH0ulv6D3KAnd7mvE9f3IEOktSTzx4ZvVhHUty7KCQTwXokZj_MFsg6yVUfs9HJXI0tbEwqq26UPP6LZbe2kPsVgR3xhgia6TyiMZQ9rtKk0KQpATACphCL1yOSPgf8DWAZCWHvAvXSVp3x1kiLgdjxv-mMfeXWqrA5uTmdPEBIHu_Ot7He94zytRl2pq0fD-S9A7Fun2AhjUIQU-ADo79k36e1TsrshSXF7pgvdTrsdUYqifZf6_-oj9A6nFExrvj6KIC9wSCztGWkHMfwm9o&cid=CAASPeRoscT_gfvF9wIQ8XP9CvsxECL2TUlwx2HGldc8MuhXpE7voeptX4KOXWNKXZ2u2W4nlVXzg6qo1CZvbeY&rfl=1%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cdf00f9e3a077552349eaf8c11abce651c9ae58a334821b20202d473a09ad913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24186
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D4B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D9Db35ukrDekRqis1x04zoyr1pLTRtqERK0tVy22Np1uqD7_rxsoONTvn8m0vCSs6Vn-KguFkAl0BEW7RpNTSdTjigxv1UPMy-SIwmgXuyiBu1i4U
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 5D4B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:17:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 13:17:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5D4B 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621424119306032"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36804
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 5D4B 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
175
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 13:16:39 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5946 		276 B
227 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvS4AEQho6NjgIY4pbBogEwAQ&v=APEucNWSMba3Pzb6Ww4p2PoNyQ5fPCVYwkLnu9OJ5qqbXfYdCVJYzuQxmXcxyLwvzmnVC2y14UNP1UOWqiC3M6GmYzLWck-w6VXFDkIwf689hhkAdEUp9u4FHfnqMNNnA4ruTfm3Q-2yRLiN6Z3y-hU-5RRxQUOTgOjIaglP7hznbbNGsmbi1tvMPiRfz6kpplonT3HdIVvfsNG1o7E4KQK9W6SLh6oQBPECeqe9nRtq6B2Sja-JGl4
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
020d5dd9987017d323dd6ed1048e55ea089209f930fc9a70299b8f61c0d95a5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CPvS4AEQho6NjgIY4pbBogEwAQ&v=APEucNWSMba3Pzb6Ww4p2PoNyQ5fPCVYwkLnu9OJ5qqbXfYdCVJYzuQxmXcxyLwvzmnVC2y14UNP1UOWqiC3M6GmYzLWck-w6VXFDkIwf689hhkAdEUp9u4FHfnqMNNnA4ruTfm3Q-2yRLiN6Z3y-hU-5RRxQUOTgOjIaglP7hznbbNGsmbi1tvMPiRfz6kpplonT3HdIVvfsNG1o7E4KQK9W6SLh6oQBPECeqe9nRtq6B2Sja-JGl4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl0-CzSWNdSYCOA6Fg-HQRFAl7jLecXWvcGRu4sW4GK6oRT-YFkELV1xrTi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 20 May 2021 13:19:34 GMT
server
cafe
cache-control
private
content-length
206
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 999D 		59 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ARuTDcq99M-gvcv4gpD_V5HogTJjAVxbWEANjdP9AHAqA_G_PrXxxU-CC1qHZU3Bz4Iv4wTOtY-Zq14KGOWooS6vSM-Axigc83pU4N0fy1B2WbZtog6HvNSRPAnfZqfOkKd1YLwp8O-3Xw8CKFH5wAPVVh3Q&dbm_d=AKAmf-Dd7rdmOy5kOEUpP0y82i_Apcd34iOEN_ymTYR9O6r2MNqMAIM9W8yUeTCiG8yeyKdEBq8oMIk1rZ2r6jNAzBDIigN5D0St1kNEd2-Hs_kRcOvSudrkII_RAD1SI6Tf-kaJ7FY3s1MSRlXPU2wTVBo_kEhFo0mvpc6NAmUcvMmeAZ_mVodegUIyN3zEttRDA6KJdbnZCmNSClD-88NcR2E9zL0Peon-yfYYXAXN2-hOIjJRn6eHQGM9GmWkxnDCqHKSGgRWviAHW6SH-VNwANFddVMQZPFa0R6ZX4KU4YdGFSKyHdbMMZm6yqjnNHKD6AnQXOg3H-Xw25fv4kuK9WSIBuxVrnN_bRZMRtY-7xExWuwoyDJj4aj5VMljkqt3ASlfHA33hT12uavXoVEkiOPiBjd74v-Y3LdUhD3FayPJ4d36e0rJ3RuhvR-VD6vSB7sf7nE3txiBh0SBnTfccvvvijJPTxaclu_wBfizcN-lXY3HzfKuUBsrSS07s4MfV-s7bHUrMg4hiH32wTTBQYcPFMetebzlY1h5TulHyA7-n61_Ee4_uTisECpQTXu6oH9LNa9lpZN48TU4O3_U9g6Z9YExGkLLOly2gZXGiuaEKVoLLwaJsIyOmuT1ZgG7IrmlhSnCIqakPUda2qW7AbrVemWs3ouIe4PaCQtgiL7fFbRXroaKEwzGEfVehZKc6TPo35NpJ4AW-ccRJptEvsjzI1Vv1bicB4T1NYTDpLSCynVo_NbhJ0EMr_McmvojNje8PxeRO4VISZQw8aMKzRSYAJfhdt245a4QxjatYbt4uGJqAae_cIg9jYGykD257bTS5SMJiel6fviPKqCq1drmuzMc3KD2uKkp5EzMoHOoi8U88fsLDkcXaN7c7_8blGWl7k-Z2GFeu7j_3bqxWWfOKomZBUWpPLBOZ_0SPA2e2QmapYqhOQW_kro8jUvxEhGzFBcvXNDzJANvBPnpK-OKV7X4JNPOhmeVRBzyYu_FKk_2xXOhrIa5ye5Me70HZaaK-u-v5xiTWAGnFpLUA706maL2OX9_CMAC7d9j_OHSIJ6YgfA0TdDAfWw-PFDvCeymXKArcAV1zk5JhFcK9H4gMPsg1pEGqByIYmX_mZTLVBIKn2ao40DwEE-TwK3kS0NCQ96Ck8JVN-mYVhxrrKg6BLFYZTBbhRY0lW9U0D3aMgLSpc87z82Yg04-BXSABaxVawTQHJ21CvROL-DICqL-xOpW927IAeZ8bxBcSe6sU9PzVxufWjNVQ27h0En9ImKmM4VcuYhUnA79b4Fkc2nfs1CjYDKpvkFZcfGNPcUd9Jsj3_cVNCE94OtcrF9JQKn8_lxuPLU241B9GFL8zMk0SDLHyCnd9jg_50zbb7nERJNxB4q1ElMMjSSmbnlvbM9CEAyAoRMBNqpPHLpX0mCsI2Wq7qkl_XLcn1tTspH9Y6696fTHq0eIYcL5cPCGasUFGKA2E7JmybIGU2AY8ehCToDZjYcSL9Fk39xqn5VZNjqLtyXOCVg9CD-vBpPv7i4TjdA2o08PkekS6kt_yLnYpngsUUVdzfNpw6MaImOhpaClNgqODrW_NKreRXx17OgWyNae0r8Z4gxtC0pf5nDLu_YlQ9ysfv1XD8C1Tg5WJ2Du88dsuAxniMHvAuUFa7MBkqkF2fCsf8JkUReFhBrosRlEV9qTHdBNZvaws804tx6AZFAyg7Ug1VZ3Lpj-9qendWHJIv6Fs2GQkeuiQ_qylkfw3hGjE7DIBbxp4sFapMxvk8Z7eyztc-QmJFuZ7frG5j8IhkLhX9N1LkNpUXPMHnLorFLTt8Z93YEKxH3tP62vli3jqrhbl5CLy4PhfoyMXJDzknwyWu2WC1OtXwHW87Xne-px7EM4pRgfETLynnlJ1nXPehB7P2N6CBQu-ap0cTNFuLlMlpYG91hD2LOrgFUA_DN9vTGqlW_rqnwRz3TFXo9ix9yEtcLM1Cb_dlR5MPyPVMMkaC3kgDPalvTIATH2zPaHx4I7D1x9o6x2gUhpFVOJwzpsZt86KpdKLjrxFX5GpW6uzF7nZ1dkiWdsY7qLkjPeMbD0rIlsqNbViWuXtJ23bTLm8rO5z5Hrrpud6MEtame0wled6W6AarteErKbqYmkrRAETLnb-eoGBtDxnCa8tyQEWiP_LJGw1SgKYEqhSrHmVeZ64UgaBoa3u49KApLfrXgPPL9ACwG96n8tc0c49jC_cBdRVW0ZV7gwAzqQ0gt9p0uKUux9KAeCj1Y3gXrBNWpLRAWzy_Zr0zQyEFO_czKw2Ncyb8-7QneRXAy2xTn6wK6KwlAWnUIxW3Mo3aeqIn94nPsnQmhNq4pAWwUtwTStiEVBT6qxOpH7pVTwT8YZEkj3aZ-FLHt_rBqlM7j4NAINXHRFXX6glwknQxheffvcLvk9tEXhzDhFwf-WYo3TjyMxJvIQY85-ly3_PUhs1liL-JjIpBvIR1B51PqyJBNOGZpv_Pmp57kpht8FHE4DBdL8WeoOgcCCb-S087n-5gYe-mF0S1XbfboPGS_9YF3yFt5PTI9BT3u-V-A75VnDVhdrY79qzf-7hxAFSW9kO72yqu1xyM9eNScB6AzqDxxTzWc9CVJG0Oo4JZPCdy8UQ5vbApEu8SmzzlNnmE_iBxeRIvA61ZU7T9ACfhRhM9AYEBCFWED7YaSrUcNu2GO59MGwzSCTMRKgi9rDFmMnjYP66gWpi3ZaWAQVKnNUX0G_X-0-HF5FaqWtYuaY0sY4wthwqdan0nliNadiVlCWdfVWzXacKAE0w2eUEISQgY3R7Q0DSM7S8WXPdxm6LmAsEPE_xqWKcMe12PN9HahE6u9KSe1AColbb1w3AUlgBrWHXDgubeYaL6WfsBBKSBGEJyRdybtKI6UIJKh-dqyuvCQ8IE78CEkSNqtHxPiovSMAsYBRH6lUv0GEPWy7NONGxAsuRsAb3Ej8nHbKU8dtGjT2f9-oLXsfWmc0EyMmiky902EYHNwfz7yeDXn3mHLWHhEfu3KhF-9qdzK5ZRNRs3H-kHTs4N__KxH6ADVBoCONNIa3lQCsluU9XRit1VKFeSCWluh1eJT_gAWPAZx06jVZL2CyTVqJT1uswVg-mipzza6-v8XCwj8pSCzyj98TVWUW1vbvAoSCXQAmEFzzCkNGZsRHE4NUxUQGt3s&cid=CAASPeRofvHPILsunp664YvLTxMJpfox0iCsYBG5BGZ36kChplm_xwL4dKXhPt7DvdCBqKDbiZiSA5El-PbJ8lY&rfl=1%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d6899ddcbaa1e6a2ae48d5a26995131b3e19998b4e62ce30682ca52ed4fc04e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24368
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 999D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BeVj2RStMLzAxTDKCLJeMgxnoZNLGoA6gjHRdJ965ptbzq4Hmx5a-Jofnq8ee7c-1oh23hpW_WYWbcvL7AskmITrJPuIAKeAgHc9yRZMw81sIVsS4
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 999D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:17:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 13:17:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 999D 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621424119306032"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36804
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 999D 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
175
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 13:16:39 GMT
l
www.google.com/ads/measurement/ Frame 999D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQjdJSFdNyidL6hfLbtRSOtmOkyfiSN1m71hHAopQXBNeijaDMkWZOjpzelcJV06s9BrjLp
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookie.js
partner.googleadservices.com/gampad/ Frame 475A 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.correiodopovo.com.br&callback=_gfp_s_&client=ca-pub-6379854420851476&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 475A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 475A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 50A5 		15 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773990&bpp=5&bdt=301&idt=305&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=668725599&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=8222&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=969987549450629&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8kpldhbyp60g&btvi=1&fsb=1&dtd=323
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ed220fe446b0b7ff457f877e80b70aad1cdfed9d8cf6b596f6d0249fcd4eac5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773990&bpp=5&bdt=301&idt=305&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=668725599&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=8222&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=969987549450629&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8kpldhbyp60g&btvi=1&fsb=1&dtd=323
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl0-CzSWNdSYCOA6Fg-HQRFAl7jLecXWvcGRu4sW4GK6oRT-YFkELV1xrTi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 20 May 2021 13:19:35 GMT
server
cafe
content-length
6701
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 475A 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621424113157718"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27995
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:34 GMT
cors
data.ad-score.com/score/ 		52 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=www.correiodopovo.com.br&l1=3680&l2=correiodopovo.com.br&l3=DK&l4=desktop&cb=0.22375155033439031
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.647/ins.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:34 GMT
Age
0
Access-Control-Allow-Methods
GET,POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://www.correiodopovo.com.br
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
52
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame FE17 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:34 GMT
generate_204
www.youtube.com/ Frame FE17 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?1o5oQA
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/uozZOzXSBi4?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
2267922346-idpiframe.js
ssl.gstatic.com/accounts/o/ Frame E288 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/2267922346-idpiframe.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3de90a9266115ffeaea8148d0604ae89e3eeab3105a52bf9e3a90268319ec629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 12:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 05 May 2021 00:36:36 GMT
server
sffe
age
176262
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39141
x-xss-protection
0
expires
Wed, 18 May 2022 12:21:52 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/ Frame 5292 		231 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87252
x-xss-protection
0
server
cafe
etag
5322897297824761394
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 20 May 2021 13:19:34 GMT
bulk
trc.taboola.com/correiodopovo/log/3/ 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/correiodopovo/log/3/bulk?tvi2=84&route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210520-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
53
pragma
no-cache
date
Thu, 20 May 2021 13:19:34 GMT
via
1.1 varnish
server
nginx
x-timer
S1621516775.517171,VS0,VE53
x-served-by
cache-hhn11580-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
cb=gapi.loaded_2
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_2
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3eaa924137eb4de4bad4170cf06d147f14b859451245907bc88ca52e4c7febdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:28:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 20:19:21 GMT
server
sffe
age
586245
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9510
x-xss-protection
0
expires
Fri, 13 May 2022 18:28:49 GMT
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 6DD0 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 12:48:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1889
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 May 2021 12:48:05 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/ Frame 6DD0 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bnfk1jXnb-Do5Y5n1VppYzUTDel8926HZOLFY7EyVi7yEU_gCCTySvbRez4qnq42-EHjN5G-2Fvn98QBq-uq19bnxOwdrrOm9wydB9_m6w0cm01SMxT9zzs3dm79dn8AO8VgkxxjXtO-lPAOfdMl95WNm-lw&dbm_d=AKAmf-DFdPJm2Tw8DLD5K7Vuxae7CCLdvfr6Fi4lFHpsKHO4B_2f42lcaWB-lLUpcyeCUGNAoeJNUyPmIyzQzuLxo95HNy9voYk8TV3MsUgwFIrx3-XBkGCPmw3Zu3LU-INKmlK16qGpVld21vtjxj0OgCkMC3QV5pLZU8Tfyy9TELswDE4vKO3_Bd4ZABqJJtuD_5cBnQrM0FaOox6fFT4e3gOQg73jSl7xnOagyj3y40CxvFg8ShMS90sUUhR6h7NFAp0IKseRtZJX6R3TI6H_9I2xrljBnqF4mjey87FxeIIvnGcsH0xRIQNMcpgAF0AGzWeXglwJbKHR6yFVER-iFbFTw-n2vqVOfYHvodMj8glK0Bwp4_qI4Q2FtKrKMMErl_MXUOLraZyZ4EEXVyNPZxEQ6Dr3RHk7RiPlKBc24rKM02HPdgdwg1Vw2_BE74yElMYgNAUh10yGTx4SQppAhoCtAgIaVbp9d97-Yt3T1luZt1kTq3rBihIvAUSok4-5vKv__rkrR9du2_SH6YfuDXQgkiIXXHv3zfdYdnPmkjaM9qy3CfIjASYsAogEROcQ4TX5NGtezJPNPXDtz-bGXKgnredKGXmFlKVqVSs4p4d78gqbvGSRPyAOhy4D0f6-ADy73QmkZRUw1Gjagmz3hnC0VvUPIJuanyUnekp8tCtC20j7Db2Ael4CFKqAlGTBL5uLMxJzhQ3gP5rOmaFhiWGOZ4vz98-y61fEfPYjjkR5U5MAzgXC4yHrIQ40aTZCvcCqHYAm_OnXQRS_z7tUTmMvQsdCkkyr527ofQpiWFOq78d2VWyUowhYHO--v-t7aKKonC07lOx8jEJ2vf2Pk6_2lM9yzHeWETS_iifa_vpKSEBFDhzGeeO5hVnQcbgUK0CdIECXgmbL9YVzIXgsuYZFaXNPfwPxemgtQlyMecw8hGgQWqctSH9-R6wN0gBpa5b2atx7pRsUdkFEGc7OV-NZNMHNqaGgjBPL2bBr4hX956nP2eLSrbmf86opiWFfVbzs_stp8B1vDqm8kMVjmTHiNA8idBsRZyLwvfPtlECGgX7MwhIwGZcZgardc6ArSeUNjdCSQfw6NxFsw1w-_Fp7OfiBhRsuArMIa7-dFyho_F0o-WVecNwIPT_v4seZY1Q3BEQaAwQeQ_hr13Y-Q2RFAKFliayHUnvG60W1M1f7-iVWPfs0ejuC21G1-8w_dcfvHnUNVNl_2HuNK2TMADx6ys8L6ZrP99IZqErMfKPslA5PyNdmVNe7oSes_2VSoTifTy8a6BTRxIBexmHLl2AGKVongVjQnLCWzMpys_ZlK5WPxmq-V8RXapzMxmj2NPu3I21Wxw0m3HWKwx6ZBphw0HnEh9Ya2qfbXYW65pRRiz-KIFm8ELRXOw9idreUajBUN0iWzK84Udp7JH0aZVmg9MjTvnAN1cxOj9ENt9PojD9xxWaNtBdrT7t-lgh2LxzK081HE77f3k7hIg102VWezL5S4LvC-xEzGCeD3yND5ZzTin2KbezU79o_fE2HTdGc2uBEXY5ovFi2_8vxxxd_MvInHTzo9s8RuUF0azZvyq9bVQpAjf0iJQjbjJDMSPk4OktGn2dvUW2wmLQklDjTK_5CarLZVmOhRHov477bPCaTJpxFKkxpWFIjVmi1DGnZq-CCba_6tmWgsfX2KWxsdjm6GX3MOGpbGu45DlWsiqn5cDJpv2xcbtDH29N3R-BmCQYbrhIPrF-I9wMM0bI_kwuX6jhpU2QnU6sh9Cwaz1MzTQmXYP8i5GOVhoAmkdLW6nGS_awUqfwmBj4txVjvvDvUfulPBJ548RVDTxilGP9_cbEWaFMQ0475Sf5kBc_Ob5SeB8a9qG5IsQ9pW78-jgBOkop0dUU5EtUq-XxsnlCbJT-Qd6s74y67Ur88dXD5FKL-K1AeEMCgZE9osSNG2lMqqeSXOv0TRJT6LUWOBC0MS0jKkk4Y9zDyMtpiH5X5XAhW4ycvWqZ6amrs6CLCw_1_0w3YMZDTTC-vL80I_QCLP4rBhuPfuryoR70tvJuNdQDfxHbSoMCENFG1FlA-sBKVlNaaARDrfV_9LpEjeDVAT263aXBjwWnCrvPOtoiusiapOESfV1-sQ1t1IJE0RTAJWLaE98vNrR5PmwfHMV-IOJH0kNZ-mT_wPuJzp-I0B883Uj5nZMG6klWtxPshYDz0IK-0Yl8bN1PWAx6MSlKnWYGYaons3I-8GJTF8N_pzwFpRnHNjFjkDuS2WLSgDrcIoo2_HgEOE4tpxzvTlD5-ZLrxCYGTQRpKVAX3nX5TNCtyTbImU2EgbbitfmfCOqJIrjUMMfRszRSSpb9MZzdsRlbhGC2gT7-80tx_clLIpvD2eyBlq3IkoBEXqdasNkj0CEjomLG6yUNAScoPIm4656zs0GWeF4EIMFA-bp4uBOkWJmjfPPT-xL3jQ5MtGlQxzUq0egBzRE-2RCjKS-qN0Oke6dQ_cnN_vyXXke2Klv-8EGND5LbctWb8B-fW-KNsQdgd39PPvk2rSfmo1v_ofzCTXHAobmkaiW1LqUfSN4pGLc4_5XPhT9sYjgrsHn3Gph-2GSREKfv5TnIxb7NVVY4eHw8Hxts_kVnMZgqExaOHHt14W65RyuAvWTVsAmfs9c4SCxBSeJklCYYz3BeQ9UKn2vmqsCMSrwG_R-pb2m9B8FLlZb-UW3xkMlE5HiMI5XE1GKCopHbvmFL91WXqQiu8W4A-PJ-zGl48hxsSDdhBCK_8waENNT1bYntmXsuIH01tLG3iDwjEgqay6YampA2auiS7-YAJzz9-60LUHgHuGlwLsY9UmI1r3WW2N0sKpApPMMPXK6KXdOhKNKOdLyn4jhnVuPeFCAUhLKkiNha9mpiLitFKCffQz-GR4rsMouiuUTJ8MAaE6gn4YE6zUNg0_Ak2D_Mt_qQtrUiwsbDj59t1Ihs8nOKoLDkpakL_M7_9NQZPHr8Lgdh0CsAJp7uB8u58CfS3FgBg_qCiiQy9MnCIkWRpqayGNMYJPVQ1EHyeUKXy5OKp7Qke4DkBVjhPOxiN0gKXjEeU_DI2UpGtyRc52aZLqI2aCwNUZHGWVXNfCPOCig32MitBnT23_y_bpHgp5DZB_SDCl1p74RA8_3jT2LcwA-5ORWJp_1JaRHr3zTz8s5tX3EOl6ytxdCQ&cid=CAASPeRo9Wed5ufrqJqHwFiGkfQP-VfHtBnTb5MnwtRdVcWCpTxVy60Fb9ymG-HlcMSy-GqwI3v3Bu4qK1okUhk&rfl=1%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:17:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
99
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 13:17:55 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 6DD0 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bnfk1jXnb-Do5Y5n1VppYzUTDel8926HZOLFY7EyVi7yEU_gCCTySvbRez4qnq42-EHjN5G-2Fvn98QBq-uq19bnxOwdrrOm9wydB9_m6w0cm01SMxT9zzs3dm79dn8AO8VgkxxjXtO-lPAOfdMl95WNm-lw&dbm_d=AKAmf-DFdPJm2Tw8DLD5K7Vuxae7CCLdvfr6Fi4lFHpsKHO4B_2f42lcaWB-lLUpcyeCUGNAoeJNUyPmIyzQzuLxo95HNy9voYk8TV3MsUgwFIrx3-XBkGCPmw3Zu3LU-INKmlK16qGpVld21vtjxj0OgCkMC3QV5pLZU8Tfyy9TELswDE4vKO3_Bd4ZABqJJtuD_5cBnQrM0FaOox6fFT4e3gOQg73jSl7xnOagyj3y40CxvFg8ShMS90sUUhR6h7NFAp0IKseRtZJX6R3TI6H_9I2xrljBnqF4mjey87FxeIIvnGcsH0xRIQNMcpgAF0AGzWeXglwJbKHR6yFVER-iFbFTw-n2vqVOfYHvodMj8glK0Bwp4_qI4Q2FtKrKMMErl_MXUOLraZyZ4EEXVyNPZxEQ6Dr3RHk7RiPlKBc24rKM02HPdgdwg1Vw2_BE74yElMYgNAUh10yGTx4SQppAhoCtAgIaVbp9d97-Yt3T1luZt1kTq3rBihIvAUSok4-5vKv__rkrR9du2_SH6YfuDXQgkiIXXHv3zfdYdnPmkjaM9qy3CfIjASYsAogEROcQ4TX5NGtezJPNPXDtz-bGXKgnredKGXmFlKVqVSs4p4d78gqbvGSRPyAOhy4D0f6-ADy73QmkZRUw1Gjagmz3hnC0VvUPIJuanyUnekp8tCtC20j7Db2Ael4CFKqAlGTBL5uLMxJzhQ3gP5rOmaFhiWGOZ4vz98-y61fEfPYjjkR5U5MAzgXC4yHrIQ40aTZCvcCqHYAm_OnXQRS_z7tUTmMvQsdCkkyr527ofQpiWFOq78d2VWyUowhYHO--v-t7aKKonC07lOx8jEJ2vf2Pk6_2lM9yzHeWETS_iifa_vpKSEBFDhzGeeO5hVnQcbgUK0CdIECXgmbL9YVzIXgsuYZFaXNPfwPxemgtQlyMecw8hGgQWqctSH9-R6wN0gBpa5b2atx7pRsUdkFEGc7OV-NZNMHNqaGgjBPL2bBr4hX956nP2eLSrbmf86opiWFfVbzs_stp8B1vDqm8kMVjmTHiNA8idBsRZyLwvfPtlECGgX7MwhIwGZcZgardc6ArSeUNjdCSQfw6NxFsw1w-_Fp7OfiBhRsuArMIa7-dFyho_F0o-WVecNwIPT_v4seZY1Q3BEQaAwQeQ_hr13Y-Q2RFAKFliayHUnvG60W1M1f7-iVWPfs0ejuC21G1-8w_dcfvHnUNVNl_2HuNK2TMADx6ys8L6ZrP99IZqErMfKPslA5PyNdmVNe7oSes_2VSoTifTy8a6BTRxIBexmHLl2AGKVongVjQnLCWzMpys_ZlK5WPxmq-V8RXapzMxmj2NPu3I21Wxw0m3HWKwx6ZBphw0HnEh9Ya2qfbXYW65pRRiz-KIFm8ELRXOw9idreUajBUN0iWzK84Udp7JH0aZVmg9MjTvnAN1cxOj9ENt9PojD9xxWaNtBdrT7t-lgh2LxzK081HE77f3k7hIg102VWezL5S4LvC-xEzGCeD3yND5ZzTin2KbezU79o_fE2HTdGc2uBEXY5ovFi2_8vxxxd_MvInHTzo9s8RuUF0azZvyq9bVQpAjf0iJQjbjJDMSPk4OktGn2dvUW2wmLQklDjTK_5CarLZVmOhRHov477bPCaTJpxFKkxpWFIjVmi1DGnZq-CCba_6tmWgsfX2KWxsdjm6GX3MOGpbGu45DlWsiqn5cDJpv2xcbtDH29N3R-BmCQYbrhIPrF-I9wMM0bI_kwuX6jhpU2QnU6sh9Cwaz1MzTQmXYP8i5GOVhoAmkdLW6nGS_awUqfwmBj4txVjvvDvUfulPBJ548RVDTxilGP9_cbEWaFMQ0475Sf5kBc_Ob5SeB8a9qG5IsQ9pW78-jgBOkop0dUU5EtUq-XxsnlCbJT-Qd6s74y67Ur88dXD5FKL-K1AeEMCgZE9osSNG2lMqqeSXOv0TRJT6LUWOBC0MS0jKkk4Y9zDyMtpiH5X5XAhW4ycvWqZ6amrs6CLCw_1_0w3YMZDTTC-vL80I_QCLP4rBhuPfuryoR70tvJuNdQDfxHbSoMCENFG1FlA-sBKVlNaaARDrfV_9LpEjeDVAT263aXBjwWnCrvPOtoiusiapOESfV1-sQ1t1IJE0RTAJWLaE98vNrR5PmwfHMV-IOJH0kNZ-mT_wPuJzp-I0B883Uj5nZMG6klWtxPshYDz0IK-0Yl8bN1PWAx6MSlKnWYGYaons3I-8GJTF8N_pzwFpRnHNjFjkDuS2WLSgDrcIoo2_HgEOE4tpxzvTlD5-ZLrxCYGTQRpKVAX3nX5TNCtyTbImU2EgbbitfmfCOqJIrjUMMfRszRSSpb9MZzdsRlbhGC2gT7-80tx_clLIpvD2eyBlq3IkoBEXqdasNkj0CEjomLG6yUNAScoPIm4656zs0GWeF4EIMFA-bp4uBOkWJmjfPPT-xL3jQ5MtGlQxzUq0egBzRE-2RCjKS-qN0Oke6dQ_cnN_vyXXke2Klv-8EGND5LbctWb8B-fW-KNsQdgd39PPvk2rSfmo1v_ofzCTXHAobmkaiW1LqUfSN4pGLc4_5XPhT9sYjgrsHn3Gph-2GSREKfv5TnIxb7NVVY4eHw8Hxts_kVnMZgqExaOHHt14W65RyuAvWTVsAmfs9c4SCxBSeJklCYYz3BeQ9UKn2vmqsCMSrwG_R-pb2m9B8FLlZb-UW3xkMlE5HiMI5XE1GKCopHbvmFL91WXqQiu8W4A-PJ-zGl48hxsSDdhBCK_8waENNT1bYntmXsuIH01tLG3iDwjEgqay6YampA2auiS7-YAJzz9-60LUHgHuGlwLsY9UmI1r3WW2N0sKpApPMMPXK6KXdOhKNKOdLyn4jhnVuPeFCAUhLKkiNha9mpiLitFKCffQz-GR4rsMouiuUTJ8MAaE6gn4YE6zUNg0_Ak2D_Mt_qQtrUiwsbDj59t1Ihs8nOKoLDkpakL_M7_9NQZPHr8Lgdh0CsAJp7uB8u58CfS3FgBg_qCiiQy9MnCIkWRpqayGNMYJPVQ1EHyeUKXy5OKp7Qke4DkBVjhPOxiN0gKXjEeU_DI2UpGtyRc52aZLqI2aCwNUZHGWVXNfCPOCig32MitBnT23_y_bpHgp5DZB_SDCl1p74RA8_3jT2LcwA-5ORWJp_1JaRHr3zTz8s5tX3EOl6ytxdCQ&cid=CAASPeRo9Wed5ufrqJqHwFiGkfQP-VfHtBnTb5MnwtRdVcWCpTxVy60Fb9ymG-HlcMSy-GqwI3v3Bu4qK1okUhk&rfl=1%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4c0938e087a40c05a99d723eaf012958e03b048659bed9b36a2bc63f766d32b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8593
x-xss-protection
0
server
cafe
etag
3013172215444160546
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 13:16:45 GMT
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 5D4B 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 12:48:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1889
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 May 2021 12:48:05 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/ Frame 5D4B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BGFOFhH7HB135maUr6WvV_Gws1617X1XyYBGUPy5mVf45xdUHiRq7oNuOZnz3Kp6WRk6BvmhYiFS7Bj_c_C7LpJkJ6nnV62QKsEqDQyT3YUWBqJU8MrPNyk4g1JZK5OpbUADhNr5q8oKc2k8vsrqB9_OG3Kg&dbm_d=AKAmf-APCQyf4PHkjiV1KQx0Wi4iqWuqcrGuQTKtuXw1VScWKeXsA0Oi-SnKOD91tUHRdO0SzCyUxuImRooGO0MdkChNRZ6ojUS1Ton_f3-m7ryNfx9OPvI99XHgFwe5ndadKaMvvA8WGj6iQW2B9OQjBvxO2Z1sbkdKBatu9wqMwCiTu89DJNz-l2nNpYxwR3szVK9yBuoCxMxWIbdE1Xwujg8i21aS9IZuNjigYVqGQBVpvt5rSJAwB-WWJkIQhiW6d748id2TWHmvI87lZkWRG9ktZsDfrbxBzs4V66_2s6juFf0PWmU462xBim9BUnL56eprP1O-yrphOW_C3W9rFGUEDDQiGZWpeyXWZOpefqO6qUnXzjxXXrIdzlGFnYSQXQAfLHvhu3B2K8CujdargDHphUD3kj7cFp9IHYxxW4Ize7AWIBHttuFebP344tg24OG_WYfu5EsMf3O96jqYFvhG9aFaZ4uamOjNhlLtxJ9TaNfXLKXTWlwPX02zwhLe2pgUrtR0Edj_zj0ZX5jXXJI4F13F6gQ6PWxd3nRE1L1-3dcnhlk2II42cYaDfQGx4KCr5srZUiil0b59uams6lL3OEkt_O8V5Sqa5AdZxzIipBotgbUd_MXwrlB9RIq2CM4O7i4e7z6n0kODFDLtGLP0zw2Lq2D3W2otHp1UFLj4sXTLWFAq0Tv7ULgv-niHSDa8p2SepyQUatM-ECUe-jmJgrUEncjpiIlpm9UMQCRH8392Lluw6cg4NsAR26SqRYHj3BGQkJoJIvHvocDT3o4yPhNxhFuiPPNQ6iW5exjA511hvpHcPPARMHva5NvPPqQRLiJKAc9e-ITfEMR2jiOWsO-Hoah3-KP2Xx_OsapaGwESnk0eAuFQYL8m0DmFsdSigi9geQRqUzYRHsmYkZms_N6LCQmJdhjDbsuyyfWGVnL9KXZQUujGT4dRKTemJYM_RzagPRdDGe9CjsPmbUd6T09AV99bqP7Y9qiSbqrWdKFxV_AngJMLdPXRW7f6VWBfgF1T-GD-ZRSB8anYbhvfgwQCj8GbW1qjDGnH8X2kYi8Rsgge9qFnr7ZhZZtgui7nZgz9ru0A_xzRLuMN-Wfl7mS4jkRXGZ_fZbW-4-jAOv1KOlwLKtF1hPzn5eeEBRwuef5vmg9vIyzpdfWJ6-FnqLLGaY20-TsHta6lXC71JydK0Zg1OzFgeq3AFqmEExToF7ZBVThapOtFQFETohg4ZcHK0bxfiTW_91deeKmO6VAKOPUExG9gr4q77UplDNluZMqa7_Dqd5u-lEuba_hSfjlN9Ehwgfkq8z1UNA0S2o7IjBLlV3Q64Zp2rYxIxQsdMvHqjCCDwExyc8hYdUO833eEHlDQtY8DQt9S2xXdrAoQkh-cKPLj8F-VAitNMg-6gPyzzYluY7TX7ROWL7gHB68ruA920U02enWLarTEryOVl4oJh67tCQrDfaM0rUtPjktHenodzgDO_zEDcvW6wBhrepEuMAiXK2KO_HB9rcQDF9uPMfnnv5vOwKTL9kP6Is14lkof0otY_ELrzPHrZAOl3ntG_xjJiDCcQ0rNIHC4YVtCVy78UjIIOnZC1nPvq1vF0WpaSY7ajHTDImGQdjGf8zWUNBxpzBbbzmOR0qL03ajAyttq3_XJ7AoIMRPSA5WO3BWJRxd-JU7uwWU9dSgjhFSsymCrl-Yh3z9ifEYahkIENnIP1aOmvLhjcMJE61Ik8oH_VLl3OmFs6VyU5aQSVMRHSzYjNJIgEq2bRVMKWURtA4_i7k57hOS_9BvdGLdIPQkpz0tqT0612g8vOeIxCVeSHYxUih4HRn7egqCk8i3cw0w0Y6um-tXeWrY1qqpRU25_TpKwNb92q3Owv3NOuESqKICLV0dQgyv6UpiK_Q9dqu29ckdNSEAR2f3KRaTvn4itdfKg8T31C8Wit8Ec4swJYs0qsf1ZP9VUruFeeRSddRUteCFeZARI13tM2TBwSUT2LwyTBgxcazotJlei_9HYpeLlJ-Iq-sVEXzsHqSlLv-CNC-7jEngTv1tj5Bzwbpr6EM8D79U7rsIAZ9EWiwG8dl8rSDS7zhPIDN-QBuVUGRRZ_WCo82hTmQi63zRdxPHqhxdrjTj62B_adnVjSZvfADv1IjTqyUYmtEraXgbgHpq-sN6gmhWM7o4gm1LQvOapWiIAct-NzTT91artH7PyMiAvSQEDOwEN5aZ5tfLrVwLTfQ5p36Yv3dau-7OQ1rPYPrsh1Axn_VgwVmscRhDLi0jA4j4W53YD-laHZAGN7uN-jchpr9DbG1HHl3OZaG3TRLz9QCz-n556TqwEU9SMduEzH5FN7ScGXHOCd5H45N-c1UOYVoj5jOpYdebDhZEQmq6BLtBgVFc1N9E3gUW4BlKfgPtZIB3XJdh-PvCftOCUULljpuaZ6WaAl3qySe5EQHZO8K4yxN4jLzMGBzNM026OpXOiZ5VMXB_5GBJu9MPxE52tXvMmMgd64Ce-Yq9XhnGnrhWgJA0wJAlWvec9lnojkLf_AwUk4vaH0uBFbQw3zK7D6uIOdVmKeYVQ04Hn2bXZI3WmTYK-Lhn6LQgqWfFVQnpkmaPQj1Ou_71fEJcZrQeWPihuUKdSaq7RcwovK9PJ0ukkatkochTriLPNwmRvdzge9pnNCs9tXISGqVCBqVhkDwMWA7SCm3goDiQSifhEjvBcuAj_Bc5l1_2UAF8Ct4YTfW6uGa1ghzvilDhgf7ZSjaUP4slv_ROArdI4EW3Nl6p642t_hG2Q8e4DGAzfmohjS4UgksdW9d-AyvVuu4Tf2QErjnDr7Mwu0ik2jN4xCuhNF4InyVptZYfMf8cfCwl5JPO_RIz-9Ty8_ZfNqQ5zZzIKb9xpfaM6i-hAvPoviV6yMXA6cprC4TH0ulv6D3KAnd7mvE9f3IEOktSTzx4ZvVhHUty7KCQTwXokZj_MFsg6yVUfs9HJXI0tbEwqq26UPP6LZbe2kPsVgR3xhgia6TyiMZQ9rtKk0KQpATACphCL1yOSPgf8DWAZCWHvAvXSVp3x1kiLgdjxv-mMfeXWqrA5uTmdPEBIHu_Ot7He94zytRl2pq0fD-S9A7Fun2AhjUIQU-ADo79k36e1TsrshSXF7pgvdTrsdUYqifZf6_-oj9A6nFExrvj6KIC9wSCztGWkHMfwm9o&cid=CAASPeRoscT_gfvF9wIQ8XP9CvsxECL2TUlwx2HGldc8MuhXpE7voeptX4KOXWNKXZ2u2W4nlVXzg6qo1CZvbeY&rfl=1%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:17:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
99
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 13:17:55 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 5D4B 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BGFOFhH7HB135maUr6WvV_Gws1617X1XyYBGUPy5mVf45xdUHiRq7oNuOZnz3Kp6WRk6BvmhYiFS7Bj_c_C7LpJkJ6nnV62QKsEqDQyT3YUWBqJU8MrPNyk4g1JZK5OpbUADhNr5q8oKc2k8vsrqB9_OG3Kg&dbm_d=AKAmf-APCQyf4PHkjiV1KQx0Wi4iqWuqcrGuQTKtuXw1VScWKeXsA0Oi-SnKOD91tUHRdO0SzCyUxuImRooGO0MdkChNRZ6ojUS1Ton_f3-m7ryNfx9OPvI99XHgFwe5ndadKaMvvA8WGj6iQW2B9OQjBvxO2Z1sbkdKBatu9wqMwCiTu89DJNz-l2nNpYxwR3szVK9yBuoCxMxWIbdE1Xwujg8i21aS9IZuNjigYVqGQBVpvt5rSJAwB-WWJkIQhiW6d748id2TWHmvI87lZkWRG9ktZsDfrbxBzs4V66_2s6juFf0PWmU462xBim9BUnL56eprP1O-yrphOW_C3W9rFGUEDDQiGZWpeyXWZOpefqO6qUnXzjxXXrIdzlGFnYSQXQAfLHvhu3B2K8CujdargDHphUD3kj7cFp9IHYxxW4Ize7AWIBHttuFebP344tg24OG_WYfu5EsMf3O96jqYFvhG9aFaZ4uamOjNhlLtxJ9TaNfXLKXTWlwPX02zwhLe2pgUrtR0Edj_zj0ZX5jXXJI4F13F6gQ6PWxd3nRE1L1-3dcnhlk2II42cYaDfQGx4KCr5srZUiil0b59uams6lL3OEkt_O8V5Sqa5AdZxzIipBotgbUd_MXwrlB9RIq2CM4O7i4e7z6n0kODFDLtGLP0zw2Lq2D3W2otHp1UFLj4sXTLWFAq0Tv7ULgv-niHSDa8p2SepyQUatM-ECUe-jmJgrUEncjpiIlpm9UMQCRH8392Lluw6cg4NsAR26SqRYHj3BGQkJoJIvHvocDT3o4yPhNxhFuiPPNQ6iW5exjA511hvpHcPPARMHva5NvPPqQRLiJKAc9e-ITfEMR2jiOWsO-Hoah3-KP2Xx_OsapaGwESnk0eAuFQYL8m0DmFsdSigi9geQRqUzYRHsmYkZms_N6LCQmJdhjDbsuyyfWGVnL9KXZQUujGT4dRKTemJYM_RzagPRdDGe9CjsPmbUd6T09AV99bqP7Y9qiSbqrWdKFxV_AngJMLdPXRW7f6VWBfgF1T-GD-ZRSB8anYbhvfgwQCj8GbW1qjDGnH8X2kYi8Rsgge9qFnr7ZhZZtgui7nZgz9ru0A_xzRLuMN-Wfl7mS4jkRXGZ_fZbW-4-jAOv1KOlwLKtF1hPzn5eeEBRwuef5vmg9vIyzpdfWJ6-FnqLLGaY20-TsHta6lXC71JydK0Zg1OzFgeq3AFqmEExToF7ZBVThapOtFQFETohg4ZcHK0bxfiTW_91deeKmO6VAKOPUExG9gr4q77UplDNluZMqa7_Dqd5u-lEuba_hSfjlN9Ehwgfkq8z1UNA0S2o7IjBLlV3Q64Zp2rYxIxQsdMvHqjCCDwExyc8hYdUO833eEHlDQtY8DQt9S2xXdrAoQkh-cKPLj8F-VAitNMg-6gPyzzYluY7TX7ROWL7gHB68ruA920U02enWLarTEryOVl4oJh67tCQrDfaM0rUtPjktHenodzgDO_zEDcvW6wBhrepEuMAiXK2KO_HB9rcQDF9uPMfnnv5vOwKTL9kP6Is14lkof0otY_ELrzPHrZAOl3ntG_xjJiDCcQ0rNIHC4YVtCVy78UjIIOnZC1nPvq1vF0WpaSY7ajHTDImGQdjGf8zWUNBxpzBbbzmOR0qL03ajAyttq3_XJ7AoIMRPSA5WO3BWJRxd-JU7uwWU9dSgjhFSsymCrl-Yh3z9ifEYahkIENnIP1aOmvLhjcMJE61Ik8oH_VLl3OmFs6VyU5aQSVMRHSzYjNJIgEq2bRVMKWURtA4_i7k57hOS_9BvdGLdIPQkpz0tqT0612g8vOeIxCVeSHYxUih4HRn7egqCk8i3cw0w0Y6um-tXeWrY1qqpRU25_TpKwNb92q3Owv3NOuESqKICLV0dQgyv6UpiK_Q9dqu29ckdNSEAR2f3KRaTvn4itdfKg8T31C8Wit8Ec4swJYs0qsf1ZP9VUruFeeRSddRUteCFeZARI13tM2TBwSUT2LwyTBgxcazotJlei_9HYpeLlJ-Iq-sVEXzsHqSlLv-CNC-7jEngTv1tj5Bzwbpr6EM8D79U7rsIAZ9EWiwG8dl8rSDS7zhPIDN-QBuVUGRRZ_WCo82hTmQi63zRdxPHqhxdrjTj62B_adnVjSZvfADv1IjTqyUYmtEraXgbgHpq-sN6gmhWM7o4gm1LQvOapWiIAct-NzTT91artH7PyMiAvSQEDOwEN5aZ5tfLrVwLTfQ5p36Yv3dau-7OQ1rPYPrsh1Axn_VgwVmscRhDLi0jA4j4W53YD-laHZAGN7uN-jchpr9DbG1HHl3OZaG3TRLz9QCz-n556TqwEU9SMduEzH5FN7ScGXHOCd5H45N-c1UOYVoj5jOpYdebDhZEQmq6BLtBgVFc1N9E3gUW4BlKfgPtZIB3XJdh-PvCftOCUULljpuaZ6WaAl3qySe5EQHZO8K4yxN4jLzMGBzNM026OpXOiZ5VMXB_5GBJu9MPxE52tXvMmMgd64Ce-Yq9XhnGnrhWgJA0wJAlWvec9lnojkLf_AwUk4vaH0uBFbQw3zK7D6uIOdVmKeYVQ04Hn2bXZI3WmTYK-Lhn6LQgqWfFVQnpkmaPQj1Ou_71fEJcZrQeWPihuUKdSaq7RcwovK9PJ0ukkatkochTriLPNwmRvdzge9pnNCs9tXISGqVCBqVhkDwMWA7SCm3goDiQSifhEjvBcuAj_Bc5l1_2UAF8Ct4YTfW6uGa1ghzvilDhgf7ZSjaUP4slv_ROArdI4EW3Nl6p642t_hG2Q8e4DGAzfmohjS4UgksdW9d-AyvVuu4Tf2QErjnDr7Mwu0ik2jN4xCuhNF4InyVptZYfMf8cfCwl5JPO_RIz-9Ty8_ZfNqQ5zZzIKb9xpfaM6i-hAvPoviV6yMXA6cprC4TH0ulv6D3KAnd7mvE9f3IEOktSTzx4ZvVhHUty7KCQTwXokZj_MFsg6yVUfs9HJXI0tbEwqq26UPP6LZbe2kPsVgR3xhgia6TyiMZQ9rtKk0KQpATACphCL1yOSPgf8DWAZCWHvAvXSVp3x1kiLgdjxv-mMfeXWqrA5uTmdPEBIHu_Ot7He94zytRl2pq0fD-S9A7Fun2AhjUIQU-ADo79k36e1TsrshSXF7pgvdTrsdUYqifZf6_-oj9A6nFExrvj6KIC9wSCztGWkHMfwm9o&cid=CAASPeRoscT_gfvF9wIQ8XP9CvsxECL2TUlwx2HGldc8MuhXpE7voeptX4KOXWNKXZ2u2W4nlVXzg6qo1CZvbeY&rfl=1%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4c0938e087a40c05a99d723eaf012958e03b048659bed9b36a2bc63f766d32b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8593
x-xss-protection
0
server
cafe
etag
3013172215444160546
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 13:16:45 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 5BD7 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A7NydyyZ8TY1WoZR2xOwTbH62paKlEOSBNW5gZC5GDnFvUr9eDIwoWbPT5TnwPlAiq8IzQp0rF3MSFerfrwi7O8LQ6dmlukbWgLwPREkfHjixgsUOzg_xIGdlfOOUty1v3c64e9DjyKneTRuZ57z9gI_yx3w&dbm_d=AKAmf-BG75Lozn3Otyi6RrLxIsBZwRGK0ZBhClOc0LzJqWD9-Y8rWFuS03G9eoCUSPk9WdLfK1DUIvto8Za5t_fPPQ3hqXQIIpbCS0smDUAKj0CuxMT3IpIiPftCnzm3lNqybF34Ha_uzBsIBAeyriC0wy533obNJPcmNcLX_WCKhyvwfJwi9IgVm8Y1_4bDWAQaMMR9Jgue6t3V1RjGsKRhdPZQPpOx11wCOk-ZdrUEwrn9lnu94iJiuyvRm8dXYWWT0vQSlUvf_n0QrcjSpU8VezlLomLehHy0L3KHAqAdofLBGi04D5I5DxFRhdeLXk2U-E96J45xMyMN1hB1rHaq4r0TekIHvAoKs9yfiQKIcyJ12RzoEeVwGWDGqmaBQz5cZKOeyXfYSfjUCOu_2DLZpTbRv4cMBMKk2b1pyRDeFcVgV-3_NYRpH0VAw2VsFJEsqi8FD-wyL5j2fkbMTiCoGH6J7pT_1fhQ65ICKgVcimPhrsy0aBYi23FAqCISO77YsekZPxolq0Z1OZmgyVEmRMIpGsS5ociZ7B1v1Jmv78fYydECg29GimWSCkEJS-hAGZOks0ZY5fPljs4V2ebTwRZpF-k5h9pRVGCPi74oEwfgoaKy6YrcglflzybcY5zdI_zl9uy3y0Aseyue4u7zueEN3p4gPdNEDGUWFt8Q5sxie70osgcTf_YZyYXx4Klrhgk7cap3EAPlf3a6CCEzqKD64G9jy9okmHcQsurtcK0FmW5QDZf-lhsoYH1x5pT2G-4Q1zvNubZFHU6GeOYEetWi_Wc0ShR_i_XeTfb3Y1o_T7SzziqoGQlm_A9T8sQp9njjzqiaRietJYu2sdVVLnp_FSDLZID9pb8O4hjYYaiEADR35u8mojDt1fJakMPtAD1GcmCf24sL4ey5RziFjI0vg3g1BfARqtNtRI5D4ExiNV55_ayl1DFMTf2OhTP4F3elY_p4vlEpoiCAKBUlEurrV3ONVqFqYJ2fbiXHwFHBNhmAfJbbjG8U1UiuItzggViqsgyGvOMddm6VSbVSP8qeaKT29NSEMovA-3JfW9ZN3VTGHjy_UCOB81UC4dOPZbE4ysjRIdTYpYWDtkUpZm0TW8_q_fd5ncQB187HJv76q61IKMBk5sZHxUGb3dvagQmgJh1OpoAAG-HFsttigD2ygeGZtztlKAz-Fcq5srWh_ClJDmICeMKx06mDWTq4lcP0x5ob2pG3HQxP2DfXEWFofhNPU5CCY_HykxJl-w3kAlvPFuyFiioZVajur-p49Da_v5_XWcdYZ0yb5Wc2awrAZT5vVwmX5A9bp2WwoJkPNsNzdV0VOchJes5zNIvctYmKajxOMzdG3ujALZrDAW6Vm4lSS2q7vtrIdZip92lyg0z8Svd8j23W3NHFLYwWRKPUugBP2qX7jm6Gr0AOh0QQqkJIdLSuf0pWDyJ7FHjnKjiHxYJqZTcRN6IeUmWfGqts5WwtCTyjGRB6rrq-UnYFEYa0RzZrWsqeXO0ce_c_ngOBkmYhSHOKaJnKnNTvgyLlsHj7wkpeAupQBg8qa9q4mC6KhfF4rLzeizL364JkAtbTDEXWmlWB6BcGF1ru1LlZSMRKZyriaCx3f0IurXC_FpGamoAKgJKKZLgFk6d_If_PUAd6buZN_tE7LqIK5dgP2qinBrs1o-tKTGyXzEFvhEvNnCo5k7QTzdhSdiIUSWpmmil6cvr4GCraTA0W_d-VsK-ujp8ArIsl7_zjx_GFnnKFYklw97SWirX-lZgO15vlG56h0ayJvbk_n9xpTz-kXBAX0VSQ2bUFjtvTTFSVanwwMMoIrtwuPCNeHgbEBoaLmDEGWQ_BMvytNE1edBx1ao56QTB_5iaiTYyyCcPI1Nz_jRQyZ12Pb8OeCl9FWrGq6HaHb5v06v7DDOCE-vfEMcH48-YJt0IIO19j6cCBetnu0Bp0xv018EOgJojcUTgfTxGXcqtsMWgkgwhTW1nv2g_tz7TqE6q8B4TuwPE6AXKLFoAPXHKegwKucyUCXUvLzBrY_4lX8r7L-XVBX48tfF8aNaVlKrUBNLQpyougovQZRh5NlDfYRMV__G08F2p54q7_oCqfRapHthfMkbGkhHB1lcOHSJ08h25Cd2epJ6AdSLHsXdELy7PJl53P9jTCuCOnUwn7Q24EaJkNKq11AETltpZZYdmLj6ZgrFyj75Zh5trbNhtK3prtu-Pbcpt3CHKqMuF59WT7WwYR_00NhlJryZKfbqSx6kjSESoQ0Sq8mg6ZLRA6J0Z-6q0HbDbXlPi5qInjtpTuOzaf3zOimNujRat8qaCXJly0ngXLd402Z6SekXzFCdYcodruOc0o9J7z8xWvF2fXze1iU5RwKgD5FcgDY7CFV23rTzlUBTDBmclyYm6kKzYPLrKRJB-nVIgCpm9VsAIqPfBMpYa7c2nnz5vw4CtEF1fbFEp8Be1s2qbyhapSHqTwT5BwCRgaMb9wTzoExXlIjNXgD9g32ICNqZjrDf6uEPhg-P-b6NcQd5LlQ2GFOOLKQGbj6ALHPPbL0T_PeKtYqdOZmh1V4o7qNs5syJTetxc2FU4-fxs_VShHhgfSkMUuMFHkBaEzfmXWhuLjTHlhmmuW30w070aj4kViVFYYwDWuUHQ8ZaUFUz9-QHBKUGt0nPMW8P-oZjfc5YG9XLuP-Btx2KpE5bD2XYtZ42A5P1O5fUE0ZkiOqhcM7r5cWcdZONRBeH-um93Nd7oSuDHPTQr8p22q415hljjXesDKLzB_wpaw5Isye7CcXUzdHD2c7l-WtrHuO2RqWpKHhOWyiM7elSF1kKjG1z6bmgYmZe2S8ClpDsgVlWCMwp9P6rbEdOIjTBZ0Af9LGJObflJxdmF0r5O8YaiZriGQxBkRR1rhY7nWjmj1yDsw5a_aszl7pJ42i3NJGB589snS99Zsj-89GrRet-5uI6YSi_4VvU-B2dxDszZ5ql8MxXlGFP1gYfgOFJ2RdR9Hw4Lf3RAThiXwQzBu0ZTq3ttpkTmAoQUimWIaPk0YNHTo0S7FS0VySb6-EbpD57LF5ZIyFo6Gk8k6kpUqzuV1HTIwhPrPL3e8BDSzLjUp5ZHfc7sq4n4Z-GAkWLJQA8If855bw_HOJDi8DRp9M8y8b6pEtC4jXmBOpUuNeUgcDnP0QRhxFr7IcI4ohM3TCFM&cid=CAASPeRo3g8jddz4zEhOwyNZAL1LxL1s2fzzBLArwmpa13eV-VCPqXO6YwfBObxyrAezzpkF3DU3rwcHti9GjC8&rfl=1%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4c0938e087a40c05a99d723eaf012958e03b048659bed9b36a2bc63f766d32b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8593
x-xss-protection
0
server
cafe
etag
3013172215444160546
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 13:16:45 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/ Frame 5BD7 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A7NydyyZ8TY1WoZR2xOwTbH62paKlEOSBNW5gZC5GDnFvUr9eDIwoWbPT5TnwPlAiq8IzQp0rF3MSFerfrwi7O8LQ6dmlukbWgLwPREkfHjixgsUOzg_xIGdlfOOUty1v3c64e9DjyKneTRuZ57z9gI_yx3w&dbm_d=AKAmf-BG75Lozn3Otyi6RrLxIsBZwRGK0ZBhClOc0LzJqWD9-Y8rWFuS03G9eoCUSPk9WdLfK1DUIvto8Za5t_fPPQ3hqXQIIpbCS0smDUAKj0CuxMT3IpIiPftCnzm3lNqybF34Ha_uzBsIBAeyriC0wy533obNJPcmNcLX_WCKhyvwfJwi9IgVm8Y1_4bDWAQaMMR9Jgue6t3V1RjGsKRhdPZQPpOx11wCOk-ZdrUEwrn9lnu94iJiuyvRm8dXYWWT0vQSlUvf_n0QrcjSpU8VezlLomLehHy0L3KHAqAdofLBGi04D5I5DxFRhdeLXk2U-E96J45xMyMN1hB1rHaq4r0TekIHvAoKs9yfiQKIcyJ12RzoEeVwGWDGqmaBQz5cZKOeyXfYSfjUCOu_2DLZpTbRv4cMBMKk2b1pyRDeFcVgV-3_NYRpH0VAw2VsFJEsqi8FD-wyL5j2fkbMTiCoGH6J7pT_1fhQ65ICKgVcimPhrsy0aBYi23FAqCISO77YsekZPxolq0Z1OZmgyVEmRMIpGsS5ociZ7B1v1Jmv78fYydECg29GimWSCkEJS-hAGZOks0ZY5fPljs4V2ebTwRZpF-k5h9pRVGCPi74oEwfgoaKy6YrcglflzybcY5zdI_zl9uy3y0Aseyue4u7zueEN3p4gPdNEDGUWFt8Q5sxie70osgcTf_YZyYXx4Klrhgk7cap3EAPlf3a6CCEzqKD64G9jy9okmHcQsurtcK0FmW5QDZf-lhsoYH1x5pT2G-4Q1zvNubZFHU6GeOYEetWi_Wc0ShR_i_XeTfb3Y1o_T7SzziqoGQlm_A9T8sQp9njjzqiaRietJYu2sdVVLnp_FSDLZID9pb8O4hjYYaiEADR35u8mojDt1fJakMPtAD1GcmCf24sL4ey5RziFjI0vg3g1BfARqtNtRI5D4ExiNV55_ayl1DFMTf2OhTP4F3elY_p4vlEpoiCAKBUlEurrV3ONVqFqYJ2fbiXHwFHBNhmAfJbbjG8U1UiuItzggViqsgyGvOMddm6VSbVSP8qeaKT29NSEMovA-3JfW9ZN3VTGHjy_UCOB81UC4dOPZbE4ysjRIdTYpYWDtkUpZm0TW8_q_fd5ncQB187HJv76q61IKMBk5sZHxUGb3dvagQmgJh1OpoAAG-HFsttigD2ygeGZtztlKAz-Fcq5srWh_ClJDmICeMKx06mDWTq4lcP0x5ob2pG3HQxP2DfXEWFofhNPU5CCY_HykxJl-w3kAlvPFuyFiioZVajur-p49Da_v5_XWcdYZ0yb5Wc2awrAZT5vVwmX5A9bp2WwoJkPNsNzdV0VOchJes5zNIvctYmKajxOMzdG3ujALZrDAW6Vm4lSS2q7vtrIdZip92lyg0z8Svd8j23W3NHFLYwWRKPUugBP2qX7jm6Gr0AOh0QQqkJIdLSuf0pWDyJ7FHjnKjiHxYJqZTcRN6IeUmWfGqts5WwtCTyjGRB6rrq-UnYFEYa0RzZrWsqeXO0ce_c_ngOBkmYhSHOKaJnKnNTvgyLlsHj7wkpeAupQBg8qa9q4mC6KhfF4rLzeizL364JkAtbTDEXWmlWB6BcGF1ru1LlZSMRKZyriaCx3f0IurXC_FpGamoAKgJKKZLgFk6d_If_PUAd6buZN_tE7LqIK5dgP2qinBrs1o-tKTGyXzEFvhEvNnCo5k7QTzdhSdiIUSWpmmil6cvr4GCraTA0W_d-VsK-ujp8ArIsl7_zjx_GFnnKFYklw97SWirX-lZgO15vlG56h0ayJvbk_n9xpTz-kXBAX0VSQ2bUFjtvTTFSVanwwMMoIrtwuPCNeHgbEBoaLmDEGWQ_BMvytNE1edBx1ao56QTB_5iaiTYyyCcPI1Nz_jRQyZ12Pb8OeCl9FWrGq6HaHb5v06v7DDOCE-vfEMcH48-YJt0IIO19j6cCBetnu0Bp0xv018EOgJojcUTgfTxGXcqtsMWgkgwhTW1nv2g_tz7TqE6q8B4TuwPE6AXKLFoAPXHKegwKucyUCXUvLzBrY_4lX8r7L-XVBX48tfF8aNaVlKrUBNLQpyougovQZRh5NlDfYRMV__G08F2p54q7_oCqfRapHthfMkbGkhHB1lcOHSJ08h25Cd2epJ6AdSLHsXdELy7PJl53P9jTCuCOnUwn7Q24EaJkNKq11AETltpZZYdmLj6ZgrFyj75Zh5trbNhtK3prtu-Pbcpt3CHKqMuF59WT7WwYR_00NhlJryZKfbqSx6kjSESoQ0Sq8mg6ZLRA6J0Z-6q0HbDbXlPi5qInjtpTuOzaf3zOimNujRat8qaCXJly0ngXLd402Z6SekXzFCdYcodruOc0o9J7z8xWvF2fXze1iU5RwKgD5FcgDY7CFV23rTzlUBTDBmclyYm6kKzYPLrKRJB-nVIgCpm9VsAIqPfBMpYa7c2nnz5vw4CtEF1fbFEp8Be1s2qbyhapSHqTwT5BwCRgaMb9wTzoExXlIjNXgD9g32ICNqZjrDf6uEPhg-P-b6NcQd5LlQ2GFOOLKQGbj6ALHPPbL0T_PeKtYqdOZmh1V4o7qNs5syJTetxc2FU4-fxs_VShHhgfSkMUuMFHkBaEzfmXWhuLjTHlhmmuW30w070aj4kViVFYYwDWuUHQ8ZaUFUz9-QHBKUGt0nPMW8P-oZjfc5YG9XLuP-Btx2KpE5bD2XYtZ42A5P1O5fUE0ZkiOqhcM7r5cWcdZONRBeH-um93Nd7oSuDHPTQr8p22q415hljjXesDKLzB_wpaw5Isye7CcXUzdHD2c7l-WtrHuO2RqWpKHhOWyiM7elSF1kKjG1z6bmgYmZe2S8ClpDsgVlWCMwp9P6rbEdOIjTBZ0Af9LGJObflJxdmF0r5O8YaiZriGQxBkRR1rhY7nWjmj1yDsw5a_aszl7pJ42i3NJGB589snS99Zsj-89GrRet-5uI6YSi_4VvU-B2dxDszZ5ql8MxXlGFP1gYfgOFJ2RdR9Hw4Lf3RAThiXwQzBu0ZTq3ttpkTmAoQUimWIaPk0YNHTo0S7FS0VySb6-EbpD57LF5ZIyFo6Gk8k6kpUqzuV1HTIwhPrPL3e8BDSzLjUp5ZHfc7sq4n4Z-GAkWLJQA8If855bw_HOJDi8DRp9M8y8b6pEtC4jXmBOpUuNeUgcDnP0QRhxFr7IcI4ohM3TCFM&cid=CAASPeRo3g8jddz4zEhOwyNZAL1LxL1s2fzzBLArwmpa13eV-VCPqXO6YwfBObxyrAezzpkF3DU3rwcHti9GjC8&rfl=1%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:17:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
99
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 13:17:55 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5BD7 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A7NydyyZ8TY1WoZR2xOwTbH62paKlEOSBNW5gZC5GDnFvUr9eDIwoWbPT5TnwPlAiq8IzQp0rF3MSFerfrwi7O8LQ6dmlukbWgLwPREkfHjixgsUOzg_xIGdlfOOUty1v3c64e9DjyKneTRuZ57z9gI_yx3w&dbm_d=AKAmf-BG75Lozn3Otyi6RrLxIsBZwRGK0ZBhClOc0LzJqWD9-Y8rWFuS03G9eoCUSPk9WdLfK1DUIvto8Za5t_fPPQ3hqXQIIpbCS0smDUAKj0CuxMT3IpIiPftCnzm3lNqybF34Ha_uzBsIBAeyriC0wy533obNJPcmNcLX_WCKhyvwfJwi9IgVm8Y1_4bDWAQaMMR9Jgue6t3V1RjGsKRhdPZQPpOx11wCOk-ZdrUEwrn9lnu94iJiuyvRm8dXYWWT0vQSlUvf_n0QrcjSpU8VezlLomLehHy0L3KHAqAdofLBGi04D5I5DxFRhdeLXk2U-E96J45xMyMN1hB1rHaq4r0TekIHvAoKs9yfiQKIcyJ12RzoEeVwGWDGqmaBQz5cZKOeyXfYSfjUCOu_2DLZpTbRv4cMBMKk2b1pyRDeFcVgV-3_NYRpH0VAw2VsFJEsqi8FD-wyL5j2fkbMTiCoGH6J7pT_1fhQ65ICKgVcimPhrsy0aBYi23FAqCISO77YsekZPxolq0Z1OZmgyVEmRMIpGsS5ociZ7B1v1Jmv78fYydECg29GimWSCkEJS-hAGZOks0ZY5fPljs4V2ebTwRZpF-k5h9pRVGCPi74oEwfgoaKy6YrcglflzybcY5zdI_zl9uy3y0Aseyue4u7zueEN3p4gPdNEDGUWFt8Q5sxie70osgcTf_YZyYXx4Klrhgk7cap3EAPlf3a6CCEzqKD64G9jy9okmHcQsurtcK0FmW5QDZf-lhsoYH1x5pT2G-4Q1zvNubZFHU6GeOYEetWi_Wc0ShR_i_XeTfb3Y1o_T7SzziqoGQlm_A9T8sQp9njjzqiaRietJYu2sdVVLnp_FSDLZID9pb8O4hjYYaiEADR35u8mojDt1fJakMPtAD1GcmCf24sL4ey5RziFjI0vg3g1BfARqtNtRI5D4ExiNV55_ayl1DFMTf2OhTP4F3elY_p4vlEpoiCAKBUlEurrV3ONVqFqYJ2fbiXHwFHBNhmAfJbbjG8U1UiuItzggViqsgyGvOMddm6VSbVSP8qeaKT29NSEMovA-3JfW9ZN3VTGHjy_UCOB81UC4dOPZbE4ysjRIdTYpYWDtkUpZm0TW8_q_fd5ncQB187HJv76q61IKMBk5sZHxUGb3dvagQmgJh1OpoAAG-HFsttigD2ygeGZtztlKAz-Fcq5srWh_ClJDmICeMKx06mDWTq4lcP0x5ob2pG3HQxP2DfXEWFofhNPU5CCY_HykxJl-w3kAlvPFuyFiioZVajur-p49Da_v5_XWcdYZ0yb5Wc2awrAZT5vVwmX5A9bp2WwoJkPNsNzdV0VOchJes5zNIvctYmKajxOMzdG3ujALZrDAW6Vm4lSS2q7vtrIdZip92lyg0z8Svd8j23W3NHFLYwWRKPUugBP2qX7jm6Gr0AOh0QQqkJIdLSuf0pWDyJ7FHjnKjiHxYJqZTcRN6IeUmWfGqts5WwtCTyjGRB6rrq-UnYFEYa0RzZrWsqeXO0ce_c_ngOBkmYhSHOKaJnKnNTvgyLlsHj7wkpeAupQBg8qa9q4mC6KhfF4rLzeizL364JkAtbTDEXWmlWB6BcGF1ru1LlZSMRKZyriaCx3f0IurXC_FpGamoAKgJKKZLgFk6d_If_PUAd6buZN_tE7LqIK5dgP2qinBrs1o-tKTGyXzEFvhEvNnCo5k7QTzdhSdiIUSWpmmil6cvr4GCraTA0W_d-VsK-ujp8ArIsl7_zjx_GFnnKFYklw97SWirX-lZgO15vlG56h0ayJvbk_n9xpTz-kXBAX0VSQ2bUFjtvTTFSVanwwMMoIrtwuPCNeHgbEBoaLmDEGWQ_BMvytNE1edBx1ao56QTB_5iaiTYyyCcPI1Nz_jRQyZ12Pb8OeCl9FWrGq6HaHb5v06v7DDOCE-vfEMcH48-YJt0IIO19j6cCBetnu0Bp0xv018EOgJojcUTgfTxGXcqtsMWgkgwhTW1nv2g_tz7TqE6q8B4TuwPE6AXKLFoAPXHKegwKucyUCXUvLzBrY_4lX8r7L-XVBX48tfF8aNaVlKrUBNLQpyougovQZRh5NlDfYRMV__G08F2p54q7_oCqfRapHthfMkbGkhHB1lcOHSJ08h25Cd2epJ6AdSLHsXdELy7PJl53P9jTCuCOnUwn7Q24EaJkNKq11AETltpZZYdmLj6ZgrFyj75Zh5trbNhtK3prtu-Pbcpt3CHKqMuF59WT7WwYR_00NhlJryZKfbqSx6kjSESoQ0Sq8mg6ZLRA6J0Z-6q0HbDbXlPi5qInjtpTuOzaf3zOimNujRat8qaCXJly0ngXLd402Z6SekXzFCdYcodruOc0o9J7z8xWvF2fXze1iU5RwKgD5FcgDY7CFV23rTzlUBTDBmclyYm6kKzYPLrKRJB-nVIgCpm9VsAIqPfBMpYa7c2nnz5vw4CtEF1fbFEp8Be1s2qbyhapSHqTwT5BwCRgaMb9wTzoExXlIjNXgD9g32ICNqZjrDf6uEPhg-P-b6NcQd5LlQ2GFOOLKQGbj6ALHPPbL0T_PeKtYqdOZmh1V4o7qNs5syJTetxc2FU4-fxs_VShHhgfSkMUuMFHkBaEzfmXWhuLjTHlhmmuW30w070aj4kViVFYYwDWuUHQ8ZaUFUz9-QHBKUGt0nPMW8P-oZjfc5YG9XLuP-Btx2KpE5bD2XYtZ42A5P1O5fUE0ZkiOqhcM7r5cWcdZONRBeH-um93Nd7oSuDHPTQr8p22q415hljjXesDKLzB_wpaw5Isye7CcXUzdHD2c7l-WtrHuO2RqWpKHhOWyiM7elSF1kKjG1z6bmgYmZe2S8ClpDsgVlWCMwp9P6rbEdOIjTBZ0Af9LGJObflJxdmF0r5O8YaiZriGQxBkRR1rhY7nWjmj1yDsw5a_aszl7pJ42i3NJGB589snS99Zsj-89GrRet-5uI6YSi_4VvU-B2dxDszZ5ql8MxXlGFP1gYfgOFJ2RdR9Hw4Lf3RAThiXwQzBu0ZTq3ttpkTmAoQUimWIaPk0YNHTo0S7FS0VySb6-EbpD57LF5ZIyFo6Gk8k6kpUqzuV1HTIwhPrPL3e8BDSzLjUp5ZHfc7sq4n4Z-GAkWLJQA8If855bw_HOJDi8DRp9M8y8b6pEtC4jXmBOpUuNeUgcDnP0QRhxFr7IcI4ohM3TCFM&cid=CAASPeRo3g8jddz4zEhOwyNZAL1LxL1s2fzzBLArwmpa13eV-VCPqXO6YwfBObxyrAezzpkF3DU3rwcHti9GjC8&rfl=1%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 20:56:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59002
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 May 2022 20:56:12 GMT
/
d.agkn.com/pixel/2387/ Frame 5BD7 		43 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/2387/?ct=DE&st=&city=0&dma=0&zp=&bw=0&che=4200959769&col=24601636,4128031,296411594,489750420,146474889
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.108.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-108-245.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:34 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 01 Jan 2000 00:00:00 GMT
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 999D 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 12:48:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1889
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 May 2021 12:48:05 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/ Frame 999D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ARuTDcq99M-gvcv4gpD_V5HogTJjAVxbWEANjdP9AHAqA_G_PrXxxU-CC1qHZU3Bz4Iv4wTOtY-Zq14KGOWooS6vSM-Axigc83pU4N0fy1B2WbZtog6HvNSRPAnfZqfOkKd1YLwp8O-3Xw8CKFH5wAPVVh3Q&dbm_d=AKAmf-Dd7rdmOy5kOEUpP0y82i_Apcd34iOEN_ymTYR9O6r2MNqMAIM9W8yUeTCiG8yeyKdEBq8oMIk1rZ2r6jNAzBDIigN5D0St1kNEd2-Hs_kRcOvSudrkII_RAD1SI6Tf-kaJ7FY3s1MSRlXPU2wTVBo_kEhFo0mvpc6NAmUcvMmeAZ_mVodegUIyN3zEttRDA6KJdbnZCmNSClD-88NcR2E9zL0Peon-yfYYXAXN2-hOIjJRn6eHQGM9GmWkxnDCqHKSGgRWviAHW6SH-VNwANFddVMQZPFa0R6ZX4KU4YdGFSKyHdbMMZm6yqjnNHKD6AnQXOg3H-Xw25fv4kuK9WSIBuxVrnN_bRZMRtY-7xExWuwoyDJj4aj5VMljkqt3ASlfHA33hT12uavXoVEkiOPiBjd74v-Y3LdUhD3FayPJ4d36e0rJ3RuhvR-VD6vSB7sf7nE3txiBh0SBnTfccvvvijJPTxaclu_wBfizcN-lXY3HzfKuUBsrSS07s4MfV-s7bHUrMg4hiH32wTTBQYcPFMetebzlY1h5TulHyA7-n61_Ee4_uTisECpQTXu6oH9LNa9lpZN48TU4O3_U9g6Z9YExGkLLOly2gZXGiuaEKVoLLwaJsIyOmuT1ZgG7IrmlhSnCIqakPUda2qW7AbrVemWs3ouIe4PaCQtgiL7fFbRXroaKEwzGEfVehZKc6TPo35NpJ4AW-ccRJptEvsjzI1Vv1bicB4T1NYTDpLSCynVo_NbhJ0EMr_McmvojNje8PxeRO4VISZQw8aMKzRSYAJfhdt245a4QxjatYbt4uGJqAae_cIg9jYGykD257bTS5SMJiel6fviPKqCq1drmuzMc3KD2uKkp5EzMoHOoi8U88fsLDkcXaN7c7_8blGWl7k-Z2GFeu7j_3bqxWWfOKomZBUWpPLBOZ_0SPA2e2QmapYqhOQW_kro8jUvxEhGzFBcvXNDzJANvBPnpK-OKV7X4JNPOhmeVRBzyYu_FKk_2xXOhrIa5ye5Me70HZaaK-u-v5xiTWAGnFpLUA706maL2OX9_CMAC7d9j_OHSIJ6YgfA0TdDAfWw-PFDvCeymXKArcAV1zk5JhFcK9H4gMPsg1pEGqByIYmX_mZTLVBIKn2ao40DwEE-TwK3kS0NCQ96Ck8JVN-mYVhxrrKg6BLFYZTBbhRY0lW9U0D3aMgLSpc87z82Yg04-BXSABaxVawTQHJ21CvROL-DICqL-xOpW927IAeZ8bxBcSe6sU9PzVxufWjNVQ27h0En9ImKmM4VcuYhUnA79b4Fkc2nfs1CjYDKpvkFZcfGNPcUd9Jsj3_cVNCE94OtcrF9JQKn8_lxuPLU241B9GFL8zMk0SDLHyCnd9jg_50zbb7nERJNxB4q1ElMMjSSmbnlvbM9CEAyAoRMBNqpPHLpX0mCsI2Wq7qkl_XLcn1tTspH9Y6696fTHq0eIYcL5cPCGasUFGKA2E7JmybIGU2AY8ehCToDZjYcSL9Fk39xqn5VZNjqLtyXOCVg9CD-vBpPv7i4TjdA2o08PkekS6kt_yLnYpngsUUVdzfNpw6MaImOhpaClNgqODrW_NKreRXx17OgWyNae0r8Z4gxtC0pf5nDLu_YlQ9ysfv1XD8C1Tg5WJ2Du88dsuAxniMHvAuUFa7MBkqkF2fCsf8JkUReFhBrosRlEV9qTHdBNZvaws804tx6AZFAyg7Ug1VZ3Lpj-9qendWHJIv6Fs2GQkeuiQ_qylkfw3hGjE7DIBbxp4sFapMxvk8Z7eyztc-QmJFuZ7frG5j8IhkLhX9N1LkNpUXPMHnLorFLTt8Z93YEKxH3tP62vli3jqrhbl5CLy4PhfoyMXJDzknwyWu2WC1OtXwHW87Xne-px7EM4pRgfETLynnlJ1nXPehB7P2N6CBQu-ap0cTNFuLlMlpYG91hD2LOrgFUA_DN9vTGqlW_rqnwRz3TFXo9ix9yEtcLM1Cb_dlR5MPyPVMMkaC3kgDPalvTIATH2zPaHx4I7D1x9o6x2gUhpFVOJwzpsZt86KpdKLjrxFX5GpW6uzF7nZ1dkiWdsY7qLkjPeMbD0rIlsqNbViWuXtJ23bTLm8rO5z5Hrrpud6MEtame0wled6W6AarteErKbqYmkrRAETLnb-eoGBtDxnCa8tyQEWiP_LJGw1SgKYEqhSrHmVeZ64UgaBoa3u49KApLfrXgPPL9ACwG96n8tc0c49jC_cBdRVW0ZV7gwAzqQ0gt9p0uKUux9KAeCj1Y3gXrBNWpLRAWzy_Zr0zQyEFO_czKw2Ncyb8-7QneRXAy2xTn6wK6KwlAWnUIxW3Mo3aeqIn94nPsnQmhNq4pAWwUtwTStiEVBT6qxOpH7pVTwT8YZEkj3aZ-FLHt_rBqlM7j4NAINXHRFXX6glwknQxheffvcLvk9tEXhzDhFwf-WYo3TjyMxJvIQY85-ly3_PUhs1liL-JjIpBvIR1B51PqyJBNOGZpv_Pmp57kpht8FHE4DBdL8WeoOgcCCb-S087n-5gYe-mF0S1XbfboPGS_9YF3yFt5PTI9BT3u-V-A75VnDVhdrY79qzf-7hxAFSW9kO72yqu1xyM9eNScB6AzqDxxTzWc9CVJG0Oo4JZPCdy8UQ5vbApEu8SmzzlNnmE_iBxeRIvA61ZU7T9ACfhRhM9AYEBCFWED7YaSrUcNu2GO59MGwzSCTMRKgi9rDFmMnjYP66gWpi3ZaWAQVKnNUX0G_X-0-HF5FaqWtYuaY0sY4wthwqdan0nliNadiVlCWdfVWzXacKAE0w2eUEISQgY3R7Q0DSM7S8WXPdxm6LmAsEPE_xqWKcMe12PN9HahE6u9KSe1AColbb1w3AUlgBrWHXDgubeYaL6WfsBBKSBGEJyRdybtKI6UIJKh-dqyuvCQ8IE78CEkSNqtHxPiovSMAsYBRH6lUv0GEPWy7NONGxAsuRsAb3Ej8nHbKU8dtGjT2f9-oLXsfWmc0EyMmiky902EYHNwfz7yeDXn3mHLWHhEfu3KhF-9qdzK5ZRNRs3H-kHTs4N__KxH6ADVBoCONNIa3lQCsluU9XRit1VKFeSCWluh1eJT_gAWPAZx06jVZL2CyTVqJT1uswVg-mipzza6-v8XCwj8pSCzyj98TVWUW1vbvAoSCXQAmEFzzCkNGZsRHE4NUxUQGt3s&cid=CAASPeRofvHPILsunp664YvLTxMJpfox0iCsYBG5BGZ36kChplm_xwL4dKXhPt7DvdCBqKDbiZiSA5El-PbJ8lY&rfl=1%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:17:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
99
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 13:17:55 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 999D 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ARuTDcq99M-gvcv4gpD_V5HogTJjAVxbWEANjdP9AHAqA_G_PrXxxU-CC1qHZU3Bz4Iv4wTOtY-Zq14KGOWooS6vSM-Axigc83pU4N0fy1B2WbZtog6HvNSRPAnfZqfOkKd1YLwp8O-3Xw8CKFH5wAPVVh3Q&dbm_d=AKAmf-Dd7rdmOy5kOEUpP0y82i_Apcd34iOEN_ymTYR9O6r2MNqMAIM9W8yUeTCiG8yeyKdEBq8oMIk1rZ2r6jNAzBDIigN5D0St1kNEd2-Hs_kRcOvSudrkII_RAD1SI6Tf-kaJ7FY3s1MSRlXPU2wTVBo_kEhFo0mvpc6NAmUcvMmeAZ_mVodegUIyN3zEttRDA6KJdbnZCmNSClD-88NcR2E9zL0Peon-yfYYXAXN2-hOIjJRn6eHQGM9GmWkxnDCqHKSGgRWviAHW6SH-VNwANFddVMQZPFa0R6ZX4KU4YdGFSKyHdbMMZm6yqjnNHKD6AnQXOg3H-Xw25fv4kuK9WSIBuxVrnN_bRZMRtY-7xExWuwoyDJj4aj5VMljkqt3ASlfHA33hT12uavXoVEkiOPiBjd74v-Y3LdUhD3FayPJ4d36e0rJ3RuhvR-VD6vSB7sf7nE3txiBh0SBnTfccvvvijJPTxaclu_wBfizcN-lXY3HzfKuUBsrSS07s4MfV-s7bHUrMg4hiH32wTTBQYcPFMetebzlY1h5TulHyA7-n61_Ee4_uTisECpQTXu6oH9LNa9lpZN48TU4O3_U9g6Z9YExGkLLOly2gZXGiuaEKVoLLwaJsIyOmuT1ZgG7IrmlhSnCIqakPUda2qW7AbrVemWs3ouIe4PaCQtgiL7fFbRXroaKEwzGEfVehZKc6TPo35NpJ4AW-ccRJptEvsjzI1Vv1bicB4T1NYTDpLSCynVo_NbhJ0EMr_McmvojNje8PxeRO4VISZQw8aMKzRSYAJfhdt245a4QxjatYbt4uGJqAae_cIg9jYGykD257bTS5SMJiel6fviPKqCq1drmuzMc3KD2uKkp5EzMoHOoi8U88fsLDkcXaN7c7_8blGWl7k-Z2GFeu7j_3bqxWWfOKomZBUWpPLBOZ_0SPA2e2QmapYqhOQW_kro8jUvxEhGzFBcvXNDzJANvBPnpK-OKV7X4JNPOhmeVRBzyYu_FKk_2xXOhrIa5ye5Me70HZaaK-u-v5xiTWAGnFpLUA706maL2OX9_CMAC7d9j_OHSIJ6YgfA0TdDAfWw-PFDvCeymXKArcAV1zk5JhFcK9H4gMPsg1pEGqByIYmX_mZTLVBIKn2ao40DwEE-TwK3kS0NCQ96Ck8JVN-mYVhxrrKg6BLFYZTBbhRY0lW9U0D3aMgLSpc87z82Yg04-BXSABaxVawTQHJ21CvROL-DICqL-xOpW927IAeZ8bxBcSe6sU9PzVxufWjNVQ27h0En9ImKmM4VcuYhUnA79b4Fkc2nfs1CjYDKpvkFZcfGNPcUd9Jsj3_cVNCE94OtcrF9JQKn8_lxuPLU241B9GFL8zMk0SDLHyCnd9jg_50zbb7nERJNxB4q1ElMMjSSmbnlvbM9CEAyAoRMBNqpPHLpX0mCsI2Wq7qkl_XLcn1tTspH9Y6696fTHq0eIYcL5cPCGasUFGKA2E7JmybIGU2AY8ehCToDZjYcSL9Fk39xqn5VZNjqLtyXOCVg9CD-vBpPv7i4TjdA2o08PkekS6kt_yLnYpngsUUVdzfNpw6MaImOhpaClNgqODrW_NKreRXx17OgWyNae0r8Z4gxtC0pf5nDLu_YlQ9ysfv1XD8C1Tg5WJ2Du88dsuAxniMHvAuUFa7MBkqkF2fCsf8JkUReFhBrosRlEV9qTHdBNZvaws804tx6AZFAyg7Ug1VZ3Lpj-9qendWHJIv6Fs2GQkeuiQ_qylkfw3hGjE7DIBbxp4sFapMxvk8Z7eyztc-QmJFuZ7frG5j8IhkLhX9N1LkNpUXPMHnLorFLTt8Z93YEKxH3tP62vli3jqrhbl5CLy4PhfoyMXJDzknwyWu2WC1OtXwHW87Xne-px7EM4pRgfETLynnlJ1nXPehB7P2N6CBQu-ap0cTNFuLlMlpYG91hD2LOrgFUA_DN9vTGqlW_rqnwRz3TFXo9ix9yEtcLM1Cb_dlR5MPyPVMMkaC3kgDPalvTIATH2zPaHx4I7D1x9o6x2gUhpFVOJwzpsZt86KpdKLjrxFX5GpW6uzF7nZ1dkiWdsY7qLkjPeMbD0rIlsqNbViWuXtJ23bTLm8rO5z5Hrrpud6MEtame0wled6W6AarteErKbqYmkrRAETLnb-eoGBtDxnCa8tyQEWiP_LJGw1SgKYEqhSrHmVeZ64UgaBoa3u49KApLfrXgPPL9ACwG96n8tc0c49jC_cBdRVW0ZV7gwAzqQ0gt9p0uKUux9KAeCj1Y3gXrBNWpLRAWzy_Zr0zQyEFO_czKw2Ncyb8-7QneRXAy2xTn6wK6KwlAWnUIxW3Mo3aeqIn94nPsnQmhNq4pAWwUtwTStiEVBT6qxOpH7pVTwT8YZEkj3aZ-FLHt_rBqlM7j4NAINXHRFXX6glwknQxheffvcLvk9tEXhzDhFwf-WYo3TjyMxJvIQY85-ly3_PUhs1liL-JjIpBvIR1B51PqyJBNOGZpv_Pmp57kpht8FHE4DBdL8WeoOgcCCb-S087n-5gYe-mF0S1XbfboPGS_9YF3yFt5PTI9BT3u-V-A75VnDVhdrY79qzf-7hxAFSW9kO72yqu1xyM9eNScB6AzqDxxTzWc9CVJG0Oo4JZPCdy8UQ5vbApEu8SmzzlNnmE_iBxeRIvA61ZU7T9ACfhRhM9AYEBCFWED7YaSrUcNu2GO59MGwzSCTMRKgi9rDFmMnjYP66gWpi3ZaWAQVKnNUX0G_X-0-HF5FaqWtYuaY0sY4wthwqdan0nliNadiVlCWdfVWzXacKAE0w2eUEISQgY3R7Q0DSM7S8WXPdxm6LmAsEPE_xqWKcMe12PN9HahE6u9KSe1AColbb1w3AUlgBrWHXDgubeYaL6WfsBBKSBGEJyRdybtKI6UIJKh-dqyuvCQ8IE78CEkSNqtHxPiovSMAsYBRH6lUv0GEPWy7NONGxAsuRsAb3Ej8nHbKU8dtGjT2f9-oLXsfWmc0EyMmiky902EYHNwfz7yeDXn3mHLWHhEfu3KhF-9qdzK5ZRNRs3H-kHTs4N__KxH6ADVBoCONNIa3lQCsluU9XRit1VKFeSCWluh1eJT_gAWPAZx06jVZL2CyTVqJT1uswVg-mipzza6-v8XCwj8pSCzyj98TVWUW1vbvAoSCXQAmEFzzCkNGZsRHE4NUxUQGt3s&cid=CAASPeRofvHPILsunp664YvLTxMJpfox0iCsYBG5BGZ36kChplm_xwL4dKXhPt7DvdCBqKDbiZiSA5El-PbJ8lY&rfl=1%2Chttps%253A%252F%252Fwww.correiodopovo.com.br%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4c0938e087a40c05a99d723eaf012958e03b048659bed9b36a2bc63f766d32b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8593
x-xss-protection
0
server
cafe
etag
3013172215444160546
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 13:16:45 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 0E66 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.correiodopovo.com.br&callback=_gfp_s_&client=ca-pub-6379854420851476&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 0E66 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0E66 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CBE8 		19 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381805&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774232&bpp=4&bdt=111&idt=316&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&rume=1&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=1844063362&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8764&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=31060945%2C21066613%2C21066615&oid=3&pvsid=4495768851889684&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d3y0sc9dpyeu&btvi=1&fsb=1&dtd=335
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
12812a795939d328c1cf8492d9b66d979104c00611814a4b9a4705cb3585e981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381805&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774232&bpp=4&bdt=111&idt=316&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&rume=1&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=1844063362&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8764&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=31060945%2C21066613%2C21066615&oid=3&pvsid=4495768851889684&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d3y0sc9dpyeu&btvi=1&fsb=1&dtd=335
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl0-CzSWNdSYCOA6Fg-HQRFAl7jLecXWvcGRu4sW4GK6oRT-YFkELV1xrTi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 20 May 2021 13:19:35 GMT
server
cafe
content-length
7901
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 0E66 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621424113157718"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27995
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:34 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame A356 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.correiodopovo.com.br&callback=_gfp_s_&client=ca-pub-6379854420851476&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame A356 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A356 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4CD9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382086&pi=t.ma~as.9839216272&w=336&fwrn=3&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774225&bpp=5&bdt=110&idt=396&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=592089535&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=9272&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=182982000%2C31060840&oid=3&pvsid=2977816920370423&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.us4h5ogp8qus&btvi=1&fsb=1&dtd=413
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ad4c7fe5a45289dff3e68f3916244cfa66e216658dc6b572392be72da58c62a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382086&pi=t.ma~as.9839216272&w=336&fwrn=3&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774225&bpp=5&bdt=110&idt=396&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=592089535&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=9272&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=182982000%2C31060840&oid=3&pvsid=2977816920370423&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.us4h5ogp8qus&btvi=1&fsb=1&dtd=413
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl0-CzSWNdSYCOA6Fg-HQRFAl7jLecXWvcGRu4sW4GK6oRT-YFkELV1xrTi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 20 May 2021 13:19:35 GMT
server
cafe
content-length
6627
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame A356 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621424113157718"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27995
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:34 GMT
rum
dsum-sec.casalemedia.com/ Frame DF07
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAxVPGFwt4AOhOf7y-wJZRs&google_cver=1
43 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAxVPGFwt4AOhOf7y-wJZRs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvS4AEQho6NjgIY4pbBogEwAQ&v=APEucNXFk-BsKnIefE2dmae40JBtvmLthCVWFDN0oCTp5FU_lVR4o7Y-jDEdpRdVdLMtvYTckHop526OIjaHzOeLVx81IXv7uGIjBvkBvkScV3ILG9If2FeZAnihdSGPAZFkXXxzYcu61v3Y6TVgkYuEuMOhIbbcjDQgw_qgk2eQS7YEYFZwEBfbRx03sWoMTh9ZT0V7COtnK6tFjj022CJmHfk8yshcpBrJ84wEfA23j2g0bg0w6wY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 20 May 2021 13:19:35 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAxVPGFwt4AOhOf7y-wJZRs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DF07
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKZh5gPPw5NBQVHCYkwjnAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGMpyWnGtNMUO-XDbbbPhHU&google_cver=1
43 B
893 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGMpyWnGtNMUO-XDbbbPhHU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvS4AEQho6NjgIY4pbBogEwAQ&v=APEucNXFk-BsKnIefE2dmae40JBtvmLthCVWFDN0oCTp5FU_lVR4o7Y-jDEdpRdVdLMtvYTckHop526OIjaHzOeLVx81IXv7uGIjBvkBvkScV3ILG9If2FeZAnihdSGPAZFkXXxzYcu61v3Y6TVgkYuEuMOhIbbcjDQgw_qgk2eQS7YEYFZwEBfbRx03sWoMTh9ZT0V7COtnK6tFjj022CJmHfk8yshcpBrJ84wEfA23j2g0bg0w6wY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 20 May 2021 13:19:35 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGMpyWnGtNMUO-XDbbbPhHU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame DF07
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEI7q4fsNnlHxAP6C8TKVWeU&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEI7q4fsNnlHxAP6C8TKVWeU%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEI7q4fsNnlHxAP6C8TKVWeU%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvS4AEQho6NjgIY4pbBogEwAQ&v=APEucNXFk-BsKnIefE2dmae40JBtvmLthCVWFDN0oCTp5FU_lVR4o7Y-jDEdpRdVdLMtvYTckHop526OIjaHzOeLVx81IXv7uGIjBvkBvkScV3ILG9If2FeZAnihdSGPAZFkXXxzYcu61v3Y6TVgkYuEuMOhIbbcjDQgw_qgk2eQS7YEYFZwEBfbRx03sWoMTh9ZT0V7COtnK6tFjj022CJmHfk8yshcpBrJ84wEfA23j2g0bg0w6wY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:35 GMT
X-Proxy-Origin
37.120.131.196; 37.120.131.196; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.146:80
AN-X-Request-Uuid
7253468e-b326-4726-80b9-bc82a1b56414
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:35 GMT
X-Proxy-Origin
37.120.131.196; 37.120.131.196; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.77:80
AN-X-Request-Uuid
077486d8-67d9-469a-a8ae-82f239b00e5b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEI7q4fsNnlHxAP6C8TKVWeU%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DF07
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk5MTg3MzQzMzU3NzQ3NDE3NA%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk5MTg3MzQzMzU3NzQ3NDE3NA%3D%3D&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk5MTg3MzQzMzU3NzQ3NDE3NA%3D%3D&google_tc=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvS4AEQho6NjgIY4pbBogEwAQ&v=APEucNXFk-BsKnIefE2dmae40JBtvmLthCVWFDN0oCTp5FU_lVR4o7Y-jDEdpRdVdLMtvYTckHop526OIjaHzOeLVx81IXv7uGIjBvkBvkScV3ILG9If2FeZAnihdSGPAZFkXXxzYcu61v3Y6TVgkYuEuMOhIbbcjDQgw_qgk2eQS7YEYFZwEBfbRx03sWoMTh9ZT0V7COtnK6tFjj022CJmHfk8yshcpBrJ84wEfA23j2g0bg0w6wY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk5MTg3MzQzMzU3NzQ3NDE3NA%3D%3D&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame BE84
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKH1vuOXU8guNzCOOpD6Tts&google_cver=1
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKH1vuOXU8guNzCOOpD6Tts&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRC89b-RAhiDr8meATAB&v=APEucNUmqFkm5WwT9VzAr-Nxx99J5TeHi9c5caII90310lDa6Ge6OgfKxyALwns6rZFSdBq4AjI75UTc2jqnejCCRnzUZhwhJLZkMmlGY0alo5jIi02v0rmUj9kfWqO6fbz1O47IGypuZ__aL0tnpcnrSd5BBtEUOxMkqVRCkRLveR-mqU82K9hucYk9XMZStyL_eY2nntZOy-3lM657TJoE-y7L38SpwOUPILtHQIEnGKcdunwSb-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:35 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKH1vuOXU8guNzCOOpD6Tts&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BE84
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTI4NzljYzEtZmEyZC0yZTMxLWUzNzUtZDkzYzhjMmE4M2Mz
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTI4NzljYzEtZmEyZC0yZTMxLWUzNzUtZDkzYzhjMmE4M2Mz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRC89b-RAhiDr8meATAB&v=APEucNUmqFkm5WwT9VzAr-Nxx99J5TeHi9c5caII90310lDa6Ge6OgfKxyALwns6rZFSdBq4AjI75UTc2jqnejCCRnzUZhwhJLZkMmlGY0alo5jIi02v0rmUj9kfWqO6fbz1O47IGypuZ__aL0tnpcnrSd5BBtEUOxMkqVRCkRLveR-mqU82K9hucYk9XMZStyL_eY2nntZOy-3lM657TJoE-y7L38SpwOUPILtHQIEnGKcdunwSb-0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
server
OXGW/16.207.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTI4NzljYzEtZmEyZC0yZTMxLWUzNzUtZDkzYzhjMmE4M2Mz
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame BE84
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEGwHMwUV1s7mSjQq8L6wL4w&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEGwHMwUV1s7mSjQq8L6wL4w&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRC89b-RAhiDr8meATAB&v=APEucNUmqFkm5WwT9VzAr-Nxx99J5TeHi9c5caII90310lDa6Ge6OgfKxyALwns6rZFSdBq4AjI75UTc2jqnejCCRnzUZhwhJLZkMmlGY0alo5jIi02v0rmUj9kfWqO6fbz1O47IGypuZ__aL0tnpcnrSd5BBtEUOxMkqVRCkRLveR-mqU82K9hucYk9XMZStyL_eY2nntZOy-3lM657TJoE-y7L38SpwOUPILtHQIEnGKcdunwSb-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.88.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-88-106.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:35 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 20 May 2021 13:19:35 GMT
server
akka-http/10.2.3
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEGwHMwUV1s7mSjQq8L6wL4w&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BE84
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzBkYWQxYThhMjM5NzJiNThlODBiZjRkNGE0MjgyNDYwOGRmYmI3ZQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzBkYWQxYThhMjM5NzJiNThlODBiZjRkNGE0MjgyNDYwOGRmYmI3ZQ==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRC89b-RAhiDr8meATAB&v=APEucNUmqFkm5WwT9VzAr-Nxx99J5TeHi9c5caII90310lDa6Ge6OgfKxyALwns6rZFSdBq4AjI75UTc2jqnejCCRnzUZhwhJLZkMmlGY0alo5jIi02v0rmUj9kfWqO6fbz1O47IGypuZ__aL0tnpcnrSd5BBtEUOxMkqVRCkRLveR-mqU82K9hucYk9XMZStyL_eY2nntZOy-3lM657TJoE-y7L38SpwOUPILtHQIEnGKcdunwSb-0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:34 GMT
server
akka-http/10.2.3
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzBkYWQxYThhMjM5NzJiNThlODBiZjRkNGE0MjgyNDYwOGRmYmI3ZQ==
cache-control
max-age=0, no-cache, no-store
content-length
197
expires
Thu, 20 May 2021 13:19:34 GMT
sync
partners.tremorhub.com/ Frame F1F8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESEHe6vduvpUezV3A5awty1DI&google_cver=1
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEHe6vduvpUezV3A5awty1DI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvS4AEQho6NjgIY4pbBogEwAQ&v=APEucNVpPmM8ermDJ36DmoOI-W6TFx-ie4HvE389OWqHfzgDCMH0taCvEjZf3AWSI3zFLwmc7n46pr3F6gtJX7Ieldylpp0CcIWLFCpHyAGfm8dJqtyT6EiVetkHhxKQp9VUXxbpdT---_qLiHq52Vv7N9ZyuYwH9XpIoYKHJbKhWAJuGAETintM42J4Hdu2NNSweUsZxKAfWz98zR_vHaBlaJMIm_TTC_82R1gooTzPJghVDFkReEY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:28fe:9b27:fbc6:f054 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:35 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://partners.tremorhub.com/sync?UIGL=CAESEHe6vduvpUezV3A5awty1DI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame F1F8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPWPH53qitIkqzeAQqMzsJk&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPWPH53qitIkqzeAQqMzsJk&google_cver=1&__user_check__=1&sync_id=054e5eef-b96e-11eb-beee-1365eaaf0106
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEPWPH53qitIkqzeAQqMzsJk&google_cver=1&__user_check__=1&sync_id=054e5eef-b96e-11eb-beee-1365eaaf0106
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvS4AEQho6NjgIY4pbBogEwAQ&v=APEucNVpPmM8ermDJ36DmoOI-W6TFx-ie4HvE389OWqHfzgDCMH0taCvEjZf3AWSI3zFLwmc7n46pr3F6gtJX7Ieldylpp0CcIWLFCpHyAGfm8dJqtyT6EiVetkHhxKQp9VUXxbpdT---_qLiHq52Vv7N9ZyuYwH9XpIoYKHJbKhWAJuGAETintM42J4Hdu2NNSweUsZxKAfWz98zR_vHaBlaJMIm_TTC_82R1gooTzPJghVDFkReEY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 13:19:35 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
128
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Thu, 20 May 2021 13:19:35 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESEPWPH53qitIkqzeAQqMzsJk&google_cver=1&__user_check__=1&sync_id=054e5eef-b96e-11eb-beee-1365eaaf0106
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
6
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame F1F8
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDUzZmRiOWUtYjk2ZS0xMWViLTk0YzktMWQ2NjY4MmIwMjA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDUzZmRiOWUtYjk2ZS0xMWViLTk0YzktMWQ2NjY4MmIwMjA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvS4AEQho6NjgIY4pbBogEwAQ&v=APEucNVpPmM8ermDJ36DmoOI-W6TFx-ie4HvE389OWqHfzgDCMH0taCvEjZf3AWSI3zFLwmc7n46pr3F6gtJX7Ieldylpp0CcIWLFCpHyAGfm8dJqtyT6EiVetkHhxKQp9VUXxbpdT---_qLiHq52Vv7N9ZyuYwH9XpIoYKHJbKhWAJuGAETintM42J4Hdu2NNSweUsZxKAfWz98zR_vHaBlaJMIm_TTC_82R1gooTzPJghVDFkReEY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 20 May 2021 13:19:35 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDUzZmRiOWUtYjk2ZS0xMWViLTk0YzktMWQ2NjY4MmIwMjA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
109
Connection
keep-alive
Content-Length
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
4864
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by
cache-fra19179-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1621516775.686283,VS0,VE0
date
Thu, 20 May 2021 13:19:34 GMT
x-amz-request-id
F6D91014AAA6CDC4
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
15
x-cache-hits
4386
v1
ads.yahoo.com/cms/ Frame 5946 		0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvS4AEQho6NjgIY4pbBogEwAQ&v=APEucNWSMba3Pzb6Ww4p2PoNyQ5fPCVYwkLnu9OJ5qqbXfYdCVJYzuQxmXcxyLwvzmnVC2y14UNP1UOWqiC3M6GmYzLWck-w6VXFDkIwf689hhkAdEUp9u4FHfnqMNNnA4ruTfm3Q-2yRLiN6Z3y-hU-5RRxQUOTgOjIaglP7hznbbNGsmbi1tvMPiRfz6kpplonT3HdIVvfsNG1o7E4KQK9W6SLh6oQBPECeqe9nRtq6B2Sja-JGl4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
pixel
cm.g.doubleclick.net/ Frame 5946
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS01OG9MQzBGRTJ1RTdObFNkZGJLSGlOa1pkajlBN2pnSH5B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS01OG9MQzBGRTJ1RTdObFNkZGJLSGlOa1pkajlBN2pnSH5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvS4AEQho6NjgIY4pbBogEwAQ&v=APEucNWSMba3Pzb6Ww4p2PoNyQ5fPCVYwkLnu9OJ5qqbXfYdCVJYzuQxmXcxyLwvzmnVC2y14UNP1UOWqiC3M6GmYzLWck-w6VXFDkIwf689hhkAdEUp9u4FHfnqMNNnA4ruTfm3Q-2yRLiN6Z3y-hU-5RRxQUOTgOjIaglP7hznbbNGsmbi1tvMPiRfz6kpplonT3HdIVvfsNG1o7E4KQK9W6SLh6oQBPECeqe9nRtq6B2Sja-JGl4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 20 May 2021 13:19:35 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS01OG9MQzBGRTJ1RTdObFNkZGJLSGlOa1pkajlBN2pnSH5B
Connection
keep-alive
Content-Length
0
cookie.js
partner.googleadservices.com/gampad/ Frame 5292 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.correiodopovo.com.br&callback=_gfp_s_&client=ca-pub-6379854420851476&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 5292 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5292 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7875 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381804&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774452&bpp=4&bdt=250&idt=230&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=520796976&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8454&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&oid=3&pvsid=2169756935432292&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.eyh0xjq9j56y&btvi=1&fsb=1&dtd=248
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381804&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774452&bpp=4&bdt=250&idt=230&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=520796976&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8454&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&oid=3&pvsid=2169756935432292&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.eyh0xjq9j56y&btvi=1&fsb=1&dtd=248
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl0-CzSWNdSYCOA6Fg-HQRFAl7jLecXWvcGRu4sW4GK6oRT-YFkELV1xrTi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 20 May 2021 13:19:38 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 5292 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621424113157718"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27995
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:34 GMT
subscribe_embed
www.youtube.com/ Frame F62A 		601 B
288 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1f8d8e5b2137aaaaba49590f6cd87ba779858245aa9318c30cd1525e9a1db8bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 20 May 2021 13:19:34 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=5K5iR40fg0w; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+025; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 22:04:12 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
141322
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Wed, 18 May 2022 22:04:12 GMT
spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 15:44:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
596127
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 13 May 2022 15:44:07 GMT
bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		318 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 04:46:19 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
376395
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
318
x-xss-protection
0
expires
Mon, 16 May 2022 04:46:19 GMT
bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		116 B
137 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 01:26:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
215612
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116
x-xss-protection
0
expires
Wed, 18 May 2022 01:26:02 GMT
bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		117 B
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 15:35:41 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
596633
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117
x-xss-protection
0
expires
Fri, 13 May 2022 15:35:41 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame E288 		15 B
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.correiodopovo.com.br&client_id=172526348210-or5nfffa5l6rbsvruouad2070j7ngoec.apps.googleusercontent.com
Requested by
Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/2267922346-idpiframe.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af5fd803088fcdc627e5cd97fb88d7fcbbb02a705f38fd48b1ab5f4ffca50ae8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With
XmlHttpRequest

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Thu, 20 May 2021 14:19:34 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame AEFC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Wed, 19 May 2021 21:10:52 GMT
expires
Thu, 19 May 2022 21:10:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
58122
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mercedes_930x180.html
s0.2mdn.net/10160029/1617042646663/ Frame 049B 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcf5f61d096c619a0cf83bd9e1bcd9cdd40db137b76111d3c2eef2d8e7fbe404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/10160029/1617042646663/mercedes_930x180.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2127
date
Thu, 20 May 2021 07:15:09 GMT
expires
Fri, 21 May 2021 07:15:09 GMT
last-modified
Mon, 29 Mar 2021 18:30:46 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
21865
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 6DD0 		0
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssjVKSnx1sJMih6LhTxXALyxATivhHzZRmqXzpS9bTY9d0qLguc1JeAQxFWikZxUGayJZann9opjgT3b3wXjTg27fg2w_ge2oC4R3uJi9NCGMaEVWmVS60zXWzbZphQ25ozzlFO1z1lQiFGhfKOE5DRHruLEqJMK-i-zJg1O2fSfxFqW4AOg_hX1_7OT4ErgtNok-V6XKCU6iorTDql7GwnCHUrW6eVe0heXMupJdW5jvaP8UIbABu5Ulta8HHD0p0wH5V33Nwo8PoaacE73SgRxoGEfhmNvu3NbFun9BTOT8SOcsUV8QvOmvdyt4Yhv4-ig6bAvqLjPLeIui9cMh2JZyl3LU0iYsvsD307npET8eobANLZoVaMs9QYN1iEmr0RLZ8xjUQzGwAtPFaxqFs4IqQ61jDf7KpXBn_CKxeKMefywN5O2Al5iZJ8jDqMIhQR-0g6-G8xNWmX5lQeLe3xj8kfTEVoVp6azyvXMsMJefbtEV4B4g-8_b8PcpCvmg56psqA7OJmc-eTXRAVaJsqmOSr-YOx0vPoeD23cP_F2easVj8MqUCMA3TiS_fOCnREUs6ueoL8ttBnfb5Ete1mjN-d2APKbnjNsTPLJwYv_rU_ptY-Yoe4u_bfawZnft09kCW-ql58DyOz9PxBXTQZqU46M5YbvM_KUVxo4Ae_VAx9DZ5bhOOfQnrg1UKLSWATmvJxjykAUT0iIxokRFZljmZqGzdJF1wz46YgRcrT92oVvR8x1Irh7Elnh03WW2GNRna87_sNTFT1y8dc_pa3o6oxosC8O4H4V97zQqB1t8ZWKV9qEWk-8qZWKfYsPXYretACzgktY0HrM4Kquum5c8vDRjgMOYQ_9SUNDq5PYPpnf6A7sIFOZWR4cntrtfE05QqAe-YzxaVpIlPGmGUQq2iN_eyDmC8m-16Vd8gNy7na2hDMLN8Wg5v17M6JbM9bbYzBp8B7iUrerspWgjo82XMnHNSguIQzhH6a_PzUWrhWQe-MX6XW4V98rwBy7BfXff9NoCFEM0l2c_7G2_Mmi8Rsj2OpgI5xb4EP19oArWCYf7VOeXuLrHOooHqQW9bQQ0_sJ7YqYroAffJq88ejLtQ_S85bGfPwbQA9smIAqTCELvkoZFlgUai6duONaLG7hHEJe3MR6sKKP3hZDfu0sv1VU9zZO8nirkpGzjlCW3WAW0-E89yVNXxXRlGdo8NzpdltVmw48hI8aRVmQ21Sq_IArA&sai=AMfl-YTpxjOuSd9mLz7tjnK_-6QDKBHDljZUOCzsvl3DQYHFS8uIXKW76xWdHYjAP9zISucjTcw7yKjO6-KjFsF9aJBKL9TXFqyWrrTZeffZ8TqpVRw7exwgPZGmejXhPkj2NThf3cs3ZP-KKTBIaJ1ld3ZpetEuRctl0nXgCLje0v5WzYWscIVrYtMPA6SidFoBNYY-gGznSo_YSFOmYgkPKkF7_scY2XU9LmNEsMURzA&sig=Cg0ArKJSzKkFKKDbhw2cEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=251&cbvp=1&cstd=248&cisv=r20210517.45914&adurl=
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 20 May 2021 13:19:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ad_impression.gif
beacon.krxd.net/ Frame 6DD0 		0
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=u0zbj4cak&_knopii=1&campaignid=25571035&advertiserid=10160029&placementid=299643447&adid=492380429&creativeid=148481574&siteid=6333601
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.126.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
cache-control
private, no-cache, no-store
x-request-time
D=38 t=1621516774
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by
beacon-n022-dub-prod.krxd.net
x-no-pii
1
mercedes_930x180.html
s0.2mdn.net/10160029/1617042646663/ Frame 6238 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcf5f61d096c619a0cf83bd9e1bcd9cdd40db137b76111d3c2eef2d8e7fbe404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/10160029/1617042646663/mercedes_930x180.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2127
date
Thu, 20 May 2021 07:15:09 GMT
expires
Fri, 21 May 2021 07:15:09 GMT
last-modified
Mon, 29 Mar 2021 18:30:46 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
21865
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 999D 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssa5U9WDUjs6EfQafrwZuVt9B3err7qVUF1njHVJLVzSLNBwe6fu7h4kWaVpFzovg8F0a0STZCzmmbbgN7NBPY0qFoeoRWiiW6fm9oJFcYX74jSGEM8YdVgPU0YQ3LjP-vW9Xxvp91T3_ffsAdS5-YBzIqA5qONklSJHuFTrm-Vl9dxk3wjMp5QFl1dnkbb6W5KrpkRnuBNeS31GamZTy4NrpXK3B73pyCZDVLxxlypjJJbWQCi-AApz3OXfw1jRsNxoNGwnwPGGag8tY8eusgz_okCGocqsglph3H37s9ioolIdf8_irT8APTkvaF2A1--Hnjv_RVqBc68T08APgV9QYpEXIR4gdLUMgF9X-ru9ctkcL_aOqMpAeuMytZK9byMhJZ41HlSNcV-6FSPcPh3jLc6Ajz98jI32OuxlWsgTZpytT1ycAXJH91yxHEdjIwuThuysIi_rBWbBKeJVVJgO5wVAVM1VzaFnZrT8f09NvuKKlUZ1bTq4OimVDHhBnc-rytuboQ7yI0c8rbV8Na6_uUQa_xhoYvaHDx9FJVtsfNuEIZi2WCBrghPhaEBKKugxNuGJfBx7Vm9klN-lcDuW_tclSs35Yg6tW7BGr4AAox3eRWsdP2PAvwziXSSYWUaD9-gZSK7cSkKAbwIcfg4LFn_7uK_GSLcZ2HoaPViY_QSvi3Sd3pi3N5yT9duEFKHtfxjahzc0MJswDS6efLfq9JyYHC8V4i1vUiiZoxJMhU_PwnJpKC8islMXp-In6uR73bBNrlJ0OvJ-JTca8cqWohP1Jxc11foZ02BbfKubvyJRZ2IJyNfdL8nwMSQr32P_s-FkOq8yXe3VG5JXHaG3pHYGx4S7DMpwX7xfqDlJ60Gva34VU-oSyfWS1_dVdadZxPalj1KvPvlGa00YHy4UhqR8c1eouq9CNQJbHwWlDDqoG-0VBBsnsAIGKY1AaBKejUljZRAViEvvjgZ1Kc-3_VG9bu4UagI3uD6P5e0H9NZJLHITgCBaLdiOLhvey3bUB1QMkBYjNXv1sFxuhESo9JCwbUsF_J-1Idgz3j-tVBYyuS-n8HSWdkfI362ydLiCqINRu5gQiQ0d70WrCIaHGaloLyqp7I1PJKby9xjyHKn-VsvCWHCWtoWDFY4uNdZwYKD_l-LjhFduKaX-wbGqLMGgZbS8DpsQCtn0-TcF0TGszWPgbQFtti_5BG1aHzKihctvbp2-_wXVrVviEwEek1D0N4jzhY&sai=AMfl-YS7OOyB-qY6wg2dO44bVvFW52AgP4ZiVtXIKufkae0fMQnMvBstd3idc28cnBZnN9caZX9LK4KB6aqapwLRxvCg51h26GliJ02gKXMHdKsBeqvtS5Tlju3A3ctUPNgDnm6hS1Tq0iCAjJu0mpAhYIl4XbY35ALQsmJBdGV4XiYzDRgWu4lLkp7lo-u8Zh1qNwPgSGpFiBetraVKNCr3RE8SkkdEG1rL-d3_otDyZg&sig=Cg0ArKJSzEfzmYblHg2nEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=252&cbvp=1&cstd=250&cisv=r20210517.79681&adurl=
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 20 May 2021 13:19:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ad_impression.gif
beacon.krxd.net/ Frame 999D 		0
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=u0zbj4cak&_knopii=1&campaignid=25571035&advertiserid=10160029&placementid=299643447&adid=492380429&creativeid=148481574&siteid=6333601
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.126.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1621516774
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by
beacon-n013-dub-prod.krxd.net
x-no-pii
1
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6DD0 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 20:56:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59002
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 May 2022 20:56:12 GMT
truncated
/ Frame 6DD0 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
576e4b660b1b591912a48438c24665ccaf31c8b69619c20c37f13d492dbe831c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
mercedes_930x180.html
s0.2mdn.net/10160029/1617042646663/ Frame DE8D 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcf5f61d096c619a0cf83bd9e1bcd9cdd40db137b76111d3c2eef2d8e7fbe404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/10160029/1617042646663/mercedes_930x180.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2127
date
Thu, 20 May 2021 07:15:09 GMT
expires
Fri, 21 May 2021 07:15:09 GMT
last-modified
Mon, 29 Mar 2021 18:30:46 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
21865
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 5D4B 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuuTRS2v-acO03AyHCPQ9TFF8J2gc5Jh96MvE3Rx17lg0eNKzSQ2jc79FTP_EwbQpe7xdHiJYL-vu-B23Ax_h_h-BS-lhhMfEOV7tB5GTLItEqv_VHN5s4Ccqe0Zy8XMGNer_06AgGFqAneJ7IdUURI74hH6kA6vQWB5neEKjRINeJqInbfj7hGQN5dTygFMgc33Ss2pedu1hLoQu_sKkrvXVC_m6mnugZmjSF81cy11FPSO8To_dH4s9B3TxTuEfg5nF4Kkg40ykCDEPaitsA2bFgGeefH4OltUgkOfn76ZEJhEyWt9WSHgFtl8eNm2OSruE1VijcPl9bMvqayK432tSFmWE7AC2SUiNDwz19qsj9dhpP5br-bUp1tT4ISKp9EDDsxSjhyqa39WEkOs8TFfBSVdLrDJqvCZIj5iSqWdW0k6V1GVEA9086TUK_2-nU_4MwFZUzb5jQz4h-OlntvfPNSIK5DdiPyrGK-U-7hPcBuC1k_KlEFpxNMbV_p6tfmpVdOlwB5rVuMy7rDNhKYXthpnbXK2unyCEIAwFo-P_mNHP1_jsbOEtukNihRLN91qJpJCsiXSlRn3OXtetc1-u9ZyAkKOswlix1lu32zDwA6kJGS8HRmo7L52JdqJ6YRsMCoP70rzW5-c6SEjZYy_7C3ZSBjRTkpUR9fddWZMPnqeZZb6PFq3GJpuNUoXGdmJvZBdZEVKbQ1YAGujYAb9q1ie3_tbTFn0Z2QnChOLfO8QL5llZ2O87nQoC3TPmWnWStxhnKCvS_dJwpilqddMCIQRrd28dvDATHwc3cT6M2S9NnYQNJxzUMGQe7YinG7REZA4Sh0EmZj969YV5HZqBGgAj3NhfiSamauUFqbLD3T2GYMMWdkVkxV9MFVHcHpHQ-SAgBu-CYz_HG0Y_Mwqb-CAXPIaippvXlvDe2w7ro1L6xGjgk1hmB-qC7Qy8vchcF9U0X-UhyfsWSq-PA5m04-UmVAyen2Kl_B4GT7Aj-kYqrY5vF0bO7vKaSEWa4GneAcNO26p6PJ4dxv1LLW4z4mfQ9opq5nP-WF4mOckt2qCqsCMb7wrKbVejkz9ie_JolQF0wDQSokwVezWQVdycNlM3g1Tx58RX9lTo6kQk2NMaUY9HoKZxCgcZPM7dc7Gy2P03xYDEL5iXXsJb3y8lP-Vzjc1-DN52nWQDp15rSBiD55-gxy0oZGB0omlAEuE_ODsh1Q-gu5d2DmmidGnhwBHNVDuzw&sai=AMfl-YQkLAU5TOvMC1aEkRbeLaT8M3xEvS5Xaro1qhlVjegtpew6N1oboFV-2rkot_TkvGRck1sKPJiZ-gS7TL55d4OH_5_E4LpVCSULl--W-NJj2IUrwchaz3yLqKwXX5jhzxSY7HWggu3dU0iFMPpaTE7pzHd1_qZto6hEL5U7SnQ0yDxvBtm6uhMeoSJEpYr69rh5ximcCoikhgPwuvFDaUAfoNrN8DbwGg5shx0utw&sig=Cg0ArKJSzDyeSNCnOttYEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=326&cbvp=1&cstd=325&cisv=r20210517.66374&adurl=
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 20 May 2021 13:19:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ad_impression.gif
beacon.krxd.net/ Frame 5D4B 		0
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=u0zbj4cak&_knopii=1&campaignid=25571035&advertiserid=10160029&placementid=299643447&adid=492380429&creativeid=148481574&siteid=6333601
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.126.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
cache-control
private, no-cache, no-store
x-request-time
D=48 t=1621516774
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by
beacon-n002-dub-prod.krxd.net
x-no-pii
1
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5D4B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 20:56:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59002
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 May 2022 20:56:12 GMT
truncated
/ Frame 5D4B 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
136d787362f737ae981395ad687840cb6710f7c222f732ece72e7b556747b150

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
dvbs_src_internal87.js
cdn.doubleverify.com/ Frame 5BD7 		89 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal87.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=14526021&cmp=145089&plc=vtnwou&sid=45f3d18e47f96c&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0jZB6lo92cduQd2kJl6TN71&DVP_DBM_1=1861733&DVP_DBM_2=18245953&DVP_DBM_3=47028839&DVP_DBM_4=332552067&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=30617691154&turl=https://www.correiodopovo.com.br/&DVP_PP_BUNDLE_ID=&dvregion=2&unit=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:287::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d9bf1380c53fadec6336158b7d5cb245a2f8a2b543837e51f04eee916d66f486

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 13:19:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 May 2021 11:55:19 GMT
Server
Microsoft-IIS/10.0
ETag
"806d5816f4dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=259200000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20448
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:34 GMT
content-encoding
gzip
last-modified
Mon, 17 May 2021 11:49:37 GMT
server
nginx
etag
W/"60a25851-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 21 May 2021 13:19:34 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 999D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 20:56:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59002
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 May 2022 20:56:12 GMT
truncated
/ Frame 999D 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5d7d6a6a2357829d763ffe0ae7a664dcbffb98d82b0726e130c51506fe3aaf4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
bst2tv3.html
cdn3.doubleverify.com/ Frame 753B 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn3.doubleverify.com/bst2tv3.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal87.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:287::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host
cdn3.doubleverify.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges
bytes
ETag
"01818ecfc6cf1:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Content-Length
806
Cache-Control
max-age=43018
Date
Thu, 20 May 2021 13:19:35 GMT
Connection
keep-alive
verify.js
rtb2.doubleverify.com/ Frame 5BD7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb2.doubleverify.com/verify.js?jsCallback=__verify_callback_813952887312&jsTagObjCallback=__tagObject_callback_813952887312&num=6&ctx=14526021&cmp=145089&plc=vtnwou&sid=45f3d18e47f96c&advid=&adsrv=&unit=728x90&isdvvid=&uid=813952887312&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.40&dvpx_strhd=0.40&brid=0&brver=&bridua=3&dup=null&turl=https://www.correiodopovo.com.br/&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0jZB6lo92cduQd2kJl6TN71&DVP_DBM_1=1861733&DVP_DBM_2=18245953&DVP_DBM_3=47028839&DVP_DBM_4=332552067&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=30617691154&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=16&fcifrms=24&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=135&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D4%40CC6%3A%405%40A%40G%40%5D4%40%3E%5D3CTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D4%40CC6%3A%405%40A%40G%40%5D4%40%3E%5D3CTar9EEADTbpTauTauacd2hg4gf%60273572_22f7%60bh5bah653a%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=11.47
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal87.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
70d275cf7b1a222c1049ff4536427692b1e25003ec2468e8bced526c8ac4d72e

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
X-DV-Response
1
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Date
Thu, 20 May 2021 13:19:35 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
5/19/2021 1:19:35 PM
dv-match6.js
cdn.doubleverify.com/ Frame 8415 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-match6.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:287::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 13:19:35 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Mar 2018 04:45:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"03c84bdf3b8d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=65221
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1935
adview
googleads.g.doubleclick.net/pagead/ Frame B2BA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C5EbR5mGmYPPCC4iGtOUPv-uywA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQJjF3Zm5HK0PqgDAaoEvAFP0P4y2WixZpLycRONCiuaOVO9ZF6bUHSKKmYoNuZ82jfl6eL4sJ4QHD8XxVpQlgRJLuES7FaK-GrDvV2QbOcChtrVOaAeYyN7yb9xMZt4TadiCtE5lyo0o6O9RS8vMRcafqtryLVRq_maO8aXIqRsqzoJ7RzE2Ja5lRdVW_LM5eLb-ppNbBm-qPRrBkHxO-LItan26dMmNEGjyFsY6vmAuMJ_Hh1CDP5b98nH5sI31SwOzZ2nExrixXAZC4AG_pSpkqePyfj-AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTYzNzk4NTQ0MjA4NTE0NzY&sigh=hUdvtkvuB6I
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382142&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773664&bpp=22&bdt=110&idt=428&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=2&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=1436711205&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5980&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&oid=3&pvsid=2379931329817778&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2u1af1lkdq99&btvi=1&fsb=1&dtd=446
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 20 May 2021 13:19:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:35 GMT
winResponse
prod-rtb.ad4mat.net/ Frame B2BA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gtp02ptq30x02hv20975sg8df4na0qs102h604e5tc936y1xa8htx74b5k1m9pt38t9r6myktwkrff5zdth7fwmx1ckgkghe0xjarnapj0zz405eabrh1jkcx2dvaa605rrdmdfnb60qfs0mvv0sgqh94zah02rr74fqg1cst4w3rbaqe2084jrwr2tpscxfpgkk3qzt5zbr48t6wteqzx2qwgp6v4e8qz312a13am2hyn0hrz7vz0ae4hrc39pjw7n214fbp0b4jtr1g11j2x1zp8bd99xkmrhztnen7mk18585bx98e4kcp3jswv8yqqz0dsa4cz5cr49x1sqt1tvdrverz97zbzsw5hc7g3bbtnvk8347a02cbep0x336jt99ybp&b=YKZh5gAC4XMGrQMIAAy1v5v7BxEtzSPC22m-KA
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 20 May 2021 13:19:35 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
ad4m.at/ad/ Frame 5085 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dr?ed=1j66kbq3sp1qqr27hdwvtpr49qr3dyzfd561qgws14458w38xbp73snzp21qbcj1a8752zf4qpfjmbntdtshgxpt534sakvk2tdf4tyk8rj8m869mpwbw33q0chs35ranwt7f7m249hggewp80rvw92fqbcxvbjy1b42z13vas0az2dew3bf99jssrqjhv4t5mgna9dz2wa514tzbrn3xgyfxavevyhv3kggyfqqaemz0gndnw5db29pw757c0n9sr4xrjr2v1pdp803keqg5s9cp1mk31ykma16baygk39cdrvqma1r3zd8bemht0h97cs4z5cjqd9303q4aggvnfb3wx4q7p7wtstjw23cktyxhscxnbrr102c7tz9c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxNj65mGmYPPCC4iGtOUPv-uywA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQJjF3Zm5HK0PqgDAaoEvwFP0P4y2WixZpLycRONCiuaOVO9ZF6bUHSKKmYoNuZ82jfl6eL4sJ4QHD8XxVpQlgRJLuES7FaK-GrDvV2QbOcChtrVOaAeYyN7yb9xMZt4TadiCtE5lyo0o6O9RS8vMRcafqtryLVRq_maO8aXIqRsqzoJ7RzE2Ja5lRdVW_LM5eLb-ppNbBm-qPRrBkHxO-LItan26dMmNEGjyFsY6vmAuMJ_Hh1CDP5b94vF61DgAKtOBRrvhcCrV4IgH8GxTYAG_pSpkqePyfj-AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2zktj6AU9cqelDL4Q4MQ5TtAqLbg%26client%3Dca-pub-6379854420851476%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382142&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773664&bpp=22&bdt=110&idt=428&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=2&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=1436711205&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5980&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&oid=3&pvsid=2379931329817778&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2u1af1lkdq99&btvi=1&fsb=1&dtd=446
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
433fe7b191081a66df1b4e0be1b98d504accb0bf232637283d37979dd1d1a87b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dr?ed=1j66kbq3sp1qqr27hdwvtpr49qr3dyzfd561qgws14458w38xbp73snzp21qbcj1a8752zf4qpfjmbntdtshgxpt534sakvk2tdf4tyk8rj8m869mpwbw33q0chs35ranwt7f7m249hggewp80rvw92fqbcxvbjy1b42z13vas0az2dew3bf99jssrqjhv4t5mgna9dz2wa514tzbrn3xgyfxavevyhv3kggyfqqaemz0gndnw5db29pw757c0n9sr4xrjr2v1pdp803keqg5s9cp1mk31ykma16baygk39cdrvqma1r3zd8bemht0h97cs4z5cjqd9303q4aggvnfb3wx4q7p7wtstjw23cktyxhscxnbrr102c7tz9c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxNj65mGmYPPCC4iGtOUPv-uywA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQJjF3Zm5HK0PqgDAaoEvwFP0P4y2WixZpLycRONCiuaOVO9ZF6bUHSKKmYoNuZ82jfl6eL4sJ4QHD8XxVpQlgRJLuES7FaK-GrDvV2QbOcChtrVOaAeYyN7yb9xMZt4TadiCtE5lyo0o6O9RS8vMRcafqtryLVRq_maO8aXIqRsqzoJ7RzE2Ja5lRdVW_LM5eLb-ppNbBm-qPRrBkHxO-LItan26dMmNEGjyFsY6vmAuMJ_Hh1CDP5b94vF61DgAKtOBRrvhcCrV4IgH8GxTYAG_pSpkqePyfj-AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2zktj6AU9cqelDL4Q4MQ5TtAqLbg%26client%3Dca-pub-6379854420851476%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 20 May 2021 13:19:35 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7d3s
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a2b8786a700004aa967b22000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6525db843b9b4aa9-FRA
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame B2BA 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382142&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773664&bpp=22&bdt=110&idt=428&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=2&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=1436711205&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5980&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&oid=3&pvsid=2379931329817778&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2u1af1lkdq99&btvi=1&fsb=1&dtd=446
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:17:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 13:17:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BA88 		1 KB
864 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382142&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773664&bpp=22&bdt=110&idt=428&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=2&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=1436711205&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5980&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&oid=3&pvsid=2379931329817778&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2u1af1lkdq99&btvi=1&fsb=1&dtd=446
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 20 May 2021 06:38:34 GMT
expires
Fri, 21 May 2021 06:38:34 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
24061
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B2BA 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382142&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773664&bpp=22&bdt=110&idt=428&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=2&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=1436711205&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5980&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&oid=3&pvsid=2379931329817778&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2u1af1lkdq99&btvi=1&fsb=1&dtd=446
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621424119306032"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36804
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:35 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame B2BA 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382142&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773664&bpp=22&bdt=110&idt=428&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=2&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=1436711205&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5980&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&oid=3&pvsid=2379931329817778&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2u1af1lkdq99&btvi=1&fsb=1&dtd=446
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
176
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 13:16:39 GMT
l
www.google.com/ads/measurement/ Frame B2BA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSmnV0xFh7CkPoDqI-gByZTsgapTctmKHRcjWbR3PdTMJJWgUe0A78X8DDAjCqGye1DSIgS1QBZelnq6jfBaIKGpegILw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382142&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773664&bpp=22&bdt=110&idt=428&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=2&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=1436711205&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5980&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&oid=3&pvsid=2379931329817778&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2u1af1lkdq99&btvi=1&fsb=1&dtd=446
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8F59 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Wed, 19 May 2021 21:10:52 GMT
expires
Thu, 19 May 2022 21:10:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
58123
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A25E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Wed, 19 May 2021 21:10:52 GMT
expires
Thu, 19 May 2022 21:10:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
58123
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame F62A 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 11:57:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 25 Nov 2020 01:15:00 GMT
server
sffe
age
177735
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2447
x-xss-protection
0
expires
Wed, 18 May 2022 11:57:20 GMT
www-subscribe-embed-card_v0.js
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame F62A 		149 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 11:57:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 21:45:00 GMT
server
sffe
age
177735
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44975
x-xss-protection
0
expires
Wed, 18 May 2022 11:57:20 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F4D5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Wed, 19 May 2021 21:10:52 GMT
expires
Thu, 19 May 2022 21:10:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
58123
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 049B 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 May 2021 13:19:35 GMT
mercedes_930x180.js
s0.2mdn.net/10160029/1617042646663/ Frame 049B 		74 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
024cf3e5d863b74144b1a54b914d3827ebe8a6d2984cc1956165c33efefe039d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 22:41:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52667
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15745
x-xss-protection
0
last-modified
Mon, 29 Mar 2021 18:30:46 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 20 May 2021 22:41:48 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 6238 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 May 2021 13:19:35 GMT
mercedes_930x180.js
s0.2mdn.net/10160029/1617042646663/ Frame 6238 		74 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
024cf3e5d863b74144b1a54b914d3827ebe8a6d2984cc1956165c33efefe039d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 22:41:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52667
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15745
x-xss-protection
0
last-modified
Mon, 29 Mar 2021 18:30:46 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 20 May 2021 22:41:48 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame DE8D 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 May 2021 13:19:35 GMT
mercedes_930x180.js
s0.2mdn.net/10160029/1617042646663/ Frame DE8D 		74 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
024cf3e5d863b74144b1a54b914d3827ebe8a6d2984cc1956165c33efefe039d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 22:41:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52667
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15745
x-xss-protection
0
last-modified
Mon, 29 Mar 2021 18:30:46 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 20 May 2021 22:41:48 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:35 GMT
content-encoding
gzip
last-modified
Mon, 17 May 2021 11:49:37 GMT
server
nginx
etag
W/"60a25851-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 21 May 2021 13:19:35 GMT
truncated
/ Frame B2BA 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24e4c070f41657ab7c344c8e3b1f49efd5a85a3d30e171b1c0276128506da27c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ Frame F62A 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdbb929d9ca1e2ce7b2b4227a6e752b820a215a1e4a7e6bc56f943887210e2d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 20:19:21 GMT
server
sffe
age
586247
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41440
x-xss-protection
0
expires
Fri, 13 May 2022 18:28:48 GMT
CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
pagead2.googlesyndication.com/bg/ Frame AEFC 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 09:49:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:08:00 GMT
server
sffe
age
12625
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
expires
Fri, 20 May 2022 09:49:10 GMT
img1.jpg
s0.2mdn.net/10160029/1617042646663/images/ Frame 6238 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10160029/1617042646663/images/img1.jpg
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dda7a79e68bc8bdfb5616a49436cf167a6a20d6452a7e948615fbb6a1948781
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 10:07:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 29 Mar 2021 18:30:46 GMT
server
sffe
age
11533
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31203
x-xss-protection
0
expires
Fri, 21 May 2021 10:07:22 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 999D 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssa5U9WDUjs6EfQafrwZuVt9B3err7qVUF1njHVJLVzSLNBwe6fu7h4kWaVpFzovg8F0a0STZCzmmbbgN7NBPY0qFoeoRWiiW6fm9oJFcYX74jSGEM8YdVgPU0YQ3LjP-vW9Xxvp91T3_ffsAdS5-YBzIqA5qONklSJHuFTrm-Vl9dxk3wjMp5QFl1dnkbb6W5KrpkRnuBNeS31GamZTy4NrpXK3B73pyCZDVLxxlypjJJbWQCi-AApz3OXfw1jRsNxoNGwnwPGGag8tY8eusgz_okCGocqsglph3H37s9ioolIdf8_irT8APTkvaF2A1--Hnjv_RVqBc68T08APgV9QYpEXIR4gdLUMgF9X-ru9ctkcL_aOqMpAeuMytZK9byMhJZ41HlSNcV-6FSPcPh3jLc6Ajz98jI32OuxlWsgTZpytT1ycAXJH91yxHEdjIwuThuysIi_rBWbBKeJVVJgO5wVAVM1VzaFnZrT8f09NvuKKlUZ1bTq4OimVDHhBnc-rytuboQ7yI0c8rbV8Na6_uUQa_xhoYvaHDx9FJVtsfNuEIZi2WCBrghPhaEBKKugxNuGJfBx7Vm9klN-lcDuW_tclSs35Yg6tW7BGr4AAox3eRWsdP2PAvwziXSSYWUaD9-gZSK7cSkKAbwIcfg4LFn_7uK_GSLcZ2HoaPViY_QSvi3Sd3pi3N5yT9duEFKHtfxjahzc0MJswDS6efLfq9JyYHC8V4i1vUiiZoxJMhU_PwnJpKC8islMXp-In6uR73bBNrlJ0OvJ-JTca8cqWohP1Jxc11foZ02BbfKubvyJRZ2IJyNfdL8nwMSQr32P_s-FkOq8yXe3VG5JXHaG3pHYGx4S7DMpwX7xfqDlJ60Gva34VU-oSyfWS1_dVdadZxPalj1KvPvlGa00YHy4UhqR8c1eouq9CNQJbHwWlDDqoG-0VBBsnsAIGKY1AaBKejUljZRAViEvvjgZ1Kc-3_VG9bu4UagI3uD6P5e0H9NZJLHITgCBaLdiOLhvey3bUB1QMkBYjNXv1sFxuhESo9JCwbUsF_J-1Idgz3j-tVBYyuS-n8HSWdkfI362ydLiCqINRu5gQiQ0d70WrCIaHGaloLyqp7I1PJKby9xjyHKn-VsvCWHCWtoWDFY4uNdZwYKD_l-LjhFduKaX-wbGqLMGgZbS8DpsQCtn0-TcF0TGszWPgbQFtti_5BG1aHzKihctvbp2-_wXVrVviEwEek1D0N4jzhY&sai=AMfl-YS7OOyB-qY6wg2dO44bVvFW52AgP4ZiVtXIKufkae0fMQnMvBstd3idc28cnBZnN9caZX9LK4KB6aqapwLRxvCg51h26GliJ02gKXMHdKsBeqvtS5Tlju3A3ctUPNgDnm6hS1Tq0iCAjJu0mpAhYIl4XbY35ALQsmJBdGV4XiYzDRgWu4lLkp7lo-u8Zh1qNwPgSGpFiBetraVKNCr3RE8SkkdEG1rL-d3_otDyZg&sig=Cg0ArKJSzEfzmYblHg2nEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=745&vt=11&dtpt=493&dett=3&cstd=250&cisv=r20210517.79681&adurl=
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 13:19:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img1.jpg
s0.2mdn.net/10160029/1617042646663/images/ Frame 049B 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10160029/1617042646663/images/img1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dda7a79e68bc8bdfb5616a49436cf167a6a20d6452a7e948615fbb6a1948781
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 10:07:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 29 Mar 2021 18:30:46 GMT
server
sffe
age
11533
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31203
x-xss-protection
0
expires
Fri, 21 May 2021 10:07:22 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6DD0 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssjVKSnx1sJMih6LhTxXALyxATivhHzZRmqXzpS9bTY9d0qLguc1JeAQxFWikZxUGayJZann9opjgT3b3wXjTg27fg2w_ge2oC4R3uJi9NCGMaEVWmVS60zXWzbZphQ25ozzlFO1z1lQiFGhfKOE5DRHruLEqJMK-i-zJg1O2fSfxFqW4AOg_hX1_7OT4ErgtNok-V6XKCU6iorTDql7GwnCHUrW6eVe0heXMupJdW5jvaP8UIbABu5Ulta8HHD0p0wH5V33Nwo8PoaacE73SgRxoGEfhmNvu3NbFun9BTOT8SOcsUV8QvOmvdyt4Yhv4-ig6bAvqLjPLeIui9cMh2JZyl3LU0iYsvsD307npET8eobANLZoVaMs9QYN1iEmr0RLZ8xjUQzGwAtPFaxqFs4IqQ61jDf7KpXBn_CKxeKMefywN5O2Al5iZJ8jDqMIhQR-0g6-G8xNWmX5lQeLe3xj8kfTEVoVp6azyvXMsMJefbtEV4B4g-8_b8PcpCvmg56psqA7OJmc-eTXRAVaJsqmOSr-YOx0vPoeD23cP_F2easVj8MqUCMA3TiS_fOCnREUs6ueoL8ttBnfb5Ete1mjN-d2APKbnjNsTPLJwYv_rU_ptY-Yoe4u_bfawZnft09kCW-ql58DyOz9PxBXTQZqU46M5YbvM_KUVxo4Ae_VAx9DZ5bhOOfQnrg1UKLSWATmvJxjykAUT0iIxokRFZljmZqGzdJF1wz46YgRcrT92oVvR8x1Irh7Elnh03WW2GNRna87_sNTFT1y8dc_pa3o6oxosC8O4H4V97zQqB1t8ZWKV9qEWk-8qZWKfYsPXYretACzgktY0HrM4Kquum5c8vDRjgMOYQ_9SUNDq5PYPpnf6A7sIFOZWR4cntrtfE05QqAe-YzxaVpIlPGmGUQq2iN_eyDmC8m-16Vd8gNy7na2hDMLN8Wg5v17M6JbM9bbYzBp8B7iUrerspWgjo82XMnHNSguIQzhH6a_PzUWrhWQe-MX6XW4V98rwBy7BfXff9NoCFEM0l2c_7G2_Mmi8Rsj2OpgI5xb4EP19oArWCYf7VOeXuLrHOooHqQW9bQQ0_sJ7YqYroAffJq88ejLtQ_S85bGfPwbQA9smIAqTCELvkoZFlgUai6duONaLG7hHEJe3MR6sKKP3hZDfu0sv1VU9zZO8nirkpGzjlCW3WAW0-E89yVNXxXRlGdo8NzpdltVmw48hI8aRVmQ21Sq_IArA&sai=AMfl-YTpxjOuSd9mLz7tjnK_-6QDKBHDljZUOCzsvl3DQYHFS8uIXKW76xWdHYjAP9zISucjTcw7yKjO6-KjFsF9aJBKL9TXFqyWrrTZeffZ8TqpVRw7exwgPZGmejXhPkj2NThf3cs3ZP-KKTBIaJ1ld3ZpetEuRctl0nXgCLje0v5WzYWscIVrYtMPA6SidFoBNYY-gGznSo_YSFOmYgkPKkF7_scY2XU9LmNEsMURzA&sig=Cg0ArKJSzKkFKKDbhw2cEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=776&vt=11&dtpt=525&dett=3&cstd=248&cisv=r20210517.45914&adurl=
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 13:19:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img1.jpg
s0.2mdn.net/10160029/1617042646663/images/ Frame DE8D 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10160029/1617042646663/images/img1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dda7a79e68bc8bdfb5616a49436cf167a6a20d6452a7e948615fbb6a1948781
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 10:07:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 29 Mar 2021 18:30:46 GMT
server
sffe
age
11533
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31203
x-xss-protection
0
expires
Fri, 21 May 2021 10:07:22 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5D4B 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuuTRS2v-acO03AyHCPQ9TFF8J2gc5Jh96MvE3Rx17lg0eNKzSQ2jc79FTP_EwbQpe7xdHiJYL-vu-B23Ax_h_h-BS-lhhMfEOV7tB5GTLItEqv_VHN5s4Ccqe0Zy8XMGNer_06AgGFqAneJ7IdUURI74hH6kA6vQWB5neEKjRINeJqInbfj7hGQN5dTygFMgc33Ss2pedu1hLoQu_sKkrvXVC_m6mnugZmjSF81cy11FPSO8To_dH4s9B3TxTuEfg5nF4Kkg40ykCDEPaitsA2bFgGeefH4OltUgkOfn76ZEJhEyWt9WSHgFtl8eNm2OSruE1VijcPl9bMvqayK432tSFmWE7AC2SUiNDwz19qsj9dhpP5br-bUp1tT4ISKp9EDDsxSjhyqa39WEkOs8TFfBSVdLrDJqvCZIj5iSqWdW0k6V1GVEA9086TUK_2-nU_4MwFZUzb5jQz4h-OlntvfPNSIK5DdiPyrGK-U-7hPcBuC1k_KlEFpxNMbV_p6tfmpVdOlwB5rVuMy7rDNhKYXthpnbXK2unyCEIAwFo-P_mNHP1_jsbOEtukNihRLN91qJpJCsiXSlRn3OXtetc1-u9ZyAkKOswlix1lu32zDwA6kJGS8HRmo7L52JdqJ6YRsMCoP70rzW5-c6SEjZYy_7C3ZSBjRTkpUR9fddWZMPnqeZZb6PFq3GJpuNUoXGdmJvZBdZEVKbQ1YAGujYAb9q1ie3_tbTFn0Z2QnChOLfO8QL5llZ2O87nQoC3TPmWnWStxhnKCvS_dJwpilqddMCIQRrd28dvDATHwc3cT6M2S9NnYQNJxzUMGQe7YinG7REZA4Sh0EmZj969YV5HZqBGgAj3NhfiSamauUFqbLD3T2GYMMWdkVkxV9MFVHcHpHQ-SAgBu-CYz_HG0Y_Mwqb-CAXPIaippvXlvDe2w7ro1L6xGjgk1hmB-qC7Qy8vchcF9U0X-UhyfsWSq-PA5m04-UmVAyen2Kl_B4GT7Aj-kYqrY5vF0bO7vKaSEWa4GneAcNO26p6PJ4dxv1LLW4z4mfQ9opq5nP-WF4mOckt2qCqsCMb7wrKbVejkz9ie_JolQF0wDQSokwVezWQVdycNlM3g1Tx58RX9lTo6kQk2NMaUY9HoKZxCgcZPM7dc7Gy2P03xYDEL5iXXsJb3y8lP-Vzjc1-DN52nWQDp15rSBiD55-gxy0oZGB0omlAEuE_ODsh1Q-gu5d2DmmidGnhwBHNVDuzw&sai=AMfl-YQkLAU5TOvMC1aEkRbeLaT8M3xEvS5Xaro1qhlVjegtpew6N1oboFV-2rkot_TkvGRck1sKPJiZ-gS7TL55d4OH_5_E4LpVCSULl--W-NJj2IUrwchaz3yLqKwXX5jhzxSY7HWggu3dU0iFMPpaTE7pzHd1_qZto6hEL5U7SnQ0yDxvBtm6uhMeoSJEpYr69rh5ximcCoikhgPwuvFDaUAfoNrN8DbwGg5shx0utw&sig=Cg0ArKJSzDyeSNCnOttYEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=787&vt=11&dtpt=461&dett=3&cstd=325&cisv=r20210517.66374&adurl=
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 13:19:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame 5085 		58 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1j66kbq3sp1qqr27hdwvtpr49qr3dyzfd561qgws14458w38xbp73snzp21qbcj1a8752zf4qpfjmbntdtshgxpt534sakvk2tdf4tyk8rj8m869mpwbw33q0chs35ranwt7f7m249hggewp80rvw92fqbcxvbjy1b42z13vas0az2dew3bf99jssrqjhv4t5mgna9dz2wa514tzbrn3xgyfxavevyhv3kggyfqqaemz0gndnw5db29pw757c0n9sr4xrjr2v1pdp803keqg5s9cp1mk31ykma16baygk39cdrvqma1r3zd8bemht0h97cs4z5cjqd9303q4aggvnfb3wx4q7p7wtstjw23cktyxhscxnbrr102c7tz9c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxNj65mGmYPPCC4iGtOUPv-uywA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQJjF3Zm5HK0PqgDAaoEvwFP0P4y2WixZpLycRONCiuaOVO9ZF6bUHSKKmYoNuZ82jfl6eL4sJ4QHD8XxVpQlgRJLuES7FaK-GrDvV2QbOcChtrVOaAeYyN7yb9xMZt4TadiCtE5lyo0o6O9RS8vMRcafqtryLVRq_maO8aXIqRsqzoJ7RzE2Ja5lRdVW_LM5eLb-ppNbBm-qPRrBkHxO-LItan26dMmNEGjyFsY6vmAuMJ_Hh1CDP5b94vF61DgAKtOBRrvhcCrV4IgH8GxTYAG_pSpkqePyfj-AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2zktj6AU9cqelDL4Q4MQ5TtAqLbg%26client%3Dca-pub-6379854420851476%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer
https://ad4m.at/ad/dr?ed=1j66kbq3sp1qqr27hdwvtpr49qr3dyzfd561qgws14458w38xbp73snzp21qbcj1a8752zf4qpfjmbntdtshgxpt534sakvk2tdf4tyk8rj8m869mpwbw33q0chs35ranwt7f7m249hggewp80rvw92fqbcxvbjy1b42z13vas0az2dew3bf99jssrqjhv4t5mgna9dz2wa514tzbrn3xgyfxavevyhv3kggyfqqaemz0gndnw5db29pw757c0n9sr4xrjr2v1pdp803keqg5s9cp1mk31ykma16baygk39cdrvqma1r3zd8bemht0h97cs4z5cjqd9303q4aggvnfb3wx4q7p7wtstjw23cktyxhscxnbrr102c7tz9c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxNj65mGmYPPCC4iGtOUPv-uywA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQJjF3Zm5HK0PqgDAaoEvwFP0P4y2WixZpLycRONCiuaOVO9ZF6bUHSKKmYoNuZ82jfl6eL4sJ4QHD8XxVpQlgRJLuES7FaK-GrDvV2QbOcChtrVOaAeYyN7yb9xMZt4TadiCtE5lyo0o6O9RS8vMRcafqtryLVRq_maO8aXIqRsqzoJ7RzE2Ja5lRdVW_LM5eLb-ppNbBm-qPRrBkHxO-LItan26dMmNEGjyFsY6vmAuMJ_Hh1CDP5b94vF61DgAKtOBRrvhcCrV4IgH8GxTYAG_pSpkqePyfj-AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2zktj6AU9cqelDL4Q4MQ5TtAqLbg%26client%3Dca-pub-6379854420851476%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=XxVHlg==, md5=RCdMWH7YOCWDIhuwI9UcWg==
date
Thu, 20 May 2021 13:19:35 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5070028
cf-polished
origSize=59196
x-guploader-uploadid
ABg5-Uy4aivieyuBWrRiQC4_Ppn1uUsCErWp3PCNabOAR1DHIeajjF0MmTZg9JuSRGfocIdDxNZdYx3-JXnC-nTF81uHDLT_kw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
58969
cf-request-id
0a2b8787ce00001f2d0c3d2000000001
last-modified
Tue, 16 Mar 2021 10:53:32 GMT
server
cloudflare
etag
"44274c587ed8382583221bb023d51c5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=POg3Et0RH9GZ4Vdb0aV4lHdTbwnnu76REs9Uju2wrucoEWh1Nh%2B%2BVnQ1H%2F0sFrRqBOtng9T0lsu4JwzZxNfxXdIgrrtCZH8lxJWPvQ9cnpY03j9X"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1615892011975494
content-type
text/css
expires
Tue, 22 Mar 2022 20:59:07 GMT
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
6688
accept-ranges
bytes
cf-ray
6525db861e5d1f2d-FRA
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame 5085 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1j66kbq3sp1qqr27hdwvtpr49qr3dyzfd561qgws14458w38xbp73snzp21qbcj1a8752zf4qpfjmbntdtshgxpt534sakvk2tdf4tyk8rj8m869mpwbw33q0chs35ranwt7f7m249hggewp80rvw92fqbcxvbjy1b42z13vas0az2dew3bf99jssrqjhv4t5mgna9dz2wa514tzbrn3xgyfxavevyhv3kggyfqqaemz0gndnw5db29pw757c0n9sr4xrjr2v1pdp803keqg5s9cp1mk31ykma16baygk39cdrvqma1r3zd8bemht0h97cs4z5cjqd9303q4aggvnfb3wx4q7p7wtstjw23cktyxhscxnbrr102c7tz9c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxNj65mGmYPPCC4iGtOUPv-uywA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQJjF3Zm5HK0PqgDAaoEvwFP0P4y2WixZpLycRONCiuaOVO9ZF6bUHSKKmYoNuZ82jfl6eL4sJ4QHD8XxVpQlgRJLuES7FaK-GrDvV2QbOcChtrVOaAeYyN7yb9xMZt4TadiCtE5lyo0o6O9RS8vMRcafqtryLVRq_maO8aXIqRsqzoJ7RzE2Ja5lRdVW_LM5eLb-ppNbBm-qPRrBkHxO-LItan26dMmNEGjyFsY6vmAuMJ_Hh1CDP5b94vF61DgAKtOBRrvhcCrV4IgH8GxTYAG_pSpkqePyfj-AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2zktj6AU9cqelDL4Q4MQ5TtAqLbg%26client%3Dca-pub-6379854420851476%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c01c98dc32c9889b4120afd376d61fe7a172b6cb323b48011b71572a4d97ff8a

Request headers

Referer
https://ad4m.at/ad/dr?ed=1j66kbq3sp1qqr27hdwvtpr49qr3dyzfd561qgws14458w38xbp73snzp21qbcj1a8752zf4qpfjmbntdtshgxpt534sakvk2tdf4tyk8rj8m869mpwbw33q0chs35ranwt7f7m249hggewp80rvw92fqbcxvbjy1b42z13vas0az2dew3bf99jssrqjhv4t5mgna9dz2wa514tzbrn3xgyfxavevyhv3kggyfqqaemz0gndnw5db29pw757c0n9sr4xrjr2v1pdp803keqg5s9cp1mk31ykma16baygk39cdrvqma1r3zd8bemht0h97cs4z5cjqd9303q4aggvnfb3wx4q7p7wtstjw23cktyxhscxnbrr102c7tz9c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxNj65mGmYPPCC4iGtOUPv-uywA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQJjF3Zm5HK0PqgDAaoEvwFP0P4y2WixZpLycRONCiuaOVO9ZF6bUHSKKmYoNuZ82jfl6eL4sJ4QHD8XxVpQlgRJLuES7FaK-GrDvV2QbOcChtrVOaAeYyN7yb9xMZt4TadiCtE5lyo0o6O9RS8vMRcafqtryLVRq_maO8aXIqRsqzoJ7RzE2Ja5lRdVW_LM5eLb-ppNbBm-qPRrBkHxO-LItan26dMmNEGjyFsY6vmAuMJ_Hh1CDP5b94vF61DgAKtOBRrvhcCrV4IgH8GxTYAG_pSpkqePyfj-AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2zktj6AU9cqelDL4Q4MQ5TtAqLbg%26client%3Dca-pub-6379854420851476%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=VHPQMw==, md5=O4FGM/ivTqRkLkRDXbVbMw==
date
Thu, 20 May 2021 13:19:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
71643
x-guploader-uploadid
ABg5-UyHG-hOHMrblKFIYL7z0-xw-9pArwKph-VJrtcWULownBnqKUo-1GLHEGsXvwH8Zp6QorI5FIk9wmVPTpub1M4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a2b8787d100001f2d5ea94000000001
last-modified
Thu, 06 May 2021 17:25:03 GMT
server
cloudflare
etag
W/"3b814633f8af4ea4642e44435db55b33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PQulmDmHarqntcyrLgnHZlK7J7c3P2KIyldpNCqsDmnSZIXtrVGh4cNP85GFLJVsTGGk4Kwf3pNr0m92WaDZ87dcO1pqiYI2P5BYUdeaFwWhkjWj"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620321903630655
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
12034
cf-ray
6525db861e661f2d-FRA
expires
Wed, 19 May 2021 17:25:32 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 5BD7 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal87.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
413dbaabe884bded8ca6f791212d7089fea725e70f77e6c61f8a728910e61103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 12:41:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 16:13:46 GMT
server
sffe
age
2264
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3774
x-xss-protection
0
expires
Thu, 20 May 2021 13:41:51 GMT
bsevent.gif
tps20511.doubleverify.com/ Frame 5BD7 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps20511.doubleverify.com/bsevent.gif?impid=1352d7f2114b4f1db6cf92bc004620cc&dvp_or2=1&cbust=1621516775376378
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:35 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=0
Content-Length
860
Expires
5/19/2021 1:19:35 PM
img2.jpg
s0.2mdn.net/10160029/1617042646663/images/ Frame 6238 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10160029/1617042646663/images/img2.jpg
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b2e739a050823a1b2bcf0e0f36e80220430fdb2cb6abe0a44afc5d9260f540b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 07:43:05 GMT
x-content-type-options
nosniff
last-modified
Mon, 29 Mar 2021 18:30:46 GMT
server
sffe
age
20190
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26574
x-xss-protection
0
expires
Fri, 21 May 2021 07:43:05 GMT
pixel
cm.g.doubleclick.net/ Frame BA88
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJSIa-XrBEJ0DEn7mHylepk&google_cver=1&google_push=AQvitUKWcP_POWx57jAUtF0EA-04ylFuV7H4_PRR-msgrUH_V7ONzzLMddXkR0rQHWpYogqPcGzBLlTUwLZZN6Fv...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUKWcP_POWx57jAUtF0EA-04ylFuV7H4_PRR-msgrUH_V7ONzzLMddXkR0rQHWpYogqPcGzBLlTUwLZZN6FvlY2yl35nQIsR
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUKWcP_POWx57jAUtF0EA-04ylFuV7H4_PRR-msgrUH_V7ONzzLMddXkR0rQHWpYogqPcGzBLlTUwLZZN6FvlY2yl35nQIsR
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382142&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773664&bpp=22&bdt=110&idt=428&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=2&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=1436711205&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5980&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&oid=3&pvsid=2379931329817778&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2u1af1lkdq99&btvi=1&fsb=1&dtd=446
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 20 May 2021 13:19:35 GMT
Server
MT3 3736 915c305 master zrh-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUKWcP_POWx57jAUtF0EA-04ylFuV7H4_PRR-msgrUH_V7ONzzLMddXkR0rQHWpYogqPcGzBLlTUwLZZN6FvlY2yl35nQIsR
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 20 May 2021 13:19:34 GMT
i.match
s.tribalfusion.com/z/ Frame BA88
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBy-YFrnfhlsrT1OZPHwvAw&google_cver=1&google_push=AQvitUKb3oI4gK3HBPqTMV3mNYp5VLLQFyAIdnrpQnmZ5_GUCb3Ji2CbWPGrOkKOJybrbFgwDE8DHo98wF1kQGGqJQRslRjKwHTs0...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBy-YFrnfhlsrT1OZPHwvAw&google_cver=1&google_push=AQvitUKb3oI4gK3HBPqTMV3mNYp5VLLQFyAIdnrpQnmZ5_GUCb3Ji2CbWPGrOkKOJybrbFgwDE8DHo98wF1kQGGqJQRslRjKwHT...
43 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBy-YFrnfhlsrT1OZPHwvAw&google_cver=1&google_push=AQvitUKb3oI4gK3HBPqTMV3mNYp5VLLQFyAIdnrpQnmZ5_GUCb3Ji2CbWPGrOkKOJybrbFgwDE8DHo98wF1kQGGqJQRslRjKwHTs0g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitUKb3oI4gK3HBPqTMV3mNYp5VLLQFyAIdnrpQnmZ5_GUCb3Ji2CbWPGrOkKOJybrbFgwDE8DHo98wF1kQGGqJQRslRjKwHTs0g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382142&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773664&bpp=22&bdt=110&idt=428&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=2&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=1436711205&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5980&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&oid=3&pvsid=2379931329817778&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2u1af1lkdq99&btvi=1&fsb=1&dtd=446
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:35 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6525db884c784d89-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
0a2b87892b00004d89fc84b000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:35 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
739
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6525db868fcb4d89-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBy-YFrnfhlsrT1OZPHwvAw&google_cver=1&google_push=AQvitUKb3oI4gK3HBPqTMV3mNYp5VLLQFyAIdnrpQnmZ5_GUCb3Ji2CbWPGrOkKOJybrbFgwDE8DHo98wF1kQGGqJQRslRjKwHTs0g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitUKb3oI4gK3HBPqTMV3mNYp5VLLQFyAIdnrpQnmZ5_GUCb3Ji2CbWPGrOkKOJybrbFgwDE8DHo98wF1kQGGqJQRslRjKwHTs0g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a2b87881800004d89f81f7000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BA88
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFZ8pGeWFC-SsLIzJW1j6EA&google_cver=1&google_push=AQvitULU6a5gt_epiZtp6JifpcjhVTwKBOywLCiTCVVqnBsQWR8IYfjd1GD5oVdht7GSvRLQMB73_AFnsVFnZEhsIhDP...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFZ8pGeWFC-SsLIzJW1j6EA&google_cver=1&google_push=AQvitULU6a5gt_epiZtp6JifpcjhVTwKBOywLCiTCVVqnBsQWR8IYfjd1GD5oVdht7GSvRLQMB73_AFnsVFnZE...
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=c787d56b-a100-45f1-92ac-91313da5bd4c&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULU6a5gt_epiZtp6JifpcjhVTwKBOywLCiTCVVqnBsQWR8IYfjd1GD5oVdht7GSvRLQMB73_AFnsVFnZEhsIhDPtHAyzOzi&google_hm=90AEG0tAROaUfpIRul0HjQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULU6a5gt_epiZtp6JifpcjhVTwKBOywLCiTCVVqnBsQWR8IYfjd1GD5oVdht7GSvRLQMB73_AFnsVFnZEhsIhDPtHAyzOzi&google_hm=90AEG0tAROaUfpIRul0HjQ==
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULU6a5gt_epiZtp6JifpcjhVTwKBOywLCiTCVVqnBsQWR8IYfjd1GD5oVdht7GSvRLQMB73_AFnsVFnZEhsIhDPtHAyzOzi&google_hm=90AEG0tAROaUfpIRul0HjQ==
date
Thu, 20 May 2021 13:19:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame BA88
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMGIx8YgkbJIBV92buPUg7I&google_cver=1&google_push=AQvitULJYRt38YrcnX8TghV416h48FqU5ambjuGKzPZAnokWQOi1xnj-XKNc0y03hmTRgS1poSn...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09XWDdaSjMtMTYtNjY5&google_push=AQvitULJYRt38YrcnX8TghV416h48FqU5ambjuGKzPZAnokWQOi1xnj-XKNc0y03hmTRgS1poSn43kv7A2lT8CA4u5atsLiXYYB9
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09XWDdaSjMtMTYtNjY5&google_push=AQvitULJYRt38YrcnX8TghV416h48FqU5ambjuGKzPZAnokWQOi1xnj-XKNc0y03hmTRgS1poSn43kv7A2lT8CA4u5atsLiXYYB9
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382142&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773664&bpp=22&bdt=110&idt=428&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=2&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=1436711205&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5980&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&oid=3&pvsid=2379931329817778&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2u1af1lkdq99&btvi=1&fsb=1&dtd=446
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09XWDdaSjMtMTYtNjY5&google_push=AQvitULJYRt38YrcnX8TghV416h48FqU5ambjuGKzPZAnokWQOi1xnj-XKNc0y03hmTRgS1poSn43kv7A2lT8CA4u5atsLiXYYB9
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
cm.g.doubleclick.net/ Frame BA88
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECHx_pQHL_rfaTZU3M4b7sk&google_cver=1&google_push=AQvitULFhZ09ijIu4OEAX5uUAS4_PkLi5KUDq_o3GvBgZrFG-Ld-FICP1rkwSI4wfa0KckllrLtaij71JMtABIyCc...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECHx_pQHL_rfaTZU3M4b7sk&google_cver=1&google_push=AQvitULFhZ09ijIu4OEAX5uUAS4_PkLi5KUDq_o3GvBgZrFG-Ld-FICP1rkwSI4wfa0KckllrLtaij71JMtABIyCc...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitULFhZ09ijIu4OEAX5uUAS4_PkLi5KUDq_o3GvBgZrFG-Ld-FICP1rkwSI4wfa0KckllrLtaij71JMtABIyCcObR_bVJX4z_xQ&google_hm=94a06784895f4b46675d...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitULFhZ09ijIu4OEAX5uUAS4_PkLi5KUDq_o3GvBgZrFG-Ld-FICP1rkwSI4wfa0KckllrLtaij71JMtABIyCcObR_bVJX4z_xQ&google_hm=94a06784895f4b46675d815a
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 20 May 2021 13:19:36 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitULFhZ09ijIu4OEAX5uUAS4_PkLi5KUDq_o3GvBgZrFG-Ld-FICP1rkwSI4wfa0KckllrLtaij71JMtABIyCcObR_bVJX4z_xQ&google_hm=94a06784895f4b46675d815a
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame BA88
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEA...
  • https://sync.targeting.unrulymedia.com/csync/RX-02dfb8e3-1a47-4eac-8f32-d65624cba6c6-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAQvitUJVot56AGNtCv3UuzthP...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUJVot56AGNtCv3UuzthPsyJ9t9DxxzCN9_-hlgJI9IBLuC789UFwduB57ThKHcN5kpMMR0uIPkBkZa1WWDtG3ex9wCp3r6U&google_hm=AwLfuOMaR06sjzLWViTLpsY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUJVot56AGNtCv3UuzthPsyJ9t9DxxzCN9_-hlgJI9IBLuC789UFwduB57ThKHcN5kpMMR0uIPkBkZa1WWDtG3ex9wCp3r6U&google_hm=AwLfuOMaR06sjzLWViTLpsY
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUJVot56AGNtCv3UuzthPsyJ9t9DxxzCN9_-hlgJI9IBLuC789UFwduB57ThKHcN5kpMMR0uIPkBkZa1WWDtG3ex9wCp3r6U&google_hm=AwLfuOMaR06sjzLWViTLpsY
date
Thu, 20 May 2021 13:19:37 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX02dfb8e31a474eac8f32d65624cba6c6003
content-type
text/html
dot.gif
s0.2mdn.net/ Frame BA88 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEGw87-BMEIWxwWzAOzLgXss&google_cver=1&google_push=AQvitULcYy7ZAU_Bed6Qqp4rbUIOi9ZG0f044GW64U3WEbvQSeaTSkFrQfedBSjQLo2Lc2KMr8hlkaBw5K3FkqtjhMqkpU1xVeTqzvc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382142&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773664&bpp=22&bdt=110&idt=428&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=2&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=1436711205&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5980&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&oid=3&pvsid=2379931329817778&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2u1af1lkdq99&btvi=1&fsb=1&dtd=446
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 21 May 2021 13:19:35 GMT
attr
cm.g.doubleclick.net/pixel/ Frame BA88 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KvfpVHs3wlhR-Q3HNCvgu_KaZwYIJxw3SCNlCC_x5DPUuAWlJPJW7KDQfptqX43aUvJTAxVw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382142&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773664&bpp=22&bdt=110&idt=428&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=2&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=1436711205&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5980&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&oid=3&pvsid=2379931329817778&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2u1af1lkdq99&btvi=1&fsb=1&dtd=446
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:35 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
img2.jpg
s0.2mdn.net/10160029/1617042646663/images/ Frame 049B 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10160029/1617042646663/images/img2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b2e739a050823a1b2bcf0e0f36e80220430fdb2cb6abe0a44afc5d9260f540b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 07:43:05 GMT
x-content-type-options
nosniff
last-modified
Mon, 29 Mar 2021 18:30:46 GMT
server
sffe
age
20190
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26574
x-xss-protection
0
expires
Fri, 21 May 2021 07:43:05 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 00EE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CSGeX5mGmYL-HNs2EtOUPvIOfiAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEuwFP0IAVUpdSStN0u57dok3z_DpcWcHmcVeNy4PXj4PfwcEAXP4RLPZjFZEo4QlVhXvitHPHCG7I4j620Ycubv5d95pYqtjWdq0prQ_9bQNcPZ-BID01CoXCd9_xaTlCgLVJM17SnF_Ctm8kO3wyQB--xaoZL0EjszZySso1QGMhh3xhNjRuWipxUgp8PxvutC7OrPU_IK4Soqy_FgE-jdD0YioMRAq3R7I1X6R5pyND48OmJsRITTth7hs2gAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItNjM3OTg1NDQyMDg1MTQ3Ng&sigh=dhlG2AIspOw
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773990&bpp=5&bdt=301&idt=305&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=668725599&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=8222&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=969987549450629&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8kpldhbyp60g&btvi=1&fsb=1&dtd=323
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 20 May 2021 13:19:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 00EE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gcqss9ndwk8ys9svvte13v2qzn0zpt5qwvsqnwpcqbt1jeap808fer8rvkkqbf9z7kfw5hkpgmvr8vxb9qj1zt0n7gramcvmccnytf0rw8ecja1xvekfgn4mekp3zangm7wtes2y4nsyj7b84gwrb4ztwkefw3j3skm3gwn04pqtc6tyckm538g3ndetj1mceyr1wfh6qzxv51zsptdxynmmvbe993xcf7fa6afg2r1vk9zj44dfe4x4mpbd2ggfmsed4pbj6zwwzsax7cewe6m2c6b3fke8srjxsy89k0gzkcnyajgtprfcx20bgz059e3482tstbe3n2fbvjj9e23axp18cx9zayw8ma60n4yn0t2988w3sm6ahn4agfybqcfv8rv&b=YKZh5gANg78GrQJNAAfBvH0Ot4vYklamjXAYWA
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 20 May 2021 13:19:35 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
ad4m.at/ad/ Frame 0D12 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dr?ed=1kk4fc0zpvw490v1stypcqcs28czy5fj0tytwqk016ps1bt9xj2wye12qxasf4g9bzba6ps6twh95fb91nyckpcppfjwx7dksj30tj3qe8mt64rrhnd0rpxga4n8v26rzffszrzjxbb669ne7kk28f3fr8p48vtawczwh6g5x6mvt8agv5sxn0c66kecgwmn5scjtbhbfmy28qq5ka556zn0vvzwecq3gb54m4v6tjd7ywxp4c6kweqrn8w2whbvgsspnhz6dfa3gtpp4jnea6kaccjnsq2nd9nq2gvvgdajd7b1nbrexj6kjp9vnd6ed2rk5we1j9ewferqja7sxdr5ftd3z03tz2xg6e62jd6ngx22kw5kxrmy74qg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4chQ5mGmYL-HNs2EtOUPvIOfiAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvgFP0IAVUpdSStN0u57dok3z_DpcWcHmcVeNy4PXj4PfwcEAXP4RLPZjFZEo4QlVhXvitHPHCG7I4j620Ycubv5d95pYqtjWdq0prQ_9bQNcPZ-BID01CoXCd9_xaTlCgLVJM17SnF_Ctm8kO3wyQB--xaoZL0EjszZySso1QGMhh3xhNjRuWipxUgp8PxvutC7OrPU_IK4Soqy_FgE-jdD0YioMRAq3R7I1HaZ0NfSWZINuoYzel3LzHCIiQBjggAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Zv8ZUxyDHVORaI7AdRE4DVgwFtg%26client%3Dca-pub-6379854420851476%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773990&bpp=5&bdt=301&idt=305&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=668725599&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=8222&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=969987549450629&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8kpldhbyp60g&btvi=1&fsb=1&dtd=323
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b610b883dd18684c86347c1682a9be11f96faf879644a4701e4109c4dd1d591e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dr?ed=1kk4fc0zpvw490v1stypcqcs28czy5fj0tytwqk016ps1bt9xj2wye12qxasf4g9bzba6ps6twh95fb91nyckpcppfjwx7dksj30tj3qe8mt64rrhnd0rpxga4n8v26rzffszrzjxbb669ne7kk28f3fr8p48vtawczwh6g5x6mvt8agv5sxn0c66kecgwmn5scjtbhbfmy28qq5ka556zn0vvzwecq3gb54m4v6tjd7ywxp4c6kweqrn8w2whbvgsspnhz6dfa3gtpp4jnea6kaccjnsq2nd9nq2gvvgdajd7b1nbrexj6kjp9vnd6ed2rk5we1j9ewferqja7sxdr5ftd3z03tz2xg6e62jd6ngx22kw5kxrmy74qg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4chQ5mGmYL-HNs2EtOUPvIOfiAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvgFP0IAVUpdSStN0u57dok3z_DpcWcHmcVeNy4PXj4PfwcEAXP4RLPZjFZEo4QlVhXvitHPHCG7I4j620Ycubv5d95pYqtjWdq0prQ_9bQNcPZ-BID01CoXCd9_xaTlCgLVJM17SnF_Ctm8kO3wyQB--xaoZL0EjszZySso1QGMhh3xhNjRuWipxUgp8PxvutC7OrPU_IK4Soqy_FgE-jdD0YioMRAq3R7I1HaZ0NfSWZINuoYzel3LzHCIiQBjggAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Zv8ZUxyDHVORaI7AdRE4DVgwFtg%26client%3Dca-pub-6379854420851476%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 20 May 2021 13:19:35 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7d3s
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a2b87880800001f2d1734b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6525db865f1a1f2d-FRA
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 00EE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773990&bpp=5&bdt=301&idt=305&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=668725599&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=8222&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=969987549450629&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8kpldhbyp60g&btvi=1&fsb=1&dtd=323
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:17:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 13:17:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 45F3 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773990&bpp=5&bdt=301&idt=305&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=668725599&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=8222&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=969987549450629&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8kpldhbyp60g&btvi=1&fsb=1&dtd=323
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 20 May 2021 03:14:09 GMT
expires
Fri, 21 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
36326
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 00EE 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773990&bpp=5&bdt=301&idt=305&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=668725599&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=8222&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=969987549450629&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8kpldhbyp60g&btvi=1&fsb=1&dtd=323
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621424119306032"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36804
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:35 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 00EE 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773990&bpp=5&bdt=301&idt=305&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=668725599&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=8222&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=969987549450629&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8kpldhbyp60g&btvi=1&fsb=1&dtd=323
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
176
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 13:16:39 GMT
img2.jpg
s0.2mdn.net/10160029/1617042646663/images/ Frame DE8D 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10160029/1617042646663/images/img2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b2e739a050823a1b2bcf0e0f36e80220430fdb2cb6abe0a44afc5d9260f540b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 07:43:05 GMT
x-content-type-options
nosniff
last-modified
Mon, 29 Mar 2021 18:30:46 GMT
server
sffe
age
20190
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26574
x-xss-protection
0
expires
Fri, 21 May 2021 07:43:05 GMT
CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
pagead2.googlesyndication.com/bg/ Frame 8F59 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 09:49:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:08:00 GMT
server
sffe
age
12625
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
expires
Fri, 20 May 2022 09:49:10 GMT
impl_v72.js
www.googletagservices.com/dcm/ Frame 5BD7 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v72.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f630a191b479def3ee0f7408cfec54c5e6cad83fec65155d68ef83dcd381714
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 08:41:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 May 2021 20:34:47 GMT
server
sffe
age
103063
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15545
x-xss-protection
0
expires
Thu, 19 May 2022 08:41:52 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:35 GMT
content-encoding
gzip
last-modified
Mon, 17 May 2021 11:49:37 GMT
server
nginx
etag
W/"60a25851-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 21 May 2021 13:19:35 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 464A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=COCC65mGmYMzsOZujtOUP4fyo0AuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQIDADSgYm-0PqgDAaoEvAFP0NS5UdPWu_mciUDJiYGtYRubJmAeNGzAYCOzluAICYQPvtVGosl6Pu4qASyBTluWW7GGExblpaCyw7u_fAHv3Zl2x0MqcwpUYxAUTE3k6onPHK7T3PMsvmZBA01peVzoSgc1pL5V9hFISi8MTK8ducxDc4jnwkMySp1H5FpiVENi_s1_zJYzFY-edUXuj5jwbiqu3Y24K7Rrm1GwahdnF20HT-N6qkn7Lx24O4Oq-cBhTYw9U2ISe-qjW4AG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTYzNzk4NTQ0MjA4NTE0NzY&sigh=L_FDERKIpdk
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381805&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774232&bpp=4&bdt=111&idt=316&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&rume=1&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=1844063362&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8764&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=31060945%2C21066613%2C21066615&oid=3&pvsid=4495768851889684&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d3y0sc9dpyeu&btvi=1&fsb=1&dtd=335
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 20 May 2021 13:19:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 464A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1g4amy13qbbjrz6kva1gjay1z19p3q52f05j86f01q5wxxskken6c1jy73j5sbk1b4mmn5eaf4esrem5t6pkrdrec3ppk2wvj46kk88dwwazbbmy0qe49d0619gt83820kdyw658kgkcy7f8bb1mcy8gafaqw9f9n4hr15ek01r920vrn29n3q8zyfjpjpdazmvhbxdnascgndddfr21gf5tmb87nqmzt0h9j3n5nej8ad7xkgf0wwd28yk185hwgwwvxrrbsasg1jnx4jmgearb1h6c1n0k4512qs0b7x9783kb32b0m5fr046a9a5p8ya8we86mdr34me34qjdjvcv47hx35m0qnd4r7zexzkncgc235n4k0j4rr41p91r8y6nsgt4&b=YKZh5gAOdkwGrRGbAAo-YfEBtxBar4xhGK8LDQ
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 20 May 2021 13:19:35 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
ad4m.at/ad/ Frame DB5F 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dr?ed=1kkekt6jwyskzhnk3vnh93x0jrwghw8pwzyzgr027sfrk5ysbv4ejz70hkvwnxmt1e2abwsda40g6gh01zhjf0y4g7gvjx7ndt2vvqmrgbwj2g5gtgj7xtfez70cw9d67mberq28wm9yhb4m2s1gcs4g7vq5r9n30h98ghjpp1z3awymkpddc3xzdx0e4j1jvkfhq5s6yvv6ss2wn7grgjsqvq2sn442bbxsx2hvvqxz0v75pv6b7frvhm8bk182z8h0rxq7y5f90103r42v6zbpt84yrj2bdq2416p3ha317nvktr8bx044xhp16txgarnhdekcbdq4cx99qtw3ykyp9ryk4ck3hm2zhkpjt8k9ny7wz214fr5hjx9va&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtlCA5mGmYMzsOZujtOUP4fyo0AuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQIDADSgYm-0PqgDAaoEvwFP0NS5UdPWu_mciUDJiYGtYRubJmAeNGzAYCOzluAICYQPvtVGosl6Pu4qASyBTluWW7GGExblpaCyw7u_fAHv3Zl2x0MqcwpUYxAUTE3k6onPHK7T3PMsvmZBA01peVzoSgc1pL5V9hFISi8MTK8ducxDc4jnwkMySp1H5FpiVENi_s1_zJYzFY-edUXuj5jwbiqu3Y24K7Rrm1GwahdnF20HT-N6qkn7L1-6NhF9LEchhQt1xbhb6RiaT02ja4AG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0j6_drOS4nyyVgFrlri9a2HwDsZg%26client%3Dca-pub-6379854420851476%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381805&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774232&bpp=4&bdt=111&idt=316&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&rume=1&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=1844063362&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8764&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=31060945%2C21066613%2C21066615&oid=3&pvsid=4495768851889684&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d3y0sc9dpyeu&btvi=1&fsb=1&dtd=335
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
453e59ad12be6d88a5dcd5708d6b648862bfdbe320e39a0d98e39eada798ece3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dr?ed=1kkekt6jwyskzhnk3vnh93x0jrwghw8pwzyzgr027sfrk5ysbv4ejz70hkvwnxmt1e2abwsda40g6gh01zhjf0y4g7gvjx7ndt2vvqmrgbwj2g5gtgj7xtfez70cw9d67mberq28wm9yhb4m2s1gcs4g7vq5r9n30h98ghjpp1z3awymkpddc3xzdx0e4j1jvkfhq5s6yvv6ss2wn7grgjsqvq2sn442bbxsx2hvvqxz0v75pv6b7frvhm8bk182z8h0rxq7y5f90103r42v6zbpt84yrj2bdq2416p3ha317nvktr8bx044xhp16txgarnhdekcbdq4cx99qtw3ykyp9ryk4ck3hm2zhkpjt8k9ny7wz214fr5hjx9va&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtlCA5mGmYMzsOZujtOUP4fyo0AuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQIDADSgYm-0PqgDAaoEvwFP0NS5UdPWu_mciUDJiYGtYRubJmAeNGzAYCOzluAICYQPvtVGosl6Pu4qASyBTluWW7GGExblpaCyw7u_fAHv3Zl2x0MqcwpUYxAUTE3k6onPHK7T3PMsvmZBA01peVzoSgc1pL5V9hFISi8MTK8ducxDc4jnwkMySp1H5FpiVENi_s1_zJYzFY-edUXuj5jwbiqu3Y24K7Rrm1GwahdnF20HT-N6qkn7L1-6NhF9LEchhQt1xbhb6RiaT02ja4AG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0j6_drOS4nyyVgFrlri9a2HwDsZg%26client%3Dca-pub-6379854420851476%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 20 May 2021 13:19:35 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7d3s
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a2b87888f00001f2d3a3d2000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6525db8748fa1f2d-FRA
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 464A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381805&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774232&bpp=4&bdt=111&idt=316&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&rume=1&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=1844063362&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8764&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=31060945%2C21066613%2C21066615&oid=3&pvsid=4495768851889684&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d3y0sc9dpyeu&btvi=1&fsb=1&dtd=335
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:17:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 13:17:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EC6D 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381805&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774232&bpp=4&bdt=111&idt=316&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&rume=1&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=1844063362&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8764&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=31060945%2C21066613%2C21066615&oid=3&pvsid=4495768851889684&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d3y0sc9dpyeu&btvi=1&fsb=1&dtd=335
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 20 May 2021 03:14:09 GMT
expires
Fri, 21 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
36326
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 464A 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381805&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774232&bpp=4&bdt=111&idt=316&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&rume=1&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=1844063362&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8764&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=31060945%2C21066613%2C21066615&oid=3&pvsid=4495768851889684&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d3y0sc9dpyeu&btvi=1&fsb=1&dtd=335
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621424119306032"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36804
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:35 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 464A 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381805&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774232&bpp=4&bdt=111&idt=316&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&rume=1&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=1844063362&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8764&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=31060945%2C21066613%2C21066615&oid=3&pvsid=4495768851889684&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d3y0sc9dpyeu&btvi=1&fsb=1&dtd=335
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
176
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 13:16:39 GMT
CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
pagead2.googlesyndication.com/bg/ Frame A25E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 09:49:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:08:00 GMT
server
sffe
age
12625
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
expires
Fri, 20 May 2022 09:49:10 GMT
CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
pagead2.googlesyndication.com/bg/ Frame F4D5 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 09:49:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:08:00 GMT
server
sffe
age
12625
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
expires
Fri, 20 May 2022 09:49:10 GMT
img3.jpg
s0.2mdn.net/10160029/1617042646663/images/ Frame 6238 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10160029/1617042646663/images/img3.jpg
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53627b9ea8d359ffb832eb8fa8428d34d1a69ec9c2460e8ac68ee6ecc5d4c1d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 09:32:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 29 Mar 2021 18:30:46 GMT
server
sffe
age
13638
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31499
x-xss-protection
0
expires
Fri, 21 May 2021 09:32:17 GMT
img3.jpg
s0.2mdn.net/10160029/1617042646663/images/ Frame 049B 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10160029/1617042646663/images/img3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53627b9ea8d359ffb832eb8fa8428d34d1a69ec9c2460e8ac68ee6ecc5d4c1d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 09:32:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 29 Mar 2021 18:30:46 GMT
server
sffe
age
13638
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31499
x-xss-protection
0
expires
Fri, 21 May 2021 09:32:17 GMT
img3.jpg
s0.2mdn.net/10160029/1617042646663/images/ Frame DE8D 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10160029/1617042646663/images/img3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53627b9ea8d359ffb832eb8fa8428d34d1a69ec9c2460e8ac68ee6ecc5d4c1d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 09:32:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 29 Mar 2021 18:30:46 GMT
server
sffe
age
13638
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31499
x-xss-protection
0
expires
Fri, 21 May 2021 09:32:17 GMT
truncated
/ Frame 00EE 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad69ed06c586efd0d3af3a02e6b5cbdd152e66b61cb526ebf5fd72a5d74430f2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
B10224936.280246103;dc_ver=72.208;sz=728x90;u_sd=1;dc_adk=3217452924;ord=tnrao5;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.correiodopovo.com.br%2F$0;x...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 5BD7 		34 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280246103;dc_ver=72.208;sz=728x90;u_sd=1;dc_adk=3217452924;ord=tnrao5;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.correiodopovo.com.br%2F$0;xdt=1;crlt=lFzj1)kzM8;osda=2;sttr=161;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v72.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
aab89b8e0efe5e5a4bcde4192da0ca6227bdb55cd32de482f526bfda1e25ca6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17041
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 5085 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer
https://ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:35 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
568
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
cf-request-id
0a2b87892800004a85a333f000000001
last-modified
Thu, 08 May 2014 12:48:39 GMT
server
cloudflare
etag
"536b7d27-cbe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ABhgCT%2Bsf%2Fw6pYhe2IRF2Itlam2zG%2Bb8H2We2%2B2mWjzQwTPxGVwVMsTTNu%2BadIbl9qw8LEcJR1Hypyea43nTaS8Ja28uxiElNMqNe%2FebFR4JLeVHK%2FhYQr77GbrHW63hQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
6525db884a394a85-FRA
adview
googleads.g.doubleclick.net/pagead/ Frame 2F55 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C4hVj52GmYKy2BLfVtOUP1cCh2AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvAFP0LxC7iD1UnLZ4o2Y7WHbVbcmHJkSNwSKtsl3qunN5WjctHCAUSlFU1XPLH4aKhn_dmT5Jb3ELrGW6JZZh1NOzML4VrNRWzQ6K7j-tqU0Hs31yboy-HRvDx_fJUGC68UJPnt6memJT8suiLelG-sZmQwMXwmLSvxtn2NafzBEXAuviLO4OBYVY8eOLQs7FXkOIKwf1AyyygpfwjE93FG667D2eMgQSOYR0TLuVkYwZEK4xM5QvFNyjjoeFYAG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTYzNzk4NTQ0MjA4NTE0NzY&sigh=gzMp6PFbW2A
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382086&pi=t.ma~as.9839216272&w=336&fwrn=3&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774225&bpp=5&bdt=110&idt=396&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=592089535&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=9272&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=182982000%2C31060840&oid=3&pvsid=2977816920370423&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.us4h5ogp8qus&btvi=1&fsb=1&dtd=413
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 20 May 2021 13:19:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 2F55 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hgz4f2psths01xfcr5xjkf06mbnvan1bc926ga48bvcnfr844f3hxrk8ejer7bts2k1939same99hmj5692x2y40a22shsm5yf7zs97x1w8bmyk5ehztbjm5sjzx80dcp7edyeynaadveanvt54rt5p86w7fehyt9b78hepv1xaf1fq61bmy0yfk8m17rygxqj6kvba5p5ekxcd9wbgd691taa703w1m62avqfvbepgsexfe95h56jvcwxeejr4a7gkqgdq5gp44g4nxef4t31gtnhhdtq4f7cjy3yeam3mtzhw781b4g24f573mn52tv7p9y3cckaq1a0c5eh5073pt9bz8fqf6t72sqcg6zd8z42hfqahd269ns8hv5zpt584a8ym&b=YKZh5wABGywGrSq3AAhgVV3F95z4qE6NwtSkEw
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 20 May 2021 13:19:35 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
ad4m.at/ad/ Frame 4045 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dr?ed=1gjkg324g3pre3zxrbqr58ph0gpa1jbzycn17v243fv7k28xzsbzerba7q7bdwxn1xq8t5k0e96jzbt5d0wjr0d7h1jk9b79qe1yj81v1ga7tej3wwa0x1pvr0qqsr33mvr9s1nz0fvs87exykgp8405gcxcxs0m26xf2j2dpkf0b0zye8xt065f80cfz9bc6y1k8qh3jb5dgzr8edqpczvgvqf5bzhxrg8j02g7z9dazr6jgdsj6hsh0m201d7yw1zebt33y6g5hqk38vfvawfbsbyrjsrm753rm13ytsevv325tk6fpbyajbsh2n1shbkm8x68sg8c090yem5dcyfe8ydxemcnk7tgn72k6aaty3e51mqpw08png8hy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXSaN52GmYKy2BLfVtOUP1cCh2AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvwFP0LxC7iD1UnLZ4o2Y7WHbVbcmHJkSNwSKtsl3qunN5WjctHCAUSlFU1XPLH4aKhn_dmT5Jb3ELrGW6JZZh1NOzML4VrNRWzQ6K7j-tqU0Hs31yboy-HRvDx_fJUGC68UJPnt6memJT8suiLelG-sZmQwMXwmLSvxtn2NafzBEXAuviLO4OBYVY8eOLQs7FXkOIKwf1AyyygpfwjE93FG667D2eMgQSOYR0XDsW9TnscX4DEkYKok7HMgnAaP5HoAG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2NxUavZpPNivuXHwF1vAXOczsnVg%26client%3Dca-pub-6379854420851476%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382086&pi=t.ma~as.9839216272&w=336&fwrn=3&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774225&bpp=5&bdt=110&idt=396&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=592089535&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=9272&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=182982000%2C31060840&oid=3&pvsid=2977816920370423&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.us4h5ogp8qus&btvi=1&fsb=1&dtd=413
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36da8563759421f01893e6cc33cdac7a756681d5f8ece58947f6e431a3e10c2a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dr?ed=1gjkg324g3pre3zxrbqr58ph0gpa1jbzycn17v243fv7k28xzsbzerba7q7bdwxn1xq8t5k0e96jzbt5d0wjr0d7h1jk9b79qe1yj81v1ga7tej3wwa0x1pvr0qqsr33mvr9s1nz0fvs87exykgp8405gcxcxs0m26xf2j2dpkf0b0zye8xt065f80cfz9bc6y1k8qh3jb5dgzr8edqpczvgvqf5bzhxrg8j02g7z9dazr6jgdsj6hsh0m201d7yw1zebt33y6g5hqk38vfvawfbsbyrjsrm753rm13ytsevv325tk6fpbyajbsh2n1shbkm8x68sg8c090yem5dcyfe8ydxemcnk7tgn72k6aaty3e51mqpw08png8hy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXSaN52GmYKy2BLfVtOUP1cCh2AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvwFP0LxC7iD1UnLZ4o2Y7WHbVbcmHJkSNwSKtsl3qunN5WjctHCAUSlFU1XPLH4aKhn_dmT5Jb3ELrGW6JZZh1NOzML4VrNRWzQ6K7j-tqU0Hs31yboy-HRvDx_fJUGC68UJPnt6memJT8suiLelG-sZmQwMXwmLSvxtn2NafzBEXAuviLO4OBYVY8eOLQs7FXkOIKwf1AyyygpfwjE93FG667D2eMgQSOYR0XDsW9TnscX4DEkYKok7HMgnAaP5HoAG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2NxUavZpPNivuXHwF1vAXOczsnVg%26client%3Dca-pub-6379854420851476%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 20 May 2021 13:19:35 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7d3s
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a2b87892600001f2d6aa93000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6525db883ac11f2d-FRA
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 2F55 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382086&pi=t.ma~as.9839216272&w=336&fwrn=3&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774225&bpp=5&bdt=110&idt=396&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=592089535&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=9272&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=182982000%2C31060840&oid=3&pvsid=2977816920370423&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.us4h5ogp8qus&btvi=1&fsb=1&dtd=413
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:17:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 13:17:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CD04 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382086&pi=t.ma~as.9839216272&w=336&fwrn=3&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774225&bpp=5&bdt=110&idt=396&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=592089535&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=9272&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=182982000%2C31060840&oid=3&pvsid=2977816920370423&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.us4h5ogp8qus&btvi=1&fsb=1&dtd=413
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 20 May 2021 03:14:09 GMT
expires
Fri, 21 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
36326
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2F55 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382086&pi=t.ma~as.9839216272&w=336&fwrn=3&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774225&bpp=5&bdt=110&idt=396&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=592089535&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=9272&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=182982000%2C31060840&oid=3&pvsid=2977816920370423&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.us4h5ogp8qus&btvi=1&fsb=1&dtd=413
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621424119306032"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36804
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:35 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 2F55 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382086&pi=t.ma~as.9839216272&w=336&fwrn=3&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774225&bpp=5&bdt=110&idt=396&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=592089535&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=9272&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=182982000%2C31060840&oid=3&pvsid=2977816920370423&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.us4h5ogp8qus&btvi=1&fsb=1&dtd=413
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
176
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 13:16:39 GMT
l
www.google.com/ads/measurement/ Frame 2F55 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS0ilTcFLBH0SX69DxgHR26jFatYk51tbHKf8nsSKYYMNPaHjPYDLZ1RimYA9uFqS9KCZJRdE4yIhIehFR-fw2DqKTwhQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382086&pi=t.ma~as.9839216272&w=336&fwrn=3&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774225&bpp=5&bdt=110&idt=396&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=592089535&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=9272&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=182982000%2C31060840&oid=3&pvsid=2977816920370423&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.us4h5ogp8qus&btvi=1&fsb=1&dtd=413
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
l.png
s0.2mdn.net/10160029/1617042646663/images/ Frame 6238 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10160029/1617042646663/images/l.png
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f7939210f06844514bd8c80a75b4aacd44e03b5acc7a21755e172ce202900b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 10:13:18 GMT
x-content-type-options
nosniff
last-modified
Mon, 29 Mar 2021 18:30:46 GMT
server
sffe
age
11177
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6957
x-xss-protection
0
expires
Fri, 21 May 2021 10:13:18 GMT
l.png
s0.2mdn.net/10160029/1617042646663/images/ Frame 049B 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10160029/1617042646663/images/l.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f7939210f06844514bd8c80a75b4aacd44e03b5acc7a21755e172ce202900b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 10:13:18 GMT
x-content-type-options
nosniff
last-modified
Mon, 29 Mar 2021 18:30:46 GMT
server
sffe
age
11177
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6957
x-xss-protection
0
expires
Fri, 21 May 2021 10:13:18 GMT
l.png
s0.2mdn.net/10160029/1617042646663/images/ Frame DE8D 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10160029/1617042646663/images/l.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f7939210f06844514bd8c80a75b4aacd44e03b5acc7a21755e172ce202900b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 10:13:18 GMT
x-content-type-options
nosniff
last-modified
Mon, 29 Mar 2021 18:30:46 GMT
server
sffe
age
11177
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6957
x-xss-protection
0
expires
Fri, 21 May 2021 10:13:18 GMT
truncated
/ Frame 464A 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ef5914689244850e59f589b28887dad839aacaae60a5cbc63f117086b1e303d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame 0D12 		58 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1kk4fc0zpvw490v1stypcqcs28czy5fj0tytwqk016ps1bt9xj2wye12qxasf4g9bzba6ps6twh95fb91nyckpcppfjwx7dksj30tj3qe8mt64rrhnd0rpxga4n8v26rzffszrzjxbb669ne7kk28f3fr8p48vtawczwh6g5x6mvt8agv5sxn0c66kecgwmn5scjtbhbfmy28qq5ka556zn0vvzwecq3gb54m4v6tjd7ywxp4c6kweqrn8w2whbvgsspnhz6dfa3gtpp4jnea6kaccjnsq2nd9nq2gvvgdajd7b1nbrexj6kjp9vnd6ed2rk5we1j9ewferqja7sxdr5ftd3z03tz2xg6e62jd6ngx22kw5kxrmy74qg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4chQ5mGmYL-HNs2EtOUPvIOfiAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvgFP0IAVUpdSStN0u57dok3z_DpcWcHmcVeNy4PXj4PfwcEAXP4RLPZjFZEo4QlVhXvitHPHCG7I4j620Ycubv5d95pYqtjWdq0prQ_9bQNcPZ-BID01CoXCd9_xaTlCgLVJM17SnF_Ctm8kO3wyQB--xaoZL0EjszZySso1QGMhh3xhNjRuWipxUgp8PxvutC7OrPU_IK4Soqy_FgE-jdD0YioMRAq3R7I1HaZ0NfSWZINuoYzel3LzHCIiQBjggAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Zv8ZUxyDHVORaI7AdRE4DVgwFtg%26client%3Dca-pub-6379854420851476%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer
https://ad4m.at/ad/dr?ed=1kk4fc0zpvw490v1stypcqcs28czy5fj0tytwqk016ps1bt9xj2wye12qxasf4g9bzba6ps6twh95fb91nyckpcppfjwx7dksj30tj3qe8mt64rrhnd0rpxga4n8v26rzffszrzjxbb669ne7kk28f3fr8p48vtawczwh6g5x6mvt8agv5sxn0c66kecgwmn5scjtbhbfmy28qq5ka556zn0vvzwecq3gb54m4v6tjd7ywxp4c6kweqrn8w2whbvgsspnhz6dfa3gtpp4jnea6kaccjnsq2nd9nq2gvvgdajd7b1nbrexj6kjp9vnd6ed2rk5we1j9ewferqja7sxdr5ftd3z03tz2xg6e62jd6ngx22kw5kxrmy74qg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4chQ5mGmYL-HNs2EtOUPvIOfiAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvgFP0IAVUpdSStN0u57dok3z_DpcWcHmcVeNy4PXj4PfwcEAXP4RLPZjFZEo4QlVhXvitHPHCG7I4j620Ycubv5d95pYqtjWdq0prQ_9bQNcPZ-BID01CoXCd9_xaTlCgLVJM17SnF_Ctm8kO3wyQB--xaoZL0EjszZySso1QGMhh3xhNjRuWipxUgp8PxvutC7OrPU_IK4Soqy_FgE-jdD0YioMRAq3R7I1HaZ0NfSWZINuoYzel3LzHCIiQBjggAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Zv8ZUxyDHVORaI7AdRE4DVgwFtg%26client%3Dca-pub-6379854420851476%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=XxVHlg==, md5=RCdMWH7YOCWDIhuwI9UcWg==
date
Thu, 20 May 2021 13:19:35 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5070028
cf-polished
origSize=59196
x-guploader-uploadid
ABg5-Uy4aivieyuBWrRiQC4_Ppn1uUsCErWp3PCNabOAR1DHIeajjF0MmTZg9JuSRGfocIdDxNZdYx3-JXnC-nTF81uHDLT_kw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
58969
cf-request-id
0a2b87896300001f2d0ea92000000001
last-modified
Tue, 16 Mar 2021 10:53:32 GMT
server
cloudflare
etag
"44274c587ed8382583221bb023d51c5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lSwwSNVa%2FKashLQobPKbdAF1yP0p6AxhTSvPords0jUq668UkmQPaJ0azduVWQTluccZg6tYc4%2Bfoy%2FtjmTp%2BysKbyFaySWES7uUs15M9BcIe%2BYi"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1615892011975494
content-type
text/css
expires
Tue, 22 Mar 2022 20:59:07 GMT
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
6688
accept-ranges
bytes
cf-ray
6525db889b7e1f2d-FRA
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame 0D12 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1kk4fc0zpvw490v1stypcqcs28czy5fj0tytwqk016ps1bt9xj2wye12qxasf4g9bzba6ps6twh95fb91nyckpcppfjwx7dksj30tj3qe8mt64rrhnd0rpxga4n8v26rzffszrzjxbb669ne7kk28f3fr8p48vtawczwh6g5x6mvt8agv5sxn0c66kecgwmn5scjtbhbfmy28qq5ka556zn0vvzwecq3gb54m4v6tjd7ywxp4c6kweqrn8w2whbvgsspnhz6dfa3gtpp4jnea6kaccjnsq2nd9nq2gvvgdajd7b1nbrexj6kjp9vnd6ed2rk5we1j9ewferqja7sxdr5ftd3z03tz2xg6e62jd6ngx22kw5kxrmy74qg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4chQ5mGmYL-HNs2EtOUPvIOfiAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvgFP0IAVUpdSStN0u57dok3z_DpcWcHmcVeNy4PXj4PfwcEAXP4RLPZjFZEo4QlVhXvitHPHCG7I4j620Ycubv5d95pYqtjWdq0prQ_9bQNcPZ-BID01CoXCd9_xaTlCgLVJM17SnF_Ctm8kO3wyQB--xaoZL0EjszZySso1QGMhh3xhNjRuWipxUgp8PxvutC7OrPU_IK4Soqy_FgE-jdD0YioMRAq3R7I1HaZ0NfSWZINuoYzel3LzHCIiQBjggAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Zv8ZUxyDHVORaI7AdRE4DVgwFtg%26client%3Dca-pub-6379854420851476%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c01c98dc32c9889b4120afd376d61fe7a172b6cb323b48011b71572a4d97ff8a

Request headers

Referer
https://ad4m.at/ad/dr?ed=1kk4fc0zpvw490v1stypcqcs28czy5fj0tytwqk016ps1bt9xj2wye12qxasf4g9bzba6ps6twh95fb91nyckpcppfjwx7dksj30tj3qe8mt64rrhnd0rpxga4n8v26rzffszrzjxbb669ne7kk28f3fr8p48vtawczwh6g5x6mvt8agv5sxn0c66kecgwmn5scjtbhbfmy28qq5ka556zn0vvzwecq3gb54m4v6tjd7ywxp4c6kweqrn8w2whbvgsspnhz6dfa3gtpp4jnea6kaccjnsq2nd9nq2gvvgdajd7b1nbrexj6kjp9vnd6ed2rk5we1j9ewferqja7sxdr5ftd3z03tz2xg6e62jd6ngx22kw5kxrmy74qg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4chQ5mGmYL-HNs2EtOUPvIOfiAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvgFP0IAVUpdSStN0u57dok3z_DpcWcHmcVeNy4PXj4PfwcEAXP4RLPZjFZEo4QlVhXvitHPHCG7I4j620Ycubv5d95pYqtjWdq0prQ_9bQNcPZ-BID01CoXCd9_xaTlCgLVJM17SnF_Ctm8kO3wyQB--xaoZL0EjszZySso1QGMhh3xhNjRuWipxUgp8PxvutC7OrPU_IK4Soqy_FgE-jdD0YioMRAq3R7I1HaZ0NfSWZINuoYzel3LzHCIiQBjggAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Zv8ZUxyDHVORaI7AdRE4DVgwFtg%26client%3Dca-pub-6379854420851476%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=VHPQMw==, md5=O4FGM/ivTqRkLkRDXbVbMw==
date
Thu, 20 May 2021 13:19:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
71643
x-guploader-uploadid
ABg5-UyHG-hOHMrblKFIYL7z0-xw-9pArwKph-VJrtcWULownBnqKUo-1GLHEGsXvwH8Zp6QorI5FIk9wmVPTpub1M4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a2b87896400001f2d4884c000000001
last-modified
Thu, 06 May 2021 17:25:03 GMT
server
cloudflare
etag
W/"3b814633f8af4ea4642e44435db55b33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8lTlJQ%2BZXEoFNvbtStLQkDd0tNpfdy5afador86EHHxECxRR5afNJpJBbMVEYiR8ShVrGaWeZ30Ozj7AMiJF2bYMA5owNbl8VkjzugJ3VmJHLG6r"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620321903630655
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
12034
cf-ray
6525db889b831f2d-FRA
expires
Wed, 19 May 2021 17:25:32 GMT
frame.html
ad4m.at/ Frame 6EEA 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad4m.at/ad/dr?ed=1j66kbq3sp1qqr27hdwvtpr49qr3dyzfd561qgws14458w38xbp73snzp21qbcj1a8752zf4qpfjmbntdtshgxpt534sakvk2tdf4tyk8rj8m869mpwbw33q0chs35ranwt7f7m249hggewp80rvw92fqbcxvbjy1b42z13vas0az2dew3bf99jssrqjhv4t5mgna9dz2wa514tzbrn3xgyfxavevyhv3kggyfqqaemz0gndnw5db29pw757c0n9sr4xrjr2v1pdp803keqg5s9cp1mk31ykma16baygk39cdrvqma1r3zd8bemht0h97cs4z5cjqd9303q4aggvnfb3wx4q7p7wtstjw23cktyxhscxnbrr102c7tz9c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxNj65mGmYPPCC4iGtOUPv-uywA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQJjF3Zm5HK0PqgDAaoEvwFP0P4y2WixZpLycRONCiuaOVO9ZF6bUHSKKmYoNuZ82jfl6eL4sJ4QHD8XxVpQlgRJLuES7FaK-GrDvV2QbOcChtrVOaAeYyN7yb9xMZt4TadiCtE5lyo0o6O9RS8vMRcafqtryLVRq_maO8aXIqRsqzoJ7RzE2Ja5lRdVW_LM5eLb-ppNbBm-qPRrBkHxO-LItan26dMmNEGjyFsY6vmAuMJ_Hh1CDP5b94vF61DgAKtOBRrvhcCrV4IgH8GxTYAG_pSpkqePyfj-AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2zktj6AU9cqelDL4Q4MQ5TtAqLbg%26client%3Dca-pub-6379854420851476%26adurl%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad4m.at/ad/dr?ed=1j66kbq3sp1qqr27hdwvtpr49qr3dyzfd561qgws14458w38xbp73snzp21qbcj1a8752zf4qpfjmbntdtshgxpt534sakvk2tdf4tyk8rj8m869mpwbw33q0chs35ranwt7f7m249hggewp80rvw92fqbcxvbjy1b42z13vas0az2dew3bf99jssrqjhv4t5mgna9dz2wa514tzbrn3xgyfxavevyhv3kggyfqqaemz0gndnw5db29pw757c0n9sr4xrjr2v1pdp803keqg5s9cp1mk31ykma16baygk39cdrvqma1r3zd8bemht0h97cs4z5cjqd9303q4aggvnfb3wx4q7p7wtstjw23cktyxhscxnbrr102c7tz9c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxNj65mGmYPPCC4iGtOUPv-uywA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQJjF3Zm5HK0PqgDAaoEvwFP0P4y2WixZpLycRONCiuaOVO9ZF6bUHSKKmYoNuZ82jfl6eL4sJ4QHD8XxVpQlgRJLuES7FaK-GrDvV2QbOcChtrVOaAeYyN7yb9xMZt4TadiCtE5lyo0o6O9RS8vMRcafqtryLVRq_maO8aXIqRsqzoJ7RzE2Ja5lRdVW_LM5eLb-ppNbBm-qPRrBkHxO-LItan26dMmNEGjyFsY6vmAuMJ_Hh1CDP5b94vF61DgAKtOBRrvhcCrV4IgH8GxTYAG_pSpkqePyfj-AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2zktj6AU9cqelDL4Q4MQ5TtAqLbg%26client%3Dca-pub-6379854420851476%26adurl%3D

Response headers

date
Thu, 20 May 2021 13:19:35 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Thu, 20 May 2021 14:19:35 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2391820
cache-control
public, max-age=3600
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
cf-request-id
0a2b87896600001f2d3a3e1000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=o2PbA8SKIYApje9pyuzlQBK0DHCpaujoneSsjLz5S1bcl52txiwTpERkC%2FnB62ujSqOQHYgFKRl1xPYWBzEgZ09ImeDQd559x%2BTgJq6FHFVo2SQq"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6525db88ab8d1f2d-FRA
content-encoding
br
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:35 GMT
content-encoding
gzip
last-modified
Mon, 17 May 2021 11:49:37 GMT
server
nginx
etag
W/"60a25851-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 21 May 2021 13:19:35 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 45F3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKQXFudG_gZUvCz8TOxXvyY&google_cver=1&google_push=AQvitUIUW9x8BoZSSiwKZBdsVAvrmPKdcEPhYexn6h-oC_9AiEN31NwuF49YYTvuvyFpmdb92p5s3zzmrcx7dLKxVFF-9-2WMgrA
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg0NjA3MTQ4MjM4MzIwNzEzMg==
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEC98SfqK5VV4e07LxgCq3i0&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEC98SfqK5VV4e07LxgCq3i0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773990&bpp=5&bdt=301&idt=305&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=668725599&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=8222&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=969987549450629&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8kpldhbyp60g&btvi=1&fsb=1&dtd=323
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:36 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEC98SfqK5VV4e07LxgCq3i0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 45F3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJSIa-XrBEJ0DEn7mHylepk&google_cver=1&google_push=AQvitUJapWBGAr1anYeZUAuziKVM0M75eRWBsHaVkined8DWXXsAt3qF7dQNZrY4kgiNc8hX69ICMQrmgRfhpDz-...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=HglgpmHnQgCjxyyGkLMlSQ&google_push=AQvitUJapWBGAr1anYeZUAuziKVM0M75eRWBsHaVkined8DWXXsAt3qF7dQNZrY4kgiNc8hX69ICMQrmgRfhpDz-5YlBTd34...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=HglgpmHnQgCjxyyGkLMlSQ&google_push=AQvitUJapWBGAr1anYeZUAuziKVM0M75eRWBsHaVkined8DWXXsAt3qF7dQNZrY4kgiNc8hX69ICMQrmgRfhpDz-5YlBTd341Ew8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773990&bpp=5&bdt=301&idt=305&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=668725599&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=8222&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=969987549450629&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8kpldhbyp60g&btvi=1&fsb=1&dtd=323
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 20 May 2021 13:19:35 GMT
Server
MT3 3736 915c305 master zrh-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=HglgpmHnQgCjxyyGkLMlSQ&google_push=AQvitUJapWBGAr1anYeZUAuziKVM0M75eRWBsHaVkined8DWXXsAt3qF7dQNZrY4kgiNc8hX69ICMQrmgRfhpDz-5YlBTd341Ew8
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 20 May 2021 13:19:34 GMT
i.match
a.tribalfusion.com/ Frame 45F3 		43 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEBy-YFrnfhlsrT1OZPHwvAw&google_cver=1&google_push=AQvitUJGAs-MDbfcN63IZY_G254WECvUML_mQZwKzmPhQO8wU16PSvNI5hMGwVYS8OEQfSU-VwfJZ3_LDb2OhJGVe4QxjiCzRWs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitUJGAs-MDbfcN63IZY_G254WECvUML_mQZwKzmPhQO8wU16PSvNI5hMGwVYS8OEQfSU-VwfJZ3_LDb2OhJGVe4QxjiCzRWs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773990&bpp=5&bdt=301&idt=305&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=668725599&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=8222&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=969987549450629&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8kpldhbyp60g&btvi=1&fsb=1&dtd=323
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:36 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6525db8939a9c2f4-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
0a2b8789c20000c2f4f00f5000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 45F3
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJOHfATGqmIQsdC8iMIzSQE&google_cver=1&google_push=AQvitUIIKuKJzFmfiqKUJXlKIStDbA4TiKXdl7Nb1Pxlyayv5lPSRkdRhyZmvI6beVW-mgIldV1qWtlgDlJsEj8_DQZgZPfSg9M9
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=420356B4CE5F4A4EB08DC5EBFC3F19D8&google_push=AQvitUIIKuKJzFmfiqKUJXlKIStDbA4TiKXdl7Nb1Pxlyayv5lPSRkdRhyZmvI6beVW-mgIldV1qWtlgDlJsEj8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=420356B4CE5F4A4EB08DC5EBFC3F19D8&google_push=AQvitUIIKuKJzFmfiqKUJXlKIStDbA4TiKXdl7Nb1Pxlyayv5lPSRkdRhyZmvI6beVW-mgIldV1qWtlgDlJsEj8_DQZgZPfSg9M9
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773990&bpp=5&bdt=301&idt=305&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=668725599&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=8222&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=969987549450629&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8kpldhbyp60g&btvi=1&fsb=1&dtd=323
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 20 May 2021 13:19:35 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=420356B4CE5F4A4EB08DC5EBFC3F19D8&google_push=AQvitUIIKuKJzFmfiqKUJXlKIStDbA4TiKXdl7Nb1Pxlyayv5lPSRkdRhyZmvI6beVW-mgIldV1qWtlgDlJsEj8_DQZgZPfSg9M9
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Wed, 19 May 2021 13:19:35 GMT
pixel
cm.g.doubleclick.net/ Frame 45F3
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIh_GzXHgI_LifuJUGW_lKY&google_cver=1&google_push=AQvitULDvqwxepPOqLGrxiltSy8jg_ApwTHl_8CWEsCQNAxhLLlUJagSGE6kJd4CM-EME7Vh6WApNiUsk-yBQrOu...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitULDvqwxepPOqLGrxiltSy8jg_ApwTHl_8CWEsCQNAxhLLlUJagSGE6kJd4CM-EME7Vh6WApNiUsk-yBQrOu7P1Wxy4CP5gv
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitULDvqwxepPOqLGrxiltSy8jg_ApwTHl_8CWEsCQNAxhLLlUJagSGE6kJd4CM-EME7Vh6WApNiUsk-yBQrOu7P1Wxy4CP5gv
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773990&bpp=5&bdt=301&idt=305&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=668725599&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=8222&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=969987549450629&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8kpldhbyp60g&btvi=1&fsb=1&dtd=323
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 20 May 2021 13:19:36 GMT
via
1.1 ef16cf332760e013a5fd2d10ab2b11ec.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
CDG52-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitULDvqwxepPOqLGrxiltSy8jg_ApwTHl_8CWEsCQNAxhLLlUJagSGE6kJd4CM-EME7Vh6WApNiUsk-yBQrOu7P1Wxy4CP5gv
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
eCKFPpKHG1bD4n7tWNu9-iWUKlPUEIINZhbTD3NE4qh-f05TeFIQ_g==
pixel
cm.g.doubleclick.net/ Frame 45F3
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEAQe5r8psGXQsLxO62XzKFc&google_cver=1&google_push=AQvitUJEhf-miuxWaIe4h_p2uqU3U103gw11vf-2FdReMd3IJ4xeJd5Om38ndQp9zT...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AQvitUJEhf-miuxWaIe4h_p2uqU3U103gw11vf-2FdReMd3IJ4xeJd5Om38ndQp9zTgvfyTLFbE7bY-urHSIcfdcJziJEAitkbWBnA&google_hm=t...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AQvitUJEhf-miuxWaIe4h_p2uqU3U103gw11vf-2FdReMd3IJ4xeJd5Om38ndQp9zTgvfyTLFbE7bY-urHSIcfdcJziJEAitkbWBnA&google_hm=tSO2-3GLT8q1yakxd3M1Q8Q
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:36 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AQvitUJEhf-miuxWaIe4h_p2uqU3U103gw11vf-2FdReMd3IJ4xeJd5Om38ndQp9zTgvfyTLFbE7bY-urHSIcfdcJziJEAitkbWBnA&google_hm=tSO2-3GLT8q1yakxd3M1Q8Q
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame 45F3 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEGw87-BMEIWxwWzAOzLgXss&google_cver=1&google_push=AQvitUL_Lp33ce3WVzpjSRJOOa-llcW-G8GwyuFXwkJTV9sbT-fPkAvgSQIAcpeA-h4VwTYG_T_NnwAN0p8wIgdBtwIFoRJuChNDeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773990&bpp=5&bdt=301&idt=305&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=668725599&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=8222&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=969987549450629&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8kpldhbyp60g&btvi=1&fsb=1&dtd=323
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 21 May 2021 13:19:35 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 45F3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LvTm1zsHlIZLAEhr9ArakdU83meJCFiajf0MvCHcJAJx_7neM5ZyOmJqgjMjKUJvjY-2lsMuY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516773990&bpp=5&bdt=301&idt=305&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516774&ga_hid=668725599&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=8222&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=969987549450629&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8kpldhbyp60g&btvi=1&fsb=1&dtd=323
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:35 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 2F55 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b69d755c3e25a2f7a066c1b113f9b5fb1cb1ddca1c36dcdd710af9325e0b2e62

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame DB5F 		58 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1kkekt6jwyskzhnk3vnh93x0jrwghw8pwzyzgr027sfrk5ysbv4ejz70hkvwnxmt1e2abwsda40g6gh01zhjf0y4g7gvjx7ndt2vvqmrgbwj2g5gtgj7xtfez70cw9d67mberq28wm9yhb4m2s1gcs4g7vq5r9n30h98ghjpp1z3awymkpddc3xzdx0e4j1jvkfhq5s6yvv6ss2wn7grgjsqvq2sn442bbxsx2hvvqxz0v75pv6b7frvhm8bk182z8h0rxq7y5f90103r42v6zbpt84yrj2bdq2416p3ha317nvktr8bx044xhp16txgarnhdekcbdq4cx99qtw3ykyp9ryk4ck3hm2zhkpjt8k9ny7wz214fr5hjx9va&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtlCA5mGmYMzsOZujtOUP4fyo0AuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQIDADSgYm-0PqgDAaoEvwFP0NS5UdPWu_mciUDJiYGtYRubJmAeNGzAYCOzluAICYQPvtVGosl6Pu4qASyBTluWW7GGExblpaCyw7u_fAHv3Zl2x0MqcwpUYxAUTE3k6onPHK7T3PMsvmZBA01peVzoSgc1pL5V9hFISi8MTK8ducxDc4jnwkMySp1H5FpiVENi_s1_zJYzFY-edUXuj5jwbiqu3Y24K7Rrm1GwahdnF20HT-N6qkn7L1-6NhF9LEchhQt1xbhb6RiaT02ja4AG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0j6_drOS4nyyVgFrlri9a2HwDsZg%26client%3Dca-pub-6379854420851476%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer
https://ad4m.at/ad/dr?ed=1kkekt6jwyskzhnk3vnh93x0jrwghw8pwzyzgr027sfrk5ysbv4ejz70hkvwnxmt1e2abwsda40g6gh01zhjf0y4g7gvjx7ndt2vvqmrgbwj2g5gtgj7xtfez70cw9d67mberq28wm9yhb4m2s1gcs4g7vq5r9n30h98ghjpp1z3awymkpddc3xzdx0e4j1jvkfhq5s6yvv6ss2wn7grgjsqvq2sn442bbxsx2hvvqxz0v75pv6b7frvhm8bk182z8h0rxq7y5f90103r42v6zbpt84yrj2bdq2416p3ha317nvktr8bx044xhp16txgarnhdekcbdq4cx99qtw3ykyp9ryk4ck3hm2zhkpjt8k9ny7wz214fr5hjx9va&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtlCA5mGmYMzsOZujtOUP4fyo0AuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQIDADSgYm-0PqgDAaoEvwFP0NS5UdPWu_mciUDJiYGtYRubJmAeNGzAYCOzluAICYQPvtVGosl6Pu4qASyBTluWW7GGExblpaCyw7u_fAHv3Zl2x0MqcwpUYxAUTE3k6onPHK7T3PMsvmZBA01peVzoSgc1pL5V9hFISi8MTK8ducxDc4jnwkMySp1H5FpiVENi_s1_zJYzFY-edUXuj5jwbiqu3Y24K7Rrm1GwahdnF20HT-N6qkn7L1-6NhF9LEchhQt1xbhb6RiaT02ja4AG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0j6_drOS4nyyVgFrlri9a2HwDsZg%26client%3Dca-pub-6379854420851476%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=XxVHlg==, md5=RCdMWH7YOCWDIhuwI9UcWg==
date
Thu, 20 May 2021 13:19:35 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5070028
cf-polished
origSize=59196
x-guploader-uploadid
ABg5-Uy4aivieyuBWrRiQC4_Ppn1uUsCErWp3PCNabOAR1DHIeajjF0MmTZg9JuSRGfocIdDxNZdYx3-JXnC-nTF81uHDLT_kw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
58969
cf-request-id
0a2b8789dc00001f2d41a7b000000001
last-modified
Tue, 16 Mar 2021 10:53:32 GMT
server
cloudflare
etag
"44274c587ed8382583221bb023d51c5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iyEwGdJgRhqircyTZimMm5B4LzDbKvaM2JfhyHTb5JV8j12gwHmX8dEPhDMkxAU9v4QTIt2JxjrfsRl7sNElIyjOpO1G%2BGhiTdhkmKIE9OxWh%2BZD"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1615892011975494
content-type
text/css
expires
Tue, 22 Mar 2022 20:59:07 GMT
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
6688
accept-ranges
bytes
cf-ray
6525db895ce21f2d-FRA
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame DB5F 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1kkekt6jwyskzhnk3vnh93x0jrwghw8pwzyzgr027sfrk5ysbv4ejz70hkvwnxmt1e2abwsda40g6gh01zhjf0y4g7gvjx7ndt2vvqmrgbwj2g5gtgj7xtfez70cw9d67mberq28wm9yhb4m2s1gcs4g7vq5r9n30h98ghjpp1z3awymkpddc3xzdx0e4j1jvkfhq5s6yvv6ss2wn7grgjsqvq2sn442bbxsx2hvvqxz0v75pv6b7frvhm8bk182z8h0rxq7y5f90103r42v6zbpt84yrj2bdq2416p3ha317nvktr8bx044xhp16txgarnhdekcbdq4cx99qtw3ykyp9ryk4ck3hm2zhkpjt8k9ny7wz214fr5hjx9va&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtlCA5mGmYMzsOZujtOUP4fyo0AuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQIDADSgYm-0PqgDAaoEvwFP0NS5UdPWu_mciUDJiYGtYRubJmAeNGzAYCOzluAICYQPvtVGosl6Pu4qASyBTluWW7GGExblpaCyw7u_fAHv3Zl2x0MqcwpUYxAUTE3k6onPHK7T3PMsvmZBA01peVzoSgc1pL5V9hFISi8MTK8ducxDc4jnwkMySp1H5FpiVENi_s1_zJYzFY-edUXuj5jwbiqu3Y24K7Rrm1GwahdnF20HT-N6qkn7L1-6NhF9LEchhQt1xbhb6RiaT02ja4AG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0j6_drOS4nyyVgFrlri9a2HwDsZg%26client%3Dca-pub-6379854420851476%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c01c98dc32c9889b4120afd376d61fe7a172b6cb323b48011b71572a4d97ff8a

Request headers

Referer
https://ad4m.at/ad/dr?ed=1kkekt6jwyskzhnk3vnh93x0jrwghw8pwzyzgr027sfrk5ysbv4ejz70hkvwnxmt1e2abwsda40g6gh01zhjf0y4g7gvjx7ndt2vvqmrgbwj2g5gtgj7xtfez70cw9d67mberq28wm9yhb4m2s1gcs4g7vq5r9n30h98ghjpp1z3awymkpddc3xzdx0e4j1jvkfhq5s6yvv6ss2wn7grgjsqvq2sn442bbxsx2hvvqxz0v75pv6b7frvhm8bk182z8h0rxq7y5f90103r42v6zbpt84yrj2bdq2416p3ha317nvktr8bx044xhp16txgarnhdekcbdq4cx99qtw3ykyp9ryk4ck3hm2zhkpjt8k9ny7wz214fr5hjx9va&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtlCA5mGmYMzsOZujtOUP4fyo0AuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQIDADSgYm-0PqgDAaoEvwFP0NS5UdPWu_mciUDJiYGtYRubJmAeNGzAYCOzluAICYQPvtVGosl6Pu4qASyBTluWW7GGExblpaCyw7u_fAHv3Zl2x0MqcwpUYxAUTE3k6onPHK7T3PMsvmZBA01peVzoSgc1pL5V9hFISi8MTK8ducxDc4jnwkMySp1H5FpiVENi_s1_zJYzFY-edUXuj5jwbiqu3Y24K7Rrm1GwahdnF20HT-N6qkn7L1-6NhF9LEchhQt1xbhb6RiaT02ja4AG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0j6_drOS4nyyVgFrlri9a2HwDsZg%26client%3Dca-pub-6379854420851476%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=VHPQMw==, md5=O4FGM/ivTqRkLkRDXbVbMw==
date
Thu, 20 May 2021 13:19:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
71643
x-guploader-uploadid
ABg5-UyHG-hOHMrblKFIYL7z0-xw-9pArwKph-VJrtcWULownBnqKUo-1GLHEGsXvwH8Zp6QorI5FIk9wmVPTpub1M4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a2b8789de00001f2d6c283000000001
last-modified
Thu, 06 May 2021 17:25:03 GMT
server
cloudflare
etag
W/"3b814633f8af4ea4642e44435db55b33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Vn7HUh4C6JECowU3UkgIZbASPYIqoYGGEjX6ihcqQs0y4jbaU3XGC2kX7O09xS5QpfkwlT%2Bg2gHFuB345y7Mr%2FEBkSvkdXe2GHYuCZrE5EWpFlFB"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620321903630655
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
12034
cf-ray
6525db895ce61f2d-FRA
expires
Wed, 19 May 2021 17:25:32 GMT
logo.png
s0.2mdn.net/10160029/1617042646663/images/ Frame 6238 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10160029/1617042646663/images/logo.png
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c7dbf7c801138df4b2faeae1fc17fd4e7501a75dadd64034ec902b8978a454e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 10:07:23 GMT
x-content-type-options
nosniff
last-modified
Mon, 29 Mar 2021 18:30:46 GMT
server
sffe
age
11532
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7271
x-xss-protection
0
expires
Fri, 21 May 2021 10:07:23 GMT
logo.png
s0.2mdn.net/10160029/1617042646663/images/ Frame 049B 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10160029/1617042646663/images/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c7dbf7c801138df4b2faeae1fc17fd4e7501a75dadd64034ec902b8978a454e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 10:07:23 GMT
x-content-type-options
nosniff
last-modified
Mon, 29 Mar 2021 18:30:46 GMT
server
sffe
age
11532
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7271
x-xss-protection
0
expires
Fri, 21 May 2021 10:07:23 GMT
logo.png
s0.2mdn.net/10160029/1617042646663/images/ Frame DE8D 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10160029/1617042646663/images/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c7dbf7c801138df4b2faeae1fc17fd4e7501a75dadd64034ec902b8978a454e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10160029/1617042646663/mercedes_930x180.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 10:07:23 GMT
x-content-type-options
nosniff
last-modified
Mon, 29 Mar 2021 18:30:46 GMT
server
sffe
age
11532
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7271
x-xss-protection
0
expires
Fri, 21 May 2021 10:07:23 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/ Frame 5BD7 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280246103;dc_ver=72.208;sz=728x90;u_sd=1;dc_adk=3217452924;ord=tnrao5;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.correiodopovo.com.br%2F$0;xdt=1;crlt=lFzj1)kzM8;osda=2;sttr=161;prcl=s
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:17:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 13:17:55 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5BD7 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvmK5ytwMV_FgGO51cikFISBvcQUemiRobg-AjPPTEmHKvU6nVglcoNgV_F6c7NkBnmgo_Qt1CHVtEfpNF5c2BlGx4iNtEIW0G35LpZozHqJr4xS8LjLNPKgBq8e2jgCenlad8PSiutsEMXTbcM_Ja5-R2n&sig=Cg0ArKJSzPX0MwEeMZGQEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210517.93757&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280246103;dc_ver=72.208;sz=728x90;u_sd=1;dc_adk=3217452924;ord=tnrao5;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.correiodopovo.com.br%2F$0;xdt=1;crlt=lFzj1)kzM8;osda=2;sttr=161;prcl=s
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 13:19:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dvtp_src.js
cdn.doubleverify.com/ Frame 5BD7 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=10224936&sid=2641434&plc=280246103&num=&adid=&advid=2276943&adsrv=1&btreg=315865137&btadsrv=doubleclick&crt=117573815&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280246103;dc_ver=72.208;sz=728x90;u_sd=1;dc_adk=3217452924;ord=tnrao5;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.correiodopovo.com.br%2F$0;xdt=1;crlt=lFzj1)kzM8;osda=2;sttr=161;prcl=s
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:287::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
92585ced325c8cb308504f95b18f6fb8ec1089a52453f9c9b73a30ddf9182ae8

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 13:19:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 May 2021 09:37:19 GMT
Server
Microsoft-IIS/10.0
ETag
"80b114ba5b4dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3133
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5BD7 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280246103;dc_ver=72.208;sz=728x90;u_sd=1;dc_adk=3217452924;ord=tnrao5;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.correiodopovo.com.br%2F$0;xdt=1;crlt=lFzj1)kzM8;osda=2;sttr=161;prcl=s
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 20:56:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59003
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 May 2022 20:56:12 GMT
adc_hun_EndHungerStory_728x90_Evergreen.jpg
s0.2mdn.net/2276943/ Frame 5BD7 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/2276943/adc_hun_EndHungerStory_728x90_Evergreen.jpg
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
780849559953abc98981f7964d063930d1b9cdf5f9aff09e60bd64cc2d9de59a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 06:47:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 12 Jun 2019 18:23:23 GMT
server
sffe
age
23510
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47415
x-xss-protection
0
expires
Fri, 21 May 2021 06:47:45 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 0D12 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer
https://ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:35 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
568
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
cf-request-id
0a2b878a3300004edf2a07e000000001
last-modified
Thu, 08 May 2014 12:48:39 GMT
server
cloudflare
etag
"536b7d27-cbe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mcJvc6bFDCYCR3zVO13xcfUxeNvLivSon2t2NCG8V14tK6lz8ogQry8lJiF0DkjvuPfW%2B6ccvjY2NxumHXYqsZVkpi2Fr%2BQ3AHvMW%2BkDPFzTwnQSQ%2FOMuZzwEv8Q9igV9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
6525db89ebb44edf-FRA
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame EC6D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKQXFudG_gZUvCz8TOxXvyY&google_cver=1&google_push=AQvitUKD7rxefU5jbwM7yZII5fYA07gDQDZ_B23RUvBWmWH0z2km-qJGzV36WpXCj3_StHtAVhz7LJOBHuWtNtCwrnq5aE3XDDSx
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg0NjA3MTQ4MjM4MzIwNzEzMg==
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEC98SfqK5VV4e07LxgCq3i0&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEC98SfqK5VV4e07LxgCq3i0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381805&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774232&bpp=4&bdt=111&idt=316&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&rume=1&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=1844063362&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8764&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=31060945%2C21066613%2C21066615&oid=3&pvsid=4495768851889684&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d3y0sc9dpyeu&btvi=1&fsb=1&dtd=335
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:37 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEC98SfqK5VV4e07LxgCq3i0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EC6D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESED1XqDx-laxomsYwhtTfEow&google_push=AQvitUIliFOnZNch78DnF44-ONtnYeGOKUu1J5LHqC3VT4HbdUjsXWe9SY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESED1XqDx-laxomsYwhtTfEow&google_push=AQvitUIliFOnZNch78DnF44-ONtnYeGOKUu1J5LHqC3VT4HbdUjsXWe9SYKDlXw7vlmXKI8v-hqyeUYv9GEq4vmDlIcggrM1oT-N
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381805&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774232&bpp=4&bdt=111&idt=316&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&rume=1&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=1844063362&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8764&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=31060945%2C21066613%2C21066615&oid=3&pvsid=4495768851889684&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d3y0sc9dpyeu&btvi=1&fsb=1&dtd=335
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:36 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1621516776.098775,VS0,VE94
x-served-by
cache-hhn4032-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESED1XqDx-laxomsYwhtTfEow&google_push=AQvitUIliFOnZNch78DnF44-ONtnYeGOKUu1J5LHqC3VT4HbdUjsXWe9SYKDlXw7vlmXKI8v-hqyeUYv9GEq4vmDlIcggrM1oT-N
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame EC6D 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOwa6ijeKKGJZXz9aOoxgv0&google_cver=1&google_push=AQvitUJqgh2dr222aAjI_A3Y5ZxGmt0EtuyXZY76-nOEG1oGcUZ5NFYQqpOuJRmm13mVBBqX2XkGmwM416CrGXz-qllc-XlW3PeK
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381805&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774232&bpp=4&bdt=111&idt=316&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&rume=1&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=1844063362&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8764&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=31060945%2C21066613%2C21066615&oid=3&pvsid=4495768851889684&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d3y0sc9dpyeu&btvi=1&fsb=1&dtd=335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame EC6D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEG6ZOAXeAz2EdPixnf6w_6w&google_cver=1&google_push=AQvitULTVHOdZAnDijcvlxYEJ4tVLKYE41hBWix_K2m-c0q3fCPuY15qw_CLDXFNOVS89GNKa_Kx5l_s...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEG6ZOAXeAz2EdPixnf6w_6w&google_cver=1&google_push=AQvitULTVHOdZAnDijcvlxYEJ4tVLKYE41hBWix_K2m-c0q3fCPuY15qw_CLDXFNOVS89GNKa_K...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzUzMDUzNzMzMTcyNjUxNjI5NQ&google_push=AQvitULTVHOdZAnDijcvlxYEJ4tVLKYE41hBWix_K2m-c0q3fCPuY15qw_CLDXFNOVS89GNKa_Kx5l...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzUzMDUzNzMzMTcyNjUxNjI5NQ&google_push=AQvitULTVHOdZAnDijcvlxYEJ4tVLKYE41hBWix_K2m-c0q3fCPuY15qw_CLDXFNOVS89GNKa_Kx5l_s94QjD3qJlORFr442Q0o
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:37 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzUzMDUzNzMzMTcyNjUxNjI5NQ&google_push=AQvitULTVHOdZAnDijcvlxYEJ4tVLKYE41hBWix_K2m-c0q3fCPuY15qw_CLDXFNOVS89GNKa_Kx5l_s94QjD3qJlORFr442Q0o
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame EC6D
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEIScqWCZxQL-IFDNoO3KxnI&google_cver=1&google_push=AQvitUKmfzx-dVyKA5VQOrEk5ESFp5a4JOw7A5T8p7TCpNLbk1qu-eh0lu0mg8YMuABnXuYxMKSLjIdsdpW2eGbUA5ljJSEIqSxf
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKmfzx-dVyKA5VQOrEk5ESFp5a4JOw7A5T8p7TCpNLbk1qu-eh0lu0mg8YMuABnXuYxMKSLjIdsdpW2eGbUA5ljJSEIqSxf&google_hm=ob7FN5rcybsQ4c8yldF3GQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKmfzx-dVyKA5VQOrEk5ESFp5a4JOw7A5T8p7TCpNLbk1qu-eh0lu0mg8YMuABnXuYxMKSLjIdsdpW2eGbUA5ljJSEIqSxf&google_hm=ob7FN5rcybsQ4c8yldF3GQ==
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:36 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKmfzx-dVyKA5VQOrEk5ESFp5a4JOw7A5T8p7TCpNLbk1qu-eh0lu0mg8YMuABnXuYxMKSLjIdsdpW2eGbUA5ljJSEIqSxf&google_hm=ob7FN5rcybsQ4c8yldF3GQ==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
janso6s5ro3es20nuu739irmmlgt9dbi
pixel
cm.g.doubleclick.net/ Frame EC6D
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PHZXA7HMRvObilFIg4B1Ug%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PHZXA7HMRvObilFIg4B1Ug%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJOeXYh6ByQYdHU4BbZCgJdO3kMvkGcPU1XwDf8tu9V7IfQpeD2DA-2ZFovudWPe2vpdoAfHGjMu7me-pIOQGRRtpvineIV
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PHZXA7HMRvObilFIg4B1Ug%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJOeXYh6ByQYdHU4BbZCgJdO3kMvkGcPU1XwDf8tu9V7IfQpeD2DA-2ZFovudWPe2vpdoAfHGjMu7me-pIOQGRRtpvineIV
date
Thu, 20 May 2021 13:19:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame EC6D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENfd2kd7iE4sbtC1lEIevtk&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiq...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame EC6D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JPkpRi3aAGS-nsLd8-nIN_bGv85TBIN0XMA22AAd157pf-lfzsH5EWG6CO4pE22glO8YIN
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381805&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774232&bpp=4&bdt=111&idt=316&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&rume=1&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=1844063362&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8764&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=31060945%2C21066613%2C21066615&oid=3&pvsid=4495768851889684&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d3y0sc9dpyeu&btvi=1&fsb=1&dtd=335
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:36 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5BD7 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621424119306032"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36804
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:36 GMT
frame.html
ad4m.at/ Frame 2C61 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad4m.at/ad/dr?ed=1kk4fc0zpvw490v1stypcqcs28czy5fj0tytwqk016ps1bt9xj2wye12qxasf4g9bzba6ps6twh95fb91nyckpcppfjwx7dksj30tj3qe8mt64rrhnd0rpxga4n8v26rzffszrzjxbb669ne7kk28f3fr8p48vtawczwh6g5x6mvt8agv5sxn0c66kecgwmn5scjtbhbfmy28qq5ka556zn0vvzwecq3gb54m4v6tjd7ywxp4c6kweqrn8w2whbvgsspnhz6dfa3gtpp4jnea6kaccjnsq2nd9nq2gvvgdajd7b1nbrexj6kjp9vnd6ed2rk5we1j9ewferqja7sxdr5ftd3z03tz2xg6e62jd6ngx22kw5kxrmy74qg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4chQ5mGmYL-HNs2EtOUPvIOfiAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvgFP0IAVUpdSStN0u57dok3z_DpcWcHmcVeNy4PXj4PfwcEAXP4RLPZjFZEo4QlVhXvitHPHCG7I4j620Ycubv5d95pYqtjWdq0prQ_9bQNcPZ-BID01CoXCd9_xaTlCgLVJM17SnF_Ctm8kO3wyQB--xaoZL0EjszZySso1QGMhh3xhNjRuWipxUgp8PxvutC7OrPU_IK4Soqy_FgE-jdD0YioMRAq3R7I1HaZ0NfSWZINuoYzel3LzHCIiQBjggAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Zv8ZUxyDHVORaI7AdRE4DVgwFtg%26client%3Dca-pub-6379854420851476%26adurl%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad4m.at/ad/dr?ed=1kk4fc0zpvw490v1stypcqcs28czy5fj0tytwqk016ps1bt9xj2wye12qxasf4g9bzba6ps6twh95fb91nyckpcppfjwx7dksj30tj3qe8mt64rrhnd0rpxga4n8v26rzffszrzjxbb669ne7kk28f3fr8p48vtawczwh6g5x6mvt8agv5sxn0c66kecgwmn5scjtbhbfmy28qq5ka556zn0vvzwecq3gb54m4v6tjd7ywxp4c6kweqrn8w2whbvgsspnhz6dfa3gtpp4jnea6kaccjnsq2nd9nq2gvvgdajd7b1nbrexj6kjp9vnd6ed2rk5we1j9ewferqja7sxdr5ftd3z03tz2xg6e62jd6ngx22kw5kxrmy74qg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4chQ5mGmYL-HNs2EtOUPvIOfiAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvgFP0IAVUpdSStN0u57dok3z_DpcWcHmcVeNy4PXj4PfwcEAXP4RLPZjFZEo4QlVhXvitHPHCG7I4j620Ycubv5d95pYqtjWdq0prQ_9bQNcPZ-BID01CoXCd9_xaTlCgLVJM17SnF_Ctm8kO3wyQB--xaoZL0EjszZySso1QGMhh3xhNjRuWipxUgp8PxvutC7OrPU_IK4Soqy_FgE-jdD0YioMRAq3R7I1HaZ0NfSWZINuoYzel3LzHCIiQBjggAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Zv8ZUxyDHVORaI7AdRE4DVgwFtg%26client%3Dca-pub-6379854420851476%26adurl%3D

Response headers

date
Thu, 20 May 2021 13:19:36 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Thu, 20 May 2021 14:19:36 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2391821
cache-control
public, max-age=3600
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
cf-request-id
0a2b878abe00001f2d3d2a0000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0A%2BmBigfcV89wd51uO1AwcLL4USmJccKWgDQ%2BaKee46Yk%2B1D98DJq81Ivw4Vh8iUjPHgN8jYka1%2B0x9S3XX1AADKbCS1TVamMrKu2nQKnwPf77q4"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6525db8acf721f2d-FRA
content-encoding
br
default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame 4045 		58 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1gjkg324g3pre3zxrbqr58ph0gpa1jbzycn17v243fv7k28xzsbzerba7q7bdwxn1xq8t5k0e96jzbt5d0wjr0d7h1jk9b79qe1yj81v1ga7tej3wwa0x1pvr0qqsr33mvr9s1nz0fvs87exykgp8405gcxcxs0m26xf2j2dpkf0b0zye8xt065f80cfz9bc6y1k8qh3jb5dgzr8edqpczvgvqf5bzhxrg8j02g7z9dazr6jgdsj6hsh0m201d7yw1zebt33y6g5hqk38vfvawfbsbyrjsrm753rm13ytsevv325tk6fpbyajbsh2n1shbkm8x68sg8c090yem5dcyfe8ydxemcnk7tgn72k6aaty3e51mqpw08png8hy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXSaN52GmYKy2BLfVtOUP1cCh2AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvwFP0LxC7iD1UnLZ4o2Y7WHbVbcmHJkSNwSKtsl3qunN5WjctHCAUSlFU1XPLH4aKhn_dmT5Jb3ELrGW6JZZh1NOzML4VrNRWzQ6K7j-tqU0Hs31yboy-HRvDx_fJUGC68UJPnt6memJT8suiLelG-sZmQwMXwmLSvxtn2NafzBEXAuviLO4OBYVY8eOLQs7FXkOIKwf1AyyygpfwjE93FG667D2eMgQSOYR0XDsW9TnscX4DEkYKok7HMgnAaP5HoAG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2NxUavZpPNivuXHwF1vAXOczsnVg%26client%3Dca-pub-6379854420851476%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer
https://ad4m.at/ad/dr?ed=1gjkg324g3pre3zxrbqr58ph0gpa1jbzycn17v243fv7k28xzsbzerba7q7bdwxn1xq8t5k0e96jzbt5d0wjr0d7h1jk9b79qe1yj81v1ga7tej3wwa0x1pvr0qqsr33mvr9s1nz0fvs87exykgp8405gcxcxs0m26xf2j2dpkf0b0zye8xt065f80cfz9bc6y1k8qh3jb5dgzr8edqpczvgvqf5bzhxrg8j02g7z9dazr6jgdsj6hsh0m201d7yw1zebt33y6g5hqk38vfvawfbsbyrjsrm753rm13ytsevv325tk6fpbyajbsh2n1shbkm8x68sg8c090yem5dcyfe8ydxemcnk7tgn72k6aaty3e51mqpw08png8hy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXSaN52GmYKy2BLfVtOUP1cCh2AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvwFP0LxC7iD1UnLZ4o2Y7WHbVbcmHJkSNwSKtsl3qunN5WjctHCAUSlFU1XPLH4aKhn_dmT5Jb3ELrGW6JZZh1NOzML4VrNRWzQ6K7j-tqU0Hs31yboy-HRvDx_fJUGC68UJPnt6memJT8suiLelG-sZmQwMXwmLSvxtn2NafzBEXAuviLO4OBYVY8eOLQs7FXkOIKwf1AyyygpfwjE93FG667D2eMgQSOYR0XDsW9TnscX4DEkYKok7HMgnAaP5HoAG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2NxUavZpPNivuXHwF1vAXOczsnVg%26client%3Dca-pub-6379854420851476%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=XxVHlg==, md5=RCdMWH7YOCWDIhuwI9UcWg==
date
Thu, 20 May 2021 13:19:36 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5070029
cf-polished
origSize=59196
x-guploader-uploadid
ABg5-Uy4aivieyuBWrRiQC4_Ppn1uUsCErWp3PCNabOAR1DHIeajjF0MmTZg9JuSRGfocIdDxNZdYx3-JXnC-nTF81uHDLT_kw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
58969
cf-request-id
0a2b878a8200001f2d46adc000000001
last-modified
Tue, 16 Mar 2021 10:53:32 GMT
server
cloudflare
etag
"44274c587ed8382583221bb023d51c5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BcR6vtSECnaeI31PMjtypXE8iyLpnkmypGML1iZMZQ6Dd1Cv4I6wBHR4Yf8pdpXZ15JKI8%2Bx9Ld5PzT9m36ZEZGTnt15uT7cvkMwqNPqi0N8Mpct"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1615892011975494
content-type
text/css
expires
Tue, 22 Mar 2022 20:59:07 GMT
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
6688
accept-ranges
bytes
cf-ray
6525db8a6eca1f2d-FRA
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame 4045 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1gjkg324g3pre3zxrbqr58ph0gpa1jbzycn17v243fv7k28xzsbzerba7q7bdwxn1xq8t5k0e96jzbt5d0wjr0d7h1jk9b79qe1yj81v1ga7tej3wwa0x1pvr0qqsr33mvr9s1nz0fvs87exykgp8405gcxcxs0m26xf2j2dpkf0b0zye8xt065f80cfz9bc6y1k8qh3jb5dgzr8edqpczvgvqf5bzhxrg8j02g7z9dazr6jgdsj6hsh0m201d7yw1zebt33y6g5hqk38vfvawfbsbyrjsrm753rm13ytsevv325tk6fpbyajbsh2n1shbkm8x68sg8c090yem5dcyfe8ydxemcnk7tgn72k6aaty3e51mqpw08png8hy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXSaN52GmYKy2BLfVtOUP1cCh2AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvwFP0LxC7iD1UnLZ4o2Y7WHbVbcmHJkSNwSKtsl3qunN5WjctHCAUSlFU1XPLH4aKhn_dmT5Jb3ELrGW6JZZh1NOzML4VrNRWzQ6K7j-tqU0Hs31yboy-HRvDx_fJUGC68UJPnt6memJT8suiLelG-sZmQwMXwmLSvxtn2NafzBEXAuviLO4OBYVY8eOLQs7FXkOIKwf1AyyygpfwjE93FG667D2eMgQSOYR0XDsW9TnscX4DEkYKok7HMgnAaP5HoAG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2NxUavZpPNivuXHwF1vAXOczsnVg%26client%3Dca-pub-6379854420851476%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c01c98dc32c9889b4120afd376d61fe7a172b6cb323b48011b71572a4d97ff8a

Request headers

Referer
https://ad4m.at/ad/dr?ed=1gjkg324g3pre3zxrbqr58ph0gpa1jbzycn17v243fv7k28xzsbzerba7q7bdwxn1xq8t5k0e96jzbt5d0wjr0d7h1jk9b79qe1yj81v1ga7tej3wwa0x1pvr0qqsr33mvr9s1nz0fvs87exykgp8405gcxcxs0m26xf2j2dpkf0b0zye8xt065f80cfz9bc6y1k8qh3jb5dgzr8edqpczvgvqf5bzhxrg8j02g7z9dazr6jgdsj6hsh0m201d7yw1zebt33y6g5hqk38vfvawfbsbyrjsrm753rm13ytsevv325tk6fpbyajbsh2n1shbkm8x68sg8c090yem5dcyfe8ydxemcnk7tgn72k6aaty3e51mqpw08png8hy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXSaN52GmYKy2BLfVtOUP1cCh2AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvwFP0LxC7iD1UnLZ4o2Y7WHbVbcmHJkSNwSKtsl3qunN5WjctHCAUSlFU1XPLH4aKhn_dmT5Jb3ELrGW6JZZh1NOzML4VrNRWzQ6K7j-tqU0Hs31yboy-HRvDx_fJUGC68UJPnt6memJT8suiLelG-sZmQwMXwmLSvxtn2NafzBEXAuviLO4OBYVY8eOLQs7FXkOIKwf1AyyygpfwjE93FG667D2eMgQSOYR0XDsW9TnscX4DEkYKok7HMgnAaP5HoAG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2NxUavZpPNivuXHwF1vAXOczsnVg%26client%3Dca-pub-6379854420851476%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=VHPQMw==, md5=O4FGM/ivTqRkLkRDXbVbMw==
date
Thu, 20 May 2021 13:19:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
71644
x-guploader-uploadid
ABg5-UyHG-hOHMrblKFIYL7z0-xw-9pArwKph-VJrtcWULownBnqKUo-1GLHEGsXvwH8Zp6QorI5FIk9wmVPTpub1M4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a2b878a8300001f2d5f377000000001
last-modified
Thu, 06 May 2021 17:25:03 GMT
server
cloudflare
etag
W/"3b814633f8af4ea4642e44435db55b33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7%2BZL%2FEAkPBBP73KbdU8K%2BwIS1VwUbJten7yVsdfIXHKmn1akyOYOEbKK5gOdqZkvCL5jTn8idmw7q37ckn7GzOdqj0pQiczzap4R0SbfRrVevrUo"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620321903630655
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
12034
cf-ray
6525db8a6ed01f2d-FRA
expires
Wed, 19 May 2021 17:25:32 GMT
dv-measurements1378.js
cdn.doubleverify.com/ Frame A91B 		483 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1378.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:287::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b403f883d0e6b89e431fbcb325c9f93924256746d04ebf34aaa8076ac2ca3baa

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 13:19:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 May 2021 10:58:38 GMT
Server
Microsoft-IIS/10.0
ETag
"043c7eb9d4cd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
88422
view
googleads4.g.doubleclick.net/pcs/ Frame 5BD7 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvmK5ytwMV_FgGO51cikFISBvcQUemiRobg-AjPPTEmHKvU6nVglcoNgV_F6c7NkBnmgo_Qt1CHVtEfpNF5c2BlGx4iNtEIW0G35LpZozHqJr4xS8LjLNPKgBq8e2jgCenlad8PSiutsEMXTbcM_Ja5-R2n&sig=Cg0ArKJSzPX0MwEeMZGQEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=255&vt=11&dtpt=254&dett=2&cstd=0&cisv=r20210517.93757&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280246103;dc_ver=72.208;sz=728x90;u_sd=1;dc_adk=3217452924;ord=tnrao5;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.correiodopovo.com.br%2F$0;xdt=1;crlt=lFzj1)kzM8;osda=2;sttr=161;prcl=s
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 13:19:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame DB5F 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer
https://ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:36 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
569
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
cf-request-id
0a2b878af500004edf9eba4000000001
last-modified
Thu, 08 May 2014 12:48:39 GMT
server
cloudflare
etag
"536b7d27-cbe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T9NFwiZN3r59cHNBpQSgvt08iMnnzTD2Ct4vrJgtFtdmWfu1Hxn3qy8A%2BUR6RZOctqZoMiLW2hOYzB2BE6jQp8YEGeC86cnnnIqS%2BUkhDLZR6672%2FimUvC%2Fw%2BqCfrq31%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
6525db8b2f114edf-FRA
api.gif
v3.denakop.com/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=4cGaVHu7RjeAGC7uqb62aA%2F0&v=5.0.0&sw=1600&sh=1200&ac=v&aa=scroll&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1621516776183&cb=0.21588122939619625
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:36 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
0a2b878afb000016ea2a911000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
6525db8b29ed16ea-FRA
expires
Sun, 01 Jan 2014 00:00:00 GMT
api.gif
v3.denakop.com/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=4cGaVHu7RjeAGC7uqb62aA%2F0&v=5.0.0&sw=1600&sh=1200&ac=v2&aa=scroll&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1621516776184&cb=0.23206312157640352
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:36 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
0a2b878af8000016eae72a0000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
6525db8b29f016ea-FRA
expires
Sun, 01 Jan 2014 00:00:00 GMT
api.gif
v3.denakop.com/ 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=4cGaVHu7RjeAGC7uqb62aA%2F0&v=5.0.0&sw=1600&sh=1200&ac=v2&aa=scroll&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1621516776184&cb=0.9898210305860442
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:36 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
0a2b878af8000016ea3314b000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
6525db8b29f116ea-FRA
expires
Sun, 01 Jan 2014 00:00:00 GMT
api.gif
v3.denakop.com/ 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=4cGaVHu7RjeAGC7uqb62aA%2F0&v=5.0.0&sw=1600&sh=1200&ac=v&aa=under&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1621516776184&cb=0.17384003593941189
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:36 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
0a2b878af8000016eafc0d9000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
6525db8b29f316ea-FRA
expires
Sun, 01 Jan 2014 00:00:00 GMT
dv-measurements1378.js
cdn.doubleverify.com/ Frame 1595 		483 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1378.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:287::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b403f883d0e6b89e431fbcb325c9f93924256746d04ebf34aaa8076ac2ca3baa

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 13:19:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 May 2021 10:58:38 GMT
Server
Microsoft-IIS/10.0
ETag
"043c7eb9d4cd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
88422
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7B3F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Wed, 19 May 2021 21:10:52 GMT
expires
Thu, 19 May 2022 21:10:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
58124
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
frame.html
ad4m.at/ Frame BF4F 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad4m.at/ad/dr?ed=1kkekt6jwyskzhnk3vnh93x0jrwghw8pwzyzgr027sfrk5ysbv4ejz70hkvwnxmt1e2abwsda40g6gh01zhjf0y4g7gvjx7ndt2vvqmrgbwj2g5gtgj7xtfez70cw9d67mberq28wm9yhb4m2s1gcs4g7vq5r9n30h98ghjpp1z3awymkpddc3xzdx0e4j1jvkfhq5s6yvv6ss2wn7grgjsqvq2sn442bbxsx2hvvqxz0v75pv6b7frvhm8bk182z8h0rxq7y5f90103r42v6zbpt84yrj2bdq2416p3ha317nvktr8bx044xhp16txgarnhdekcbdq4cx99qtw3ykyp9ryk4ck3hm2zhkpjt8k9ny7wz214fr5hjx9va&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtlCA5mGmYMzsOZujtOUP4fyo0AuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQIDADSgYm-0PqgDAaoEvwFP0NS5UdPWu_mciUDJiYGtYRubJmAeNGzAYCOzluAICYQPvtVGosl6Pu4qASyBTluWW7GGExblpaCyw7u_fAHv3Zl2x0MqcwpUYxAUTE3k6onPHK7T3PMsvmZBA01peVzoSgc1pL5V9hFISi8MTK8ducxDc4jnwkMySp1H5FpiVENi_s1_zJYzFY-edUXuj5jwbiqu3Y24K7Rrm1GwahdnF20HT-N6qkn7L1-6NhF9LEchhQt1xbhb6RiaT02ja4AG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0j6_drOS4nyyVgFrlri9a2HwDsZg%26client%3Dca-pub-6379854420851476%26adurl%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad4m.at/ad/dr?ed=1kkekt6jwyskzhnk3vnh93x0jrwghw8pwzyzgr027sfrk5ysbv4ejz70hkvwnxmt1e2abwsda40g6gh01zhjf0y4g7gvjx7ndt2vvqmrgbwj2g5gtgj7xtfez70cw9d67mberq28wm9yhb4m2s1gcs4g7vq5r9n30h98ghjpp1z3awymkpddc3xzdx0e4j1jvkfhq5s6yvv6ss2wn7grgjsqvq2sn442bbxsx2hvvqxz0v75pv6b7frvhm8bk182z8h0rxq7y5f90103r42v6zbpt84yrj2bdq2416p3ha317nvktr8bx044xhp16txgarnhdekcbdq4cx99qtw3ykyp9ryk4ck3hm2zhkpjt8k9ny7wz214fr5hjx9va&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtlCA5mGmYMzsOZujtOUP4fyo0AuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQIDADSgYm-0PqgDAaoEvwFP0NS5UdPWu_mciUDJiYGtYRubJmAeNGzAYCOzluAICYQPvtVGosl6Pu4qASyBTluWW7GGExblpaCyw7u_fAHv3Zl2x0MqcwpUYxAUTE3k6onPHK7T3PMsvmZBA01peVzoSgc1pL5V9hFISi8MTK8ducxDc4jnwkMySp1H5FpiVENi_s1_zJYzFY-edUXuj5jwbiqu3Y24K7Rrm1GwahdnF20HT-N6qkn7L1-6NhF9LEchhQt1xbhb6RiaT02ja4AG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0j6_drOS4nyyVgFrlri9a2HwDsZg%26client%3Dca-pub-6379854420851476%26adurl%3D

Response headers

date
Thu, 20 May 2021 13:19:36 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Thu, 20 May 2021 14:19:36 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2391821
cache-control
public, max-age=3600
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
cf-request-id
0a2b878b4700001f2d67b33000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AipdJwKyWB%2Fcc7irsFVxOB0UZUZlEDMdaKIEbEHatJnkzwtKBLkzswV6CFjkdTrFpROs4PO8wa7uEXNj5Y1f6XvFPojxqYpYqjUXUlnWTHfnQJ8Q"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6525db8ba9061f2d-FRA
content-encoding
br
/
google2waycm.netmng.com/cm/ Frame CD04 		0
0
dpixel
cms.quantserve.com/ Frame CD04 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBDHmWI0yDwMESmnKpm0jYE&google_cver=1&google_push=AQvitUJ_sU0jSTqx1QuNhTtH1WfYfGviX1AQ0eD3vPkNZz5Dem_AthPfumP3p2C5CyhZWXwGI0A5tR4fQCLJgjlwRO6Qp6tbed0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382086&pi=t.ma~as.9839216272&w=336&fwrn=3&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774225&bpp=5&bdt=110&idt=396&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=592089535&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=9272&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=182982000%2C31060840&oid=3&pvsid=2977816920370423&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.us4h5ogp8qus&btvi=1&fsb=1&dtd=413
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame CD04 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHdjUmCnvymzoZ1542WWVqM&google_cver=1&google_push=AQvitUJqnn35nAgkmnWvnGWG1o5L6oHijRnlS7dAaB30DR9Iwzxh5d_j54i_0z2B-oCHybMqq2cfgAgqxzcu5ir_VNYgM71WVZM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382086&pi=t.ma~as.9839216272&w=336&fwrn=3&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774225&bpp=5&bdt=110&idt=396&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=592089535&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=9272&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=182982000%2C31060840&oid=3&pvsid=2977816920370423&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.us4h5ogp8qus&btvi=1&fsb=1&dtd=413
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:36 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame CD04
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFZ8pGeWFC-SsLIzJW1j6EA&google_cver=1&google_push=AQvitUKOJu8TtRTvuKHepyR3rIGRBSwtxsO45cA6h_Lw2u_-n0qVto24I9CGvxi3vZWlc6wUGcZJJVcbLAf64DgLZYCc...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUKOJu8TtRTvuKHepyR3rIGRBSwtxsO45cA6h_Lw2u_-n0qVto24I9CGvxi3vZWlc6wUGcZJJVcbLAf64DgLZYCcr78sLw&google_hm=90AEG0tAROaUfpIRul0HjQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUKOJu8TtRTvuKHepyR3rIGRBSwtxsO45cA6h_Lw2u_-n0qVto24I9CGvxi3vZWlc6wUGcZJJVcbLAf64DgLZYCcr78sLw&google_hm=90AEG0tAROaUfpIRul0HjQ==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382086&pi=t.ma~as.9839216272&w=336&fwrn=3&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774225&bpp=5&bdt=110&idt=396&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=592089535&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=9272&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=182982000%2C31060840&oid=3&pvsid=2977816920370423&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.us4h5ogp8qus&btvi=1&fsb=1&dtd=413
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUKOJu8TtRTvuKHepyR3rIGRBSwtxsO45cA6h_Lw2u_-n0qVto24I9CGvxi3vZWlc6wUGcZJJVcbLAf64DgLZYCcr78sLw&google_hm=90AEG0tAROaUfpIRul0HjQ==
date
Thu, 20 May 2021 13:19:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
dot.gif
s0.2mdn.net/ Frame CD04 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEI2zgpTN-QuQm5arvHZciig&google_cver=1&google_push=AQvitUKQbC2Nd41e2f_mdp0CM4AupAeKqJ2X4IKoOktST4NZg6HXQi4YLwHIc-SdAErtEzocm7lvJ6faMtMbwImULxbwEEkPQw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382086&pi=t.ma~as.9839216272&w=336&fwrn=3&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774225&bpp=5&bdt=110&idt=396&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=592089535&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=9272&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=182982000%2C31060840&oid=3&pvsid=2977816920370423&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.us4h5ogp8qus&btvi=1&fsb=1&dtd=413
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 21 May 2021 13:19:36 GMT
pixel
cm.g.doubleclick.net/ Frame CD04
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECHx_pQHL_rfaTZU3M4b7sk&google_cver=1&google_push=AQvitUIoZCUoPUf4GuGJ1l6xXhpzw39gJipo79grD2OlpVZIBRqBqlJBE9e2ngZr2enAxghTMEpaLpN7X3O2o6toP...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECHx_pQHL_rfaTZU3M4b7sk&google_cver=1&google_push=AQvitUIoZCUoPUf4GuGJ1l6xXhpzw39gJipo79grD2OlpVZIBRqBqlJBE9e2ngZr2enAxghTMEpaLpN7X3O2o6toP...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUIoZCUoPUf4GuGJ1l6xXhpzw39gJipo79grD2OlpVZIBRqBqlJBE9e2ngZr2enAxghTMEpaLpN7X3O2o6toPqEHvYl7F3w&google_hm=94a06784895f4b46675d815a
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUIoZCUoPUf4GuGJ1l6xXhpzw39gJipo79grD2OlpVZIBRqBqlJBE9e2ngZr2enAxghTMEpaLpN7X3O2o6toPqEHvYl7F3w&google_hm=94a06784895f4b46675d815a
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382086&pi=t.ma~as.9839216272&w=336&fwrn=3&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774225&bpp=5&bdt=110&idt=396&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=592089535&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=9272&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=182982000%2C31060840&oid=3&pvsid=2977816920370423&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.us4h5ogp8qus&btvi=1&fsb=1&dtd=413
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 20 May 2021 13:19:36 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUIoZCUoPUf4GuGJ1l6xXhpzw39gJipo79grD2OlpVZIBRqBqlJBE9e2ngZr2enAxghTMEpaLpN7X3O2o6toPqEHvYl7F3w&google_hm=94a06784895f4b46675d815a
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame CD04
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOncd3MKQlD05XSUr4aBvW4&google_cver=1&google_push=AQvitUJ5OCAm1csay3loAV62B14OHsjyfUM0bDWihFcOEm3oFsqNFIskNUA2ccVUIEEIDd1jmkJJRqz_CpL4aY5mPbaONRj2NTk
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AQvitUJ5OCAm1csay3loAV62B14OHsjyfUM0bDWihFcOEm3oFsqNFIskNUA2ccVUIEEIDd1jmkJJRqz_CpL4aY5mPbaONRj2NTk&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzE5NjY0MzU3MzY2NTI5MzIwMA%3D%3D&google_push=AQvitUJ5OCAm1csay3loAV62B14OHsjyfUM0bDWihFcOEm3oFsqNFIskNUA2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzE5NjY0MzU3MzY2NTI5MzIwMA%3D%3D&google_push=AQvitUJ5OCAm1csay3loAV62B14OHsjyfUM0bDWihFcOEm3oFsqNFIskNUA2ccVUIEEIDd1jmkJJRqz_CpL4aY5mPbaONRj2NTk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382086&pi=t.ma~as.9839216272&w=336&fwrn=3&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774225&bpp=5&bdt=110&idt=396&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=592089535&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=9272&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=182982000%2C31060840&oid=3&pvsid=2977816920370423&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.us4h5ogp8qus&btvi=1&fsb=1&dtd=413
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzE5NjY0MzU3MzY2NTI5MzIwMA%3D%3D&google_push=AQvitUJ5OCAm1csay3loAV62B14OHsjyfUM0bDWihFcOEm3oFsqNFIskNUA2ccVUIEEIDd1jmkJJRqz_CpL4aY5mPbaONRj2NTk
date
Thu, 20 May 2021 13:19:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame CD04 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KXLC6ZMsohVhBHEtRC9XnXz0K_mROD1dtyALuKlt_LUFo5Ejv7d6pHB3b2D1wnX9WbrF9R
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382086&pi=t.ma~as.9839216272&w=336&fwrn=3&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774225&bpp=5&bdt=110&idt=396&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=592089535&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=9272&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=182982000%2C31060840&oid=3&pvsid=2977816920370423&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.us4h5ogp8qus&btvi=1&fsb=1&dtd=413
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:36 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 5BD7 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b46c63400ba0334576d697fd78ddc26ca60d177cc78b05b3658292ba655f67a8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 4045 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer
https://ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:36 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
569
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
cf-request-id
0a2b878b6800004edf3011c000000001
last-modified
Thu, 08 May 2014 12:48:39 GMT
server
cloudflare
etag
"536b7d27-cbe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QC1EzfWb1naihcA09MhdiW5Sd%2FDvp0NwQF0GR%2FLEO0GpDn9NxCySAETkS2MS1Pjul1z3SvsQ%2FBGm6o67yrJWnJr8e06%2F6MsDTI1hHrBp7w1TennDw8vAdsTrCRqTnbIGHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
6525db8bd8e34edf-FRA
log_event
www.youtube.com/youtubei/v1/ Frame FE17 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/uozZOzXSBi4?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
X-YouTube-Client-Version
1.20210517.1.1
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtMUlNmXzdKQkp5MCjlw5mFBg%3D%3D
X-YouTube-Ad-Signals
dt=1621516773747&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C640%2C350&vis=1&wgl=true&ca_type=image&bid=ANyPxKpqOXgZDv5gCE5_HROpZmrc4uNs2zP8z0eUIdxJwo3gTUfj3OSrd5PJVH7D8L9LkU5FwSJokLD6MG8t8BdPc0IUPmVY0w

Response headers

date
Thu, 20 May 2021 13:19:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:36 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F383 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210517&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
afa2e2dd93902815a71f3a23ff1a688f6c89b711646da9d26ec57115167bfcb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 13:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8210
x-xss-protection
0
frame.html
ad4m.at/ Frame 854B 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad4m.at/ad/dr?ed=1gjkg324g3pre3zxrbqr58ph0gpa1jbzycn17v243fv7k28xzsbzerba7q7bdwxn1xq8t5k0e96jzbt5d0wjr0d7h1jk9b79qe1yj81v1ga7tej3wwa0x1pvr0qqsr33mvr9s1nz0fvs87exykgp8405gcxcxs0m26xf2j2dpkf0b0zye8xt065f80cfz9bc6y1k8qh3jb5dgzr8edqpczvgvqf5bzhxrg8j02g7z9dazr6jgdsj6hsh0m201d7yw1zebt33y6g5hqk38vfvawfbsbyrjsrm753rm13ytsevv325tk6fpbyajbsh2n1shbkm8x68sg8c090yem5dcyfe8ydxemcnk7tgn72k6aaty3e51mqpw08png8hy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXSaN52GmYKy2BLfVtOUP1cCh2AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvwFP0LxC7iD1UnLZ4o2Y7WHbVbcmHJkSNwSKtsl3qunN5WjctHCAUSlFU1XPLH4aKhn_dmT5Jb3ELrGW6JZZh1NOzML4VrNRWzQ6K7j-tqU0Hs31yboy-HRvDx_fJUGC68UJPnt6memJT8suiLelG-sZmQwMXwmLSvxtn2NafzBEXAuviLO4OBYVY8eOLQs7FXkOIKwf1AyyygpfwjE93FG667D2eMgQSOYR0XDsW9TnscX4DEkYKok7HMgnAaP5HoAG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2NxUavZpPNivuXHwF1vAXOczsnVg%26client%3Dca-pub-6379854420851476%26adurl%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad4m.at/ad/dr?ed=1gjkg324g3pre3zxrbqr58ph0gpa1jbzycn17v243fv7k28xzsbzerba7q7bdwxn1xq8t5k0e96jzbt5d0wjr0d7h1jk9b79qe1yj81v1ga7tej3wwa0x1pvr0qqsr33mvr9s1nz0fvs87exykgp8405gcxcxs0m26xf2j2dpkf0b0zye8xt065f80cfz9bc6y1k8qh3jb5dgzr8edqpczvgvqf5bzhxrg8j02g7z9dazr6jgdsj6hsh0m201d7yw1zebt33y6g5hqk38vfvawfbsbyrjsrm753rm13ytsevv325tk6fpbyajbsh2n1shbkm8x68sg8c090yem5dcyfe8ydxemcnk7tgn72k6aaty3e51mqpw08png8hy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXSaN52GmYKy2BLfVtOUP1cCh2AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvwFP0LxC7iD1UnLZ4o2Y7WHbVbcmHJkSNwSKtsl3qunN5WjctHCAUSlFU1XPLH4aKhn_dmT5Jb3ELrGW6JZZh1NOzML4VrNRWzQ6K7j-tqU0Hs31yboy-HRvDx_fJUGC68UJPnt6memJT8suiLelG-sZmQwMXwmLSvxtn2NafzBEXAuviLO4OBYVY8eOLQs7FXkOIKwf1AyyygpfwjE93FG667D2eMgQSOYR0XDsW9TnscX4DEkYKok7HMgnAaP5HoAG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2NxUavZpPNivuXHwF1vAXOczsnVg%26client%3Dca-pub-6379854420851476%26adurl%3D

Response headers

date
Thu, 20 May 2021 13:19:37 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Thu, 20 May 2021 14:19:37 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2391822
cache-control
public, max-age=3600
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
cf-request-id
0a2b878e1f00001f2d4309c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fBP9ONPVzrENwU6RMI1dwemhZReKhKGdv5aFHNqr1gEu2KAALsOkm5MQNaSx2FFv28SQL8NvWYBITgMYqikkL8Q4TvQi%2FQ7%2FbJ7T84YR29X11et9"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6525db9039af1f2d-FRA
content-encoding
br
visit.js
tps.doubleverify.com/ Frame A91B 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D4%40CC6%3A%405%40A%40G%40%5D4%40%3E%5D3CTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D4%40CC6%3A%405%40A%40G%40%5D4%40%3E%5D3CTar9EEADTbpTauTauacd2hg4gf%60273572_22f7%60bh5bah653a%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=1882&ddur=9&uid=1621516776447648&jsCallback=dvCallback_1621516776447694&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1378&tgjsver=1378&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=24&brh=2&dvp_epl=261&noc=16&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.correiodopovo.com.br/&errorURL=https://tps.doubleverify.com/visit.jpg&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0jZB6lo92cduQd2kJl6TN71&DVP_DBM_1=1861733&DVP_DBM_2=18245953&DVP_DBM_3=47028839&DVP_DBM_4=332552067&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=30617691154&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=25291369.453798078&dvp_tukv=1939582106.5859442&dvp_uuid=3025196.82495262&dvp_strhd=0.7800012826919556&dvpx_strhd=0.7800012826919556&dvp_tuid=316003551574&dvp_vcms=44&dvp_slmsd=241&dvp_vcmsd=285
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1378.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e917a397ab38a9f921fc4c9edc85efec8eff9896034d762898457e61d109a550

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:36 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
5/19/2021 1:19:37 PM
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F383 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:36 GMT
visit.js
tps.doubleverify.com/ Frame 1595 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D4%40CC6%3A%405%40A%40G%40%5D4%40%3E%5D3CTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D4%40CC6%3A%405%40A%40G%40%5D4%40%3E%5D3CTar9EEADTbpTauTauacd2hg4gf%60273572_22f7%60bh5bah653a%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=1882&ddur=9&uid=1621516776534875&jsCallback=dvCallback_1621516776534321&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=1378&tgjsver=1378&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=24&brh=2&dvp_epl=261&noc=16&ctx=13311291&cmp=10224936&sid=2641434&plc=280246103&crt=117573815&btreg=315865137&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=25291369.453798078&dvp_tukv=51755022269.91464&dvp_uuid=1381926523812.5344&dvp_strhd=0.3350004553794861&dvpx_strhd=0.3350004553794861&dvp_tuid=927657084626&dvp_vcms=10&dvp_slmsd=273&dvp_vcmsd=283
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1378.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
65fe793cb53125b1e7a64994c1611a5b172b14187daae2f13b3d69f652ac124d

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:36 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
5/19/2021 1:19:37 PM
sodar
pagead2.googlesyndication.com/getconfig/ Frame 475A 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210517&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cac9fabd6f802244da4a2c68c48005162433f6a89df5f315b137f3886e809b21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 13:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7762
x-xss-protection
0
frame.html
ad4mat.net/ Frame C8C2 		1 KB
949 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4mat.net/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964

Request headers

:method
GET
:authority
ad4mat.net
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:36 GMT
content-type
text/html
last-modified
Thu, 12 Apr 2018 07:50:15 GMT
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=86400
cf-cache-status
HIT
age
571
cf-request-id
0a2b878e2100004a858b8a6000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jgpKz9TJY9CZhnwDYNMdo4tmxKnffuvtAR%2FkqX%2FhP8uKcOyZM1wiukTcZsW8vypxyvaGCl2VE%2BaQwERq0mP8PM%2FcpnmpRqn3LT0Qy4x1Tc%2Fe0qtySCmp"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6525db903f764a85-FRA
content-encoding
br
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0E66 		10 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210517&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f1acbff229c00a2ef2e12fbdb8277152bb49e5027973e39b14bd22f66a180762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 13:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7656
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame AEFC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2_KP5mGmYPTfEM2KjuwPgNC_qAcAAAAAOAHgBAI&bg=!4eKl4qbNAAZ7hX_Ue4U7ACkAdvg8WrXJwgyYJHUV5qUjKyd1d5i5Cbuzb6WiCYCdvcY0P1OV_qcjeAIAAAPAUgAAAHtoAQcKANqSGEmhXYgoBqZn7MolC8nYxqrPvbyDcWJ4KMbQAVIaJgEmGEf6Ke2TahY488kw40p7FKKRW-dOwKRjYRiLi4PK-4GmAxIDEgXTVLpufIbHJyjsHYT2MQYMWWePJHYJPSOVFF1mQMr-xkcWHNW4gZMv98-J9qTYv5eoLkKn6ZHOZoyDOcdmhGN9CEaIo-SNfCXfs4HbiINV6i_CPOGoL6_CnfcQhnPqMsmU-0NQiXs0oXmF0EPZ0HiD4Thd0_htzDddby9vP7LSBY_6y7jPH8IwoRvD54ReqRE16pkCqgjUfrkpteTq_sOeaX-dp73_mOhutAJeNauSZXe1nkrpXXHa3OFPZdKr-LSohKbesyk3K7rN5lIXZ6i23Ursva13Rb3fPdRzuJhpYeZLjQn7jQlV2_SfqyWGZdZS91z0jr4_wBa6C0vOb2wpUgXh0NGBFUoLeIgpvhSjHSmgT1d8T_fKRWdT43OmKMlODjCSjk_WkLmtX0ObntrSCaZEbOCCEksfMWRjf9Qf7sOOyCp9zBnpq_ObbGQFq0CcCR3ETFG2VpXFlo-wvuEjzu1wJ3AxBcUdfMQ_hLYG4SmTcokV8g0PSHiMU3z554F8PN_BM9H98zCH6ntDhbx0y6uD_rdOFFusuMWZybDhizYkcz9CjPySgODWt1Tv-qozeO2uu84LF0WeDv2fXmhTIAzVLSj5iQ3cwigQYzmk-hl2LSKv_2dLnsRUBV48bhmzQaIChmyK7ClEk1GeoV0hJRbqojaVe6QrquHTf87o6MUT127KLZjDroHdfQt1nxppBB_BMIbcdiKCh0hYsyAZ_4UOyFjjQ3BNkmHaKKfCQtzUQ3fDgurFn72QV5iXOq4ok3jW2KV1K7j5NqICBVGo-YYIMbLzFg4Z7rUo3pnR8Q4Gb10CN6X9GT71OLhg8DIfuoPH8HKOy4L0EWDJ2fZ0i1YhuMdeqR09f4U6iV4sOxjEKv3kTCyKAYfAtLyvb5fwosRuiha73SUBPGFQ_5aBNpSiabFuglgUIYahAOWSUj7DMbdHzYDfVTPZxNsDxizIpZIFmHy9lX5PkCkN0q9MrfJs-L7X8neenzh-ywYda0n3wFqVrSNIFC23WwQvcvpNhrOSTT_CW8wAvAFBeL7HdvJKbVJppSvhwAWOynIasc3idWrY086Ng7uRjLNhYeIGHur00ljekCGIO5J-rmc
Requested by
Host: 245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
URL: https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js
pagead2.googlesyndication.com/bg/ Frame 7B3F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iqM-SLf9DiRkdYr6mfBBlocjM-gQZqw7kKSrrObPMLw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa33e48b7fd0e2464758afa99f04196872333e81066ac3b90a4abace6cf30bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 06:49:50 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:08:00 GMT
server
sffe
age
23386
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5784
x-xss-protection
0
expires
Fri, 20 May 2022 06:49:50 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 464A 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381805&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621516774232&bpp=4&bdt=111&idt=316&shv=r20210517&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3Dbc7a330b878a369f-228fe6db1ac8004b%3AT%3D1621516773%3AS%3DALNI_MaoLn02g6NrTi4MjF15dtKEUILKnQ&correlator=2101811417430&rume=1&frm=23&ife=5&pv=1&ga_vid=1256743437.1621516772&ga_sid=1621516775&ga_hid=1844063362&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8764&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=31060945%2C21066613%2C21066615&oid=3&pvsid=4495768851889684&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d3y0sc9dpyeu&btvi=1&fsb=1&dtd=335
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
39d26fa66a5793471f07832b26d49f23b79200c18eea532a805f3296001f7c09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 12:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1349
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20934
x-xss-protection
0
server
cafe
etag
9203992620104793704
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 20 May 2021 13:57:07 GMT
frame.html
ad4mat.net/ Frame 2A71 		1 KB
944 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4mat.net/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964

Request headers

:method
GET
:authority
ad4mat.net
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:37 GMT
content-type
text/html
last-modified
Thu, 12 Apr 2018 07:50:15 GMT
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=86400
cf-cache-status
HIT
age
572
cf-request-id
0a2b878e2300004a8575313000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jMMC80AfwuAB1CFqRoxNKFwJROMONcERblteqMpO7Jw7YDFd0TXa7TNu2NkwjQp8B4mqWomAVssRx7pLNfW7%2FUyTiMeup9EaGZrwDaO55PDgjhMPzQU8"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6525db903f7a4a85-FRA
content-encoding
br
frame.html
ad4mat.net/ Frame FA21 		1 KB
920 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4mat.net/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964

Request headers

:method
GET
:authority
ad4mat.net
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:37 GMT
content-type
text/html
last-modified
Thu, 12 Apr 2018 07:50:15 GMT
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=86400
cf-cache-status
HIT
age
572
cf-request-id
0a2b878e2600004a85779af000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZpU65QAImowTwnVp8JvaWlfF9UKrzy5cvhWyn4tWCTewphAzuwPd%2BOJ7DW5KjjzC1uGqIW58FEp9a0b6RGJKzF7D8PBAxQYEaW2BRGecj%2F3BZpB%2BaKmP"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6525db903f7d4a85-FRA
content-encoding
br
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F59 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrRcF5mGmYLyxEJaPrASV4JG4AgAAAAA4AeAEAg&bg=!VFelVxPNAAZ7hX_Ue4U7ACkAdvg8WsjRNF4cfAd8GEWnF-85uy5Zf-cJv_-xV3Etj7b4CZ8TAug-aQIAAAOfUgAAAFhoAQeZApIirgxLOnmFQ5NCB_ObItvsXcaokK6NOieSe5Ks6SjKgRg8tQr0DxadQjZDkIjBD_9PzQNFmhaL9JZCOE-5Cs21VOBU8eiTTnUNE1eQD6mi1tEyjEFLx4OZLqWiBxx2MP1nwF-H2HQkACLrwEa3j19vv-d7S3r28SG9Y1to5I6E_54-8DrWYFz9FJPPZP6RaolX0gb4iwfSkr65AJSTZPu3FXJGUraCcHc0-wly_ty2tfsgWTlp2kAW9Zri-ljZ9e06w7kdIJFbBfi6a1mLjm7jWGAWhsNO3GkrTAtjO-hYgVTZth0LopaW9PD2A0iXoSCEeIw9Y_adx2GPY9g0pfv-HKzHxMK8X6OLeOstCbrNhoheDmf-BOklIJFiuVOBRKpRQcLQNrGrqHMx9m8NMIDYtnGubv3TJlTwESUn8Aw1x58sNdDA5V_EJl1KvUOZa2Ynqtrkv9ykVVUUBfVZaPIkrZllrzTMdmLN9elYm-XvxEt7N3CYw2xF94vqWFU-Nd3I2u4D-E9wW84nuPzT9PELpJ5mhoNwfgAW_M9-qFBI4zM0SxlagGs6YuxIkX7sLLTBoCPXfUou2UM3dSvYdlEK7tvZCMI8yeAK3h1THg2ckjW5BeWasj02RL4WUGBb-EhrG79F62YYGGTjoQhDNbFx4Qokml6UhZTl6zdrO0YNubog9lY0Jw7pnKGy3KlSrsU8m0hl9FX6FaJ2lYaLHoqqOSFBq231ldZ9wRiUwcnnygqheWz7JsqYUA9EXWjYlSjfHyh5u9A8hurSGp-B28pg9d_knIrvWKVVbR24hly78g_tTsM1LnqHXuj5SSwEMGf-Alf1VtbOg2jfcZDeRF3xxo8RvPVho6CeF1hAyQ9otU0A
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A25E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_izl5mGmYNHcELGDlQfJsbaYBAAAAAA4AeAEAg&bg=!MDOlM3fNAAZ7hX_Ue4U7ACkAdvg8WiR5cYc1FohSljgfXT6I4eNZIX-FMUnlCbqXp2iN5UQLcGFn3QIAAAODUgAAAFdoAQeZAqtP1d9OUZy62KIi38omF_SDrybtWHtJFORCa2aqzCmyRF7ihrL4X9CbxKFLCYqXEdCT56LboJCkUsctZ96i0vmkdf4nUxb9-GOu2mR5AzpMB8L3wO-lNo7qMsqeeZTDGzzW9f67WEJazQt1zdx5Yw9ETgMN2evg0S_V1q8tdBqWrRQaoSkqAmXqn6KUJ62GArF2R6JNYxXUYim3tS42pIeeKlgyetxf6gHgtThV5yi4AmMhcuKrNs6x6l4IQkcxItwOJEqMkD7bMkfFdBOu382eO0DoAKNs9m0eQNK6KSdCfMQrqCqnPNRbtfG1hmgF-BrUTxv-QSs5of6pLoXrMQTuT9an3B6515Fn_9FG4Gia2if6R9vVapkbv5KBjp9AcoqR0seOhKs0NP21BdgZjDWWEh9HVxX7C3f9xDJpmJiuWRX87bB9EkIi-FaKRFaJusDPy7xo_D968EJrGjNs5LwHOfWD_apOS5Td26d3uybmEW793gMmWIbRvxz-jQNWHPOhlsubIo0GU_GEd9L_NXx4yVQunNBjE2N1FnF9qGL0XHmPlC8awgEgD9DUj_SL_PITRcx6JS4ta1ThOYYICtHYOXsghJ4kuTCnXXtDbNQuZr9rujHRvT993ULlEBCCA38cn8POl1CU5Nr7eWHhP1wsGCPjENJRAlTtA47m7S_7L91P6SmFTaGFyGofywk0Q5L2WW02gKwpkIvDDQesrjTL45toqtR5ziEybJaOPRyroVWVpeXDD7-kHOLznqvlk7mKEfTDrA1-mwi4ne-99yVguJmKZPHECs3obozWNcf0vYYIaFe8aG8VCpS1A-snqKkwB7Ab7YB6NdLBGaUJ9J1sO6kzcbGZHKYIff-EjzN8yDSztrDb3SPMcjPStVxqpDMpoJlAbhC7kePX9g
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F4D5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMLKy5mGmYNvHEtar3gPHwYIYAAAAADgB4AQC&bg=!JySlJGDNAAZ7hX_Ue4U7ACkAdvg8WhoQTuawAkYX5Cb1bRecesjKIeHL6gjAoulY7gqnKPzh4p6RZwIAAAPNUgAAAC1oAQcKAIAqh_yL3rUJteESqLvvSyzhCvcMw1-NWjIqaSltJ2Bs-CtKOFkS2-SMROangt5WHQw9liGaj7FxIDIdsSeojAqL2EOZ7mJvClwvP56Du_TJNoX96WwzeXRUledX_D8pfYqbcwhQGmKhQyRZEnAwRG0AAMgSqZgWfKydHhrlEkv5VpkCnoIMM0oYsflHPfYGHAJCcMdGrm33WcwVHazpY4DeNOrJVcIzxU5axjO5QAzmyhZrndC5fDTBt09PT_08sXqvcE19yX8iGoAGMcdZ0Jzspw3SOP68uXWq6lpDGiPoEBzCxe98lgAIHU03HHKlfC-Wr1X8JiiRxRNn6nAVeUkVaLB9fEgux89x0kSnNOl-5POz7vD8B9A6K11RW5JgAXnxw-D8r3yM6OKVJBAYMrM4PqGTGAS0OqCEuV8NPgTEMrxoLKi2hVWu-j1pVVlbu0RNNMtmsqJt-oXSdLlGwh7a9WZOsBj3wtPFXqRTmc1g0nmBOclM9Ned7cHIl0c6sVubjTuboiJUhqD5JWKfVwmlH3xjHixEkLZUw3v2vU74CFpwlE8RO7by26OBMSMnWxZxuEdAon1_e5oAY9VM8oJudFoJ7IUvuWpXv3c0CHOMCPrq5BkrzRZCqSWaIPvBcT-kyXFzGCrs13lkZENq5XYkY8H4xFyv7LnJCMOMHTTvc6Mb3_Xr7_5KttzBKcJtk58GmDM3m-3YbwDvonQTAWx1ebGEJ5RwctjqwrQGh5xwxumhIVtAFowsHBbr_miQ6D0HdMHhrzIFr8pta4ovT_rA6qa_rhHQTZSe_rniX9ff8C2JyQA1MgtlMVUDQmGihpZN3yC_ibtvDO1qjFA8JbgjgQ8e44vLIVhSA6puUOcEDCYzDrwqV2TvkFGlwYA7tFCsrkOyuZBowR6PmmFUwA29y8x91apFN4Pd55mNgvwFzo7mzOeGTE6nar3Ako2nDFNYjJLy8GGoj4u8qnJ4hquazzefldpPrW-RX4Z8gtOgZPuRgugQv0Gt4bah9oHfa-Lk1XFRqUxAetXekUMNRWJwgIoYs2Z6eLMuYnpai1_oHD4
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 475A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:37 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0E66 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:37 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 77E6 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 20 May 2021 13:18:59 GMT
expires
Fri, 20 May 2022 13:18:59 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
38
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
csi
csi.gstatic.com/ Frame 464A 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kowx80oa&chm=1&ctx=2&gqid=5mGmYJ--Oa6xtOUPspaksAE&qqid=CMz3-Nqs2PACFZsRrQYdYT4Kug&met.4=fb.3~lb.5o~cmrload.bv~ol.vh~bdt.-13z~bpp.-10s~idt.-s4~dtd.-rl~dt.-10w&met.3=735.9q_1~113.15v_4~112.15u_5&met.1=1.kowx7zig~14.0~15.0~16.0~17.0~18.0~19.0~20.0~21.0&met.7=CCEQBBgBIAQoBDAxOC5oBHAxeBGwAQG4AQM~CBsQBCAEOBI~CBsQBSAFOCA~CBwQChgBIAUoBTAMOAdoBXALeLIKgAGXCogB0ROwAQG4AQM~CBwQBRgBIAYoBjAOOAloB3AOeO0FgAHUBYgBlgmwAQG4AQM~CCoQChgBIAYoBjAZOBM~CBwQChgBIAYoBjANOAdoB3AMeJAsgAH1K4gB-mWwAQG4AQM~CCgQChgBII4JKI4JMNwJOE1ojwlw1wl4yqQBgAHGowGIAZWxA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:402::78 Sewanee, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame C660 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 20 May 2021 13:18:59 GMT
expires
Fri, 20 May 2022 13:18:59 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
38
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 626A 		783 B
530 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
81d048ee35d78885f47c7812da0dad2fcac3d5dacd96c33e66e9b5720f8726d0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tQ3/Zn/lnKwtk5XdkT6/rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

expires
Thu, 20 May 2021 13:19:37 GMT
date
Thu, 20 May 2021 13:19:37 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-tQ3/Zn/lnKwtk5XdkT6/rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 9447 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 20 May 2021 13:18:59 GMT
expires
Fri, 20 May 2022 13:18:59 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
38
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame A418 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
aa258e219c8bf5751afcfe73c1b88e29aa336aae2495ce4d9f5ce2097b4951a4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9PeIHyZ8QHXkxh+MYx8khQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

expires
Thu, 20 May 2021 13:19:37 GMT
date
Thu, 20 May 2021 13:19:37 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-9PeIHyZ8QHXkxh+MYx8khQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ac
www5.smartadserver.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=31545&async=1&visit=m&tmstp=2216440575&tag=sas_31545&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
4be684be0cbd259eb324512dd2ca44145e01bcc944eeae2155ba731be8886727

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:36 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b22%3b116
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i
10181673
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
sodar
pagead2.googlesyndication.com/getconfig/ Frame A356 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210517&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d86ab98d72507329a569234e06f680d4c24d6174388faf8ab2c7b9c6102f5e8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 13:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7688
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 5BD7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWXk8OLwgY7n-TEydCjm6EkFso4LTnqzddm-AKxa9K7mJhXpYw_XOyvzrZQqYrLhseLkD7xBKxYzgYD9rwgWk&sig=Cg0ArKJSzGWXa8zRACAPEAE&id=lidar2&mcvt=1049&p=0,0,90,728&mtos=1049,1049,1049,1049,1049&tos=1049,0,0,0,0&v=20210519&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=3217452924&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5BD7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsseStiCXsSaXpFi4UmFOz6p87cx4Jp7NftikbcZT_0JgzWezb4tQDBTj-dglaoFuDFQ116QZDD0E4cIVtb040lBKPChjjmj39M4bKOlnqT0Vf4keAO2VQLCmghS-w&sai=AMfl-YSZaHxcwIuYnB05wf0P4GXwB6YKn5zOBO54_GzLS37qUQDZNXV3QypnRpqETM-jliBfhH51tZq1dpPKT7NB-8DZaUSLWG70mzvRzFL5kTorb0wJZs0tMaKyDP76bsfR&sig=Cg0ArKJSzPw5XgbG2Xg7EAE&cid=CAASPeRo3g8jddz4zEhOwyNZAL1LxL1s2fzzBLArwmpa13eV-VCPqXO6YwfBObxyrAezzpkF3DU3rwcHti9GjC8&id=lidar2&mcvt=1052&p=1110,436,1204,1164&mtos=0,1052,1052,1052,1052&tos=0,1052,0,0,0&v=20210519&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=1743014972&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621516774046&dlt=87&rpt=0&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A356 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:37 GMT
bsevent.gif
tps20511.doubleverify.com/ Frame 5BD7 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps20511.doubleverify.com/bsevent.gif?impid=1352d7f2114b4f1db6cf92bc004620cc&pltfrm=Linux%20x86_64&cbust=1621516777442139
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:37 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=0
Content-Length
860
Expires
5/19/2021 1:19:37 PM
CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
pagead2.googlesyndication.com/bg/ Frame 77E6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 09:49:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:08:00 GMT
server
sffe
age
12627
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
expires
Fri, 20 May 2022 09:49:10 GMT
frame.html
ad4mat.net/ Frame 2EC1 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4mat.net/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964

Request headers

:method
GET
:authority
ad4mat.net
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:37 GMT
content-type
text/html
last-modified
Thu, 12 Apr 2018 07:50:15 GMT
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=86400
cf-cache-status
HIT
age
572
cf-request-id
0a2b87900200004edf69131000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GCCBM92TyJEPtuAArtRUct9D4SOXfUyKCXaSn9gi1PENkM3Bv4rrMw8HnUrxo3mUZZe3s3VpRP%2FAlidd71rz%2Fobhx029MZTu2eQfmRw5FqarOmVfTHLP"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6525db933df84edf-FRA
content-encoding
br
AL002221-BANNER-CORREIO-DO-POVO-970-x-250ox_(1)_f440cfd7-3a90-4555-895d-b458a1b52e9d.gif
creatives.sascdn.com/diff/1320/10181673/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/diff/1320/10181673/AL002221-BANNER-CORREIO-DO-POVO-970-x-250ox_(1)_f440cfd7-3a90-4555-895d-b458a1b52e9d.gif
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ee668ae90a3edf6f9b16833ea1025f3d7c10bb88e69417a6690325a8cd0c60a1

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 13:19:37 GMT
Last-Modified
Thu, 13 May 2021 15:14:13 GMT
Server
AkamaiNetStorage
ETag
"d2503969c28240a40d053068f5478c9b:1620918853.274513"
Content-Type
image/gif
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35931
Expires
Fri, 20 May 2022 13:19:37 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 76AB 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 20 May 2021 13:18:59 GMT
expires
Fri, 20 May 2022 13:18:59 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
38
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame E5EB 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d3731214648827ccda1150b21e10f5ff1815e0371cf902546b1f78a535e3e4ed
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-51w2SS2ZUuy5UTK4cMWkeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

expires
Thu, 20 May 2021 13:19:37 GMT
date
Thu, 20 May 2021 13:19:37 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-51w2SS2ZUuy5UTK4cMWkeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
pagead2.googlesyndication.com/bg/ Frame C660 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 09:49:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:08:00 GMT
server
sffe
age
12627
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
expires
Fri, 20 May 2022 09:49:10 GMT
CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
pagead2.googlesyndication.com/bg/ Frame 9447 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 09:49:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:08:00 GMT
server
sffe
age
12627
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
expires
Fri, 20 May 2022 09:49:10 GMT
CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
pagead2.googlesyndication.com/bg/ Frame 76AB 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 09:49:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:08:00 GMT
server
sffe
age
12628
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
expires
Fri, 20 May 2022 09:49:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B3F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BROO-52GmYJKvLf_I7_UPou6isAUAAAAAOAHgBAI&bg=!CgmlCU3NAAZ7hX_Ue4U7ACkAdvg8WmvKGDFyGCA_LXFSFjgf5yFAG7Z_o_pCIrQnsfWybcNVx73pswIAAATqUgAAAK1oAQcKAK2d3LTx2_kFWfNvBvU_7rwSxzBNVS-vSyYTugYRfFNXM-ibylhd9hRXsILc59ICTD3ivrUYBlHeMwcpRoSyKjGCcn7pLpsIanis9W51_vwY0vkv3LMSpXsCl0Z2NBczJ1aFtHRPaxiaOhzk-3ZU6Qt5UpdkQDSs1DSkjj_D-hMMOeJG49aQ1cgsHN3OeRT5uq00SBpYHqZGrK0aMgx4cnRyMQgUp7yVnzD1LKaaZ5kCl8QT4mGr7UwbtegLbIzgjevTkhHxTv_aYUnK0-Ce131M3uElMvO3Jav1VohGQaBBVopKmxooHvsJg0PHo2kOVLnQXLkVDRMGQAG5UFJMK6EgtFjgjgHMok9snNyucexI3972zbitrTBh2-JDrXqN3SIjNMvHOM8qTvmCFzt27lMppeh9EX2PsfZp8SDzgFgfSUkbHyYzbckPMqfxiAtmnhQvJKilSHzyAoh41hpDSWiM0khYIBY4-R1QhgHdAEwKzoRAL49G5j9IhDJ6gUTh8Yb4Isd453GKOI4o7xAYIoO1PDX8wSR4L5VvOv9aY0r7bz2P8CCgXWg5bs4KL-TLDi4MWUtis8tYXSDJYzpMQOeXkHMq3_7FB7Z8NzATP6KCutt9xpXcD8S8avAA6yUeg2g-3LS7C-G1jvF50STQymPrZvug4wXIA7cQyRgAkQBYD7PZedzXhumY0IJUQ4mQgnsT186zJanBb6llD5WwlAqGzOJkH7UmLm4jgMy26gZLEqUraW5wAPPuswSkU_xaeWs82pOB0TMlvU4eejKKbKwS_xwCF-Fmr_QXN9KBcyELvZU_JLBqDkeaYpQN5nZU6EwXHFHQ6CseZW1QnLdyh-uSE6bQ0dAGEy8s69bvH83F1ITmSKNWLxRY-eY3JO2ijnIuWWzIsn6nb0SCrZsB5xqlKTwUgZ3sTx0PeSou3zCtoUvO4rAKsKS8Ul5JxVNqIwZzuFQlsyB_7jvTaHP5p0KWH0U3_EpMtExdZQcGlAO2-rkPkTMcnafwAL510ZakNkAbEFM6BH_1ztkvsxGHY8lFyKnkKIQ5qRVfnfGZME0YvocysnP0Op1muCTDrqLz7-vqkKGIZ1xjrI75dXeKxFa0t5aWhHBIlA
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
action
www5.smartadserver.com/track/ 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www5.smartadserver.com/track/action?sid=1621516777482&pid=541023&iid=10181673&cid=26773146&key=viewcount&ts=1621516777482
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:37 GMT
transfer-encoding
chunked
content-type
image/gif
coronavirus.png
vacina.saude.rs.gov.br/img/ Frame D6C4 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vacina.saude.rs.gov.br/img/coronavirus.png
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
95d722457b6b19c9b2248849d162602edaf41b594c82e44e6f6a316ba4d3d294

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:38 GMT
last-modified
Mon, 16 Mar 2020 17:04:11 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"15dfd-5a0fbcee37b55"
content-type
image/png
accept-ranges
bytes
content-length
89597
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5292 		10 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210517&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3fdf8c93dbee14684faf70411833e92b9a084331f198cd5539ac2c6633283993
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 13:19:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7645
x-xss-protection
0
jquery.min.js
vacina.saude.rs.gov.br/vendor/jquery/ Frame D6C4 		86 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/jquery/jquery.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:38 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 17:58:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"15851-592af5a54eb00"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
39406
bootstrap.bundle.min.js
vacina.saude.rs.gov.br/vendor/bootstrap/js/ Frame D6C4 		77 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/bootstrap/js/bootstrap.bundle.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:38 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 17:58:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"1332b-592af5a54eb00"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
30152
jquery.easing.min.js
vacina.saude.rs.gov.br/vendor/jquery-easing/ Frame D6C4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/jquery-easing/jquery.easing.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:38 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 17:58:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"9e4-592af5a54eb00"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1070
sb-admin-2.js
vacina.saude.rs.gov.br/js/ Frame D6C4 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/js/sb-admin-2.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
6e7d6826010c47f64438945a78cec8f26c51ab8981451c0fae14edd66b0b746a

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:38 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 17:58:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"5d4-592af5a54eb00"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
822
Chart.min.js
vacina.saude.rs.gov.br/vendor/Chart.js-2.9.4/dist/ Frame D6C4 		169 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/Chart.js-2.9.4/dist/Chart.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
b7d5093eb11205e1b6a2329321c14b3c617b9c78b6bc473b7f90362a91ff5015

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:38 GMT
content-encoding
gzip
last-modified
Mon, 19 Oct 2020 12:22:11 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"2a415-5b20529e4e2c0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
utils.js
vacina.saude.rs.gov.br/vendor/Chart.js-2.9.4/samples/ Frame D6C4 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/Chart.js-2.9.4/samples/utils.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
0f2aa0b48a55e5bada7d08c3a536a9c3d33cf0b4a6cd600a9b3a9aa743dd9ff1

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:38 GMT
content-encoding
gzip
last-modified
Mon, 19 Oct 2020 12:22:11 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"cf6-5b20529e4e2c0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1712
chartjs-plugin-datalabels@0.7.0
cdn.jsdelivr.net/npm/ Frame D6C4 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/chartjs-plugin-datalabels@0.7.0
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
de449772271eceedac2a492a41a7bf860b29402fadeb390e034ad2ed0b654b21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
7302485
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
5360
etag
W/"330e-MyjMkC7/nYxBFRP/V6SaLPi/qfE"
x-served-by
cache-fra19132-FRA, cache-hhn4080-HHN
date
Thu, 20 May 2021 13:19:39 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.dataTables.min.js
vacina.saude.rs.gov.br/vendor/datatables/ Frame D6C4 		80 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/datatables/jquery.dataTables.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
169e713c2496498336d93532630b4b80fdb9db45d0a090624d155a5c7853371e

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:38 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 17:58:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"141eb-592af5a54eb00"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
35900
dataTables.buttons.min.js
cdn.datatables.net/buttons/1.6.1/js/ Frame D6C4 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/buttons/1.6.1/js/dataTables.buttons.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2450475d377d43989a135a393b7eb9bb31daf1e7dca01a27b854497c46f2adf3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:39 GMT
content-encoding
gzip
vary
Accept-Encoding,User-Agent
cf-cache-status
HIT
age
2924161
content-length
6431
cf-request-id
0a2b87963800004eaf4926f000000001
last-modified
Fri, 09 Apr 2021 09:40:07 GMT
server
cloudflare
etag
"11209f0-4c4c-5bf86f30573cc-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6525db9d19934eaf-FRA
access-control-allow-headers
origin, x-requested-with, content-type
expires
Sat, 16 Apr 2022 17:03:38 GMT
buttons.flash.min.js
cdn.datatables.net/buttons/1.6.1/js/ Frame D6C4 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/buttons/1.6.1/js/buttons.flash.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1184674c137c8212dcc1bf6763a147d317e94e4b004bfab579121116d3223ebf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:39 GMT
content-encoding
gzip
vary
Accept-Encoding,User-Agent
cf-cache-status
HIT
age
2393510
content-length
6819
cf-request-id
0a2b87963800004eaf9a2df000000001
last-modified
Fri, 09 Apr 2021 09:40:07 GMT
server
cloudflare
etag
"11220fa-6677-5bf86f3056fe4-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6525db9d19b64eaf-FRA
access-control-allow-headers
origin, x-requested-with, content-type
expires
Fri, 22 Apr 2022 20:27:49 GMT
jszip.min.js
cdnjs.cloudflare.com/ajax/libs/jszip/3.1.3/ Frame D6C4 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jszip/3.1.3/jszip.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45b3ffadbc785de6091fa798527891eb7264e4d115e3c1a37acb60e3d70d4966
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5052862
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26506
cf-request-id
0a2b87961d0000c2725b333000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ecf-18e33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bCVF9sNIWHr%2FZOH4WZ1x%2Fs50QpoIpOEfCuVWDxCt8YGkH8yT%2FCtHXjIEACqwhVYEbn9Rvlbu1N7vKlppU%2BIEbIAgF4W1BbqPOE30FXwRySzZKy%2FKXkkkhlHqIEY54pwzKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6525db9cfb13c272-FRA
expires
Tue, 10 May 2022 13:19:39 GMT
pdfmake.min.js
cdnjs.cloudflare.com/ajax/libs/pdfmake/0.1.53/ Frame D6C4 		1 MB
337 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.1.53/pdfmake.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e89f9845fc2a935c837dcd7089a59af09cde8ffdbf1866dfff621152fc74690
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5050699
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
344327
cf-request-id
0a2b8796280000c272a79fb000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f87-10af19"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4EB8t8cApPBEZRJR12MDD8CiE6t3Y%2FUy7%2Bt%2FuyfrVt%2FUsOpyKNA62hZk%2B1HtAFVr8SNQBioT6ZtniBa3e1kTccJKib3lEL6MI%2FVV%2BUUrPfgis7nd9h2EIISs4Zcf1TKsZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6525db9d0b36c272-FRA
expires
Tue, 10 May 2022 13:19:39 GMT
vfs_fonts.js
cdnjs.cloudflare.com/ajax/libs/pdfmake/0.1.53/ Frame D6C4 		905 KB
309 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.1.53/vfs_fonts.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52c6021ddc04c53bbd71907e42070e90dcd4093c1e5ebe5c35f465000b4894f6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5041192
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
315755
cf-request-id
0a2b879630000005ccd785e000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f87-e2214"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U9hEIPJye8%2FFCDJbRDiTCVf1G9S25sUy1ZIJvzqedv3q7bPnei7xWkWpHbOFM803Bc5vZoP%2FBrxCslYJowbSNC5h6qqClNMOIJO1udsiP6i3xK6W5d2LbSI1aZozRBkh5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6525db9d1a7505cc-FRA
expires
Tue, 10 May 2022 13:19:39 GMT
buttons.html5.min.js
cdn.datatables.net/buttons/1.6.1/js/ Frame D6C4 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/buttons/1.6.1/js/buttons.html5.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fcbf36a2bdfad4e9007f83c3f3b5d549692d6f079f1156a65fea99a57ef9af0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:39 GMT
content-encoding
gzip
vary
Accept-Encoding,User-Agent
cf-cache-status
HIT
age
3045830
content-length
6608
cf-request-id
0a2b87963800004eaf800ca000000001
last-modified
Fri, 09 Apr 2021 09:40:07 GMT
server
cloudflare
etag
"1122102-60be-5bf86f3056fe4-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6525db9d19b84eaf-FRA
access-control-allow-headers
origin, x-requested-with, content-type
expires
Fri, 15 Apr 2022 07:15:48 GMT
buttons.print.min.js
cdn.datatables.net/buttons/1.6.1/js/ Frame D6C4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/buttons/1.6.1/js/buttons.print.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5c38989ba7e43503bb4fc3d070653f93347a2eb6d84b8cc0ef09c79b8ebb861
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:39 GMT
content-encoding
gzip
vary
Accept-Encoding,User-Agent
cf-cache-status
HIT
age
2922062
content-length
1160
cf-request-id
0a2b87965300004eaf2493d000000001
last-modified
Fri, 09 Apr 2021 09:40:07 GMT
server
cloudflare
etag
"1122101-8fe-5bf86f30573cc-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6525db9d4a1f4eaf-FRA
access-control-allow-headers
origin, x-requested-with, content-type
expires
Sat, 16 Apr 2022 17:38:37 GMT
dataTables.bootstrap4.min.js
vacina.saude.rs.gov.br/vendor/datatables/ Frame D6C4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/datatables/dataTables.bootstrap4.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
3fbf7c3785635c11806b2ed111106a8a570f83cafa2a642226510bca6ef4c47b

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:38 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 17:58:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"825-592af5a54eb00"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1369
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ Frame D6C4 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1275056
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6451
cf-request-id
0a2b879651000005cce4b4b000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4f71"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lVSWb7Yh7Z2YeaC3UgS5rToHwiBSEhF3%2BtrWTqkwr%2FHKWhKZx8qycEG%2BvV2pztrP1f%2FaM1KX9TWQ9cVxWV337btxFOIMJ9%2Bd170Gb70COMh%2FZZjs0LHKMcCeitZNU7cDfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6525db9d4ae405cc-FRA
expires
Tue, 10 May 2022 13:19:39 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5292 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:39 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F383 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210517&jk=2379931329817778&bg=!xMelx4PNAAZ7hX_Ue4U7ACkAdvg8Wrpej3LvwTuhayiak8vXc9U6tWXdPdS09rEOLWYv_kwfqSnwUgIAAAS1UgAAAHpoAQcKALpox-4ql6K1xMZ96mNk-UXD7565f5Rz75WcC_LqSrXioLdTk4IccqgHVUJ4jJimTtjnB28IDHjy7H1NMmR0QsnjbUT8-AeOrICG7nGWJKRoDLgqaU0OaGEqjAHZVDZIuIdUCZKWhTVPnjhA7UOQ46WTpjqTY0qWUlxPp7ydCGazkkbcJExARnDkhMVJjvCNuYW-JcQvy7cBZ4qsYPxpGebE3j24DYCEvB6FmGzhPnlYswdjjCTA2o-BDtqZAm0SuIb1ExBUL4IvtX3Uof1VxneZ4pNE7LfH2CMQoOFqzieNfl6sr0_yrzR4pJbVGkK6r9cEBi65EGgSSZreJoE6cemg6o2Cv2FxGlAtnO0QWGDYt0PVbmJ3VbZWjYMACIk-mKvhK7jpF1_bsr6F3v_R6w3QbK_A2mlxABXGKbfTS7NpnYaLMKZw-nNiot2WLToVk3gDF9N8wUn01uxRH53j0KMBkM1ArC1sSawUkMMRkIZbFyXYXB4_qIHX_NtuYkYduqTl4zpBj28ZW2eMxIAhgGMLGjDv-BXOC5WsS-CZ1Bm8uE-VLPAyPgZ9j1iooh9ywQvjHVADVJ0xLjlue1JCiQSLyCD2sPUwZBOr_JInCsjo97uT86raWQeqPl2R_zn3n4Wd3WaaQ0Ngd3trFwNayKW9xA6NKpMUrkqgIKv471hQp6oC8HuhK_yaqHEuUVDycafj0QTASLiRx44VkWl3eSJQKG7dOWOiLvTRzIsYG6DCYjH4RcB5NnrkprzEUa4sT2vV9z4mmrBgDU5qQeu55e_GybL98FrRHgnoxcdi0vnJcA2lxI1BARaxvDjDk_OinLeaMrGq1M7weWgiBfbJZgsS5F0pp-xlV-OgL65zDthkrA5RqUfHRGjOG-13qVW1pb6TpvWywYmCAwNtygbO8lM8GzEoAeXw8_IXf165AtVZ-kxdjHpRmAfty2ATcrOSwpLn1UfsgvK1yARz4YWSgLWRYz-aon1pYdj3B22zlkLOK6CkWePOJSQVfagMGXU5iLDHztHnYXOvhuAqasDcSyM8yzxDqTs8-SYXBQtxtM95OPhu8vcaI8WB-4Y
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 45E8 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 20 May 2021 13:18:59 GMT
expires
Fri, 20 May 2022 13:18:59 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
40
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E66 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210517&jk=4495768851889684&bg=!zc6lzorNAAZ7hX_Ue4U7ACkAdvg8WtEEwgeYG7ez8T85kqhLtLxcVY2UU1eOT4brZZP5Tui6jgeWIQIAAARyUgAAAGNoAQcKABl8Zu88EdRi5YIyKvvvt2aP06JcHKisPhwymQJxmIIM4-8FHZzNXkabobBHYtQoW44SlU_yZJH0iH48TKlGj22tRXl52DAAXmca4RXGGfJMqPBkv-5GQiMz75VBxdKnleWyqcpLTg-h_8tvs4nGW48QUyPBkCN5cqLpVZt-RNqX3GICAxRLUwZTllYZeOYmhlidbbcFdbFqIDYfOMMBfhyzcMu7LBQguqy129gbAxqgvgSVBN4Tt41HlKN8ghkCkaY2UJAqMQEI_OYCs3TGTFokWW8w27B4e0Z4bjA_3Vdzhv6isVgoBfeM23Mj2dv2Lpuu7Bh-mqjvCsmXOkQL8bOd99WyhGUFOkfocOdrMHt6uGPoG79HVKym_Yot0PrmiEfC9-dszIduwD2DJ6Vl24YaE-kWVO4fq4HbZNpYJ5_1ou9H5vDd5FWpDIj9LyGDNpHjGVOvK5Wnk1zUhVPe9IUMHiYVUy6kFMf1qK5RlpZ2YapUKYm7i6S_34PcH32LabbCygMiJ-BOwV_-RmdwFyodhfV4oCbaUYx134kmZTcMAV3qi5biOKNO_m2SKC_ITrF9h8K4xo3jonRZp3-R8eLh3URKXtpNxneCSt3IXwlJUJpYgupzQczYNViGpBekItp04C2yox9o3mPbFFFveOaYo-pgk3Ptudmu6SzYSYnHb-N-1rA2Jczl0npz_wZ_sZuAZfoRR_AXu9LYwEMQNGACdIcRTdOt5fIO1nYQsZt6jR8IvincC4-6cxTzAuh1JsSiB9bkbRhRcBj6CBIrrDHc96GuAyUNlSo4mpyXguSubOiLdn7-_GkCCwMamdE_ASdtA3jhu335lbu0JB7t2QgjNqgjcZNTXQFGKwS4uA
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event.png
tps20241.doubleverify.com/ Frame A91B 		67 B
492 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20241.doubleverify.com/event.png?impid=668a679e6f0442f3a44ef05714fa0d1a&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=185&vdur=641&eoid=5&msrjs=1378&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&cbust=1621516779227611
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1378.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:38 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
5/19/2021 1:19:39 PM
gen_204
pagead2.googlesyndication.com/pagead/ Frame 475A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210517&jk=969987549450629&bg=!1Nel15PNAAZ7hX_Ue4U7ACkAdvg8WtbVtFvksBpyKbcLwwUYi-Wui2qxDmZ-gbjuAkJJBHB_ShnojwIAAAUTUgAAAFBoAQeZAmqZe9EUrHHceFpt33Qd6tIEKbpse5ZARTRLcDSUsrN4ji1gILEfIdsppqCrAy8DpVWKoBan635u_q9GR0SkG3qEdXRB36AgOtH5lnri-fObhIZDOQIEwIv_Hxy_yIiYJT34cSQuTJjF9P7OIU7Y6oxSmkd0-9LkRPh6CJWzNFejh0NRhRQGvrUSwiWAJP0uk2ldx5JR8G6j4xOtJayqS-l-VrOC3BMDZDOepUYJkgiqZoBN7qJzcSfz0TjF97zEoh1kfz7YW_SfexQ5PKPEwGsWeeEpldH_OH_Jv6omv4Tl8lUNod7lyQuFCgNnNv73Ynba_vZPXF-Bfio-BgBsP1I_HP09pBmdayyVnY5MgU0Fw83dbGk_bp_lMDw0nmplLvyQZzVjSiJ3JN3lOQM4KUD6YE84rjlXXgNcU6DfvNvbvYe1DIR2FJ_igVQx3iLJALhqLKNh6bw4qssSzDlB8MsB46Zb9kJy4O_6tft1bkYKq1m_OwS1bMe_pG3pBrTBwfsXA94Lu0VNhQyAfwH7skE0IB7IiRtOyHQcUHYTZuM_nDNeI1x5N-ug-4o08PQ8jxJen2zlWyHTR4bTFGgYXb2fWsHbdWG8v9FqmwnKLZSBBE2UdIOtSMrxothNmToS-0dk2RZ3Gw89kVnv-UH7lORxR4u1s1mr3SYhgbOwRSX75nItACkr1PtUypMzE4TTG790RzqFWMVfHkzGVzti7EpMxW8yYWoawBI3uQPdXWw0X9GyQ-QS11OOv-JNLqgiL_nTrLB1sCLcmgu2lLO9rnOzTu36ukWD0Y57j3EtcbHiaIzeijFvpbTbCtk
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event.png
tps20226.doubleverify.com/ Frame 1595 		67 B
492 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20226.doubleverify.com/event.png?impid=76b7e88c4dd340dab0dede5508ff7db7&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=67&vdur=608&eoid=5&msrjs=1378&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&cbust=1621516779310130
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1378.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:38 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
5/19/2021 1:19:39 PM
CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
pagead2.googlesyndication.com/bg/ Frame 45E8 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 09:49:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:08:00 GMT
server
sffe
age
12629
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
expires
Fri, 20 May 2022 09:49:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A356 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210517&jk=2977816920370423&bg=!6eql6q7NAAZ7hX_Ue4U7ACkAdvg8Wlr7nqOVHwGpuPlXRUBhiUuTHdQTPV3Xc8RKtrdLu8OFMuLbOQIAAAPEUgAAAB1oAQeZAnQHaDmntgFgH1TVxvM6MzyFgSDcv3YNBHHmkTOmdT_tACEqEa5EGiCR4_tvLCLnpOg2a_MHbw5LcDVpkz75vEyqE7K0cUAV2NIs6zt4AfrFThNxaiUZyvmIQU3Yu1MN0BGD8xZWzpug4Tq4vv-7q32oYRM4UXy--att1nG0-xUfzuBDYwYTSSKxdbY07SlKWFPj5LSwkhdLh3j_QHB3C21l6z-A8l_bIb9UII704ZRIs7EcsAM-Lh4bJGJazlaYwNGcOk_7MO2ak_8Agrc9oE8dAh36npBNBA3xqFs0EaNg5HaBxIc067vxyWrLBFqYFuITM8EQ_i8HJwQKQOBUT4GJivUudD3JjqjhWBiLr3py7R-0-yGYtjIShDG-S09c4C_fH7cwq4vKDKRbbkgeLy8JXev3LX-Wgwv6Ob92JLoXg-oyYnJM1G6tvZyqbFfml-zGj1TcKwrO6j7zv7XkugkTMCKqaGc2GzBZ_4w4Ec4Ibvcr2qnPIWDwDXo8xIja5PRrJ1upEIvPe2jVdT6qf6oqNMm8u3I8aUn2nblIHePoe1TYX4QpJwNzpIFRL-Wd3ni1txioB0yMUh54cvqb2N3X5t0zhxshQ7NRUO2DoX7QXqWm019ACJpxOP210eNscxoPPp6WTXzl74kgtzy9MG6Uzr9X7qpoK8EZbQLbs6tJ8VxtFY8NVqFeSKl8lNNIvQLauNNIY83aas2X-lb-rpX9AblC1LI74-zLOTc74rZ3NJ4La3IgNrHNY_yD3iOhJiRMjz8xVdLVzZ8409tzrZmnaCL4T11JpBQQsRVQTaWC_j1RWWcAjgv3w4-UnbscbHraLxRM
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
XRXW3I6Li01BKofAjsOUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ Frame D6C4 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAjsOUYevI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://vacina.saude.rs.gov.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 10:03:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 25 Nov 2020 02:44:23 GMT
server
sffe
age
357361
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19088
x-xss-protection
0
expires
Mon, 16 May 2022 10:03:39 GMT
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v16/ Frame D6C4 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://vacina.saude.rs.gov.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 10:13:30 GMT
x-content-type-options
nosniff
last-modified
Wed, 25 Nov 2020 02:44:35 GMT
server
sffe
age
529570
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18972
x-xss-protection
0
expires
Sat, 14 May 2022 10:13:30 GMT
fa-solid-900.woff2
vacina.saude.rs.gov.br/vendor/fontawesome-free/webfonts/ Frame D6C4 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/fontawesome-free/webfonts/fa-solid-900.woff2
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/vendor/fontawesome-free/css/all.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
wiesbaden.procergs.com.br
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff

Request headers

Origin
https://vacina.saude.rs.gov.br
Referer
https://vacina.saude.rs.gov.br/vendor/fontawesome-free/css/all.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:40 GMT
last-modified
Mon, 16 Sep 2019 17:58:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"12690-592af5a54eb00"
content-type
font/woff2
accept-ranges
bytes
content-length
75408
Portuguese-Brasil.json
cdn.datatables.net/plug-ins/1.10.20/i18n/ Frame D6C4 		971 B
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/plug-ins/1.10.20/i18n/Portuguese-Brasil.json
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/vendor/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
945d06eb0dcbe99839850dec2ced3f8265adba0ee296ca38c236cef6cc0648fe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:40 GMT
content-encoding
gzip
cf-cache-status
HIT
age
7145
content-length
438
cf-request-id
0a2b879d2c0000c2c2d5b12000000001
last-modified
Fri, 30 Apr 2021 08:15:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"11222c6-3cb-5c12c35ec1f17-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6525dba84df5c2c2-FRA
access-control-allow-headers
origin, x-requested-with, content-type
Portuguese-Brasil.json
cdn.datatables.net/plug-ins/1.10.20/i18n/ Frame D6C4 		971 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/plug-ins/1.10.20/i18n/Portuguese-Brasil.json
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/vendor/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
945d06eb0dcbe99839850dec2ced3f8265adba0ee296ca38c236cef6cc0648fe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:41 GMT
content-encoding
gzip
cf-cache-status
HIT
age
7146
content-length
438
cf-request-id
0a2b879dc80000c2c2c4b38000000001
last-modified
Fri, 30 Apr 2021 08:15:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"11222c6-3cb-5c12c35ec1f17-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6525dba93f9dc2c2-FRA
access-control-allow-headers
origin, x-requested-with, content-type
Portuguese-Brasil.json
cdn.datatables.net/plug-ins/1.10.20/i18n/ Frame D6C4 		971 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/plug-ins/1.10.20/i18n/Portuguese-Brasil.json
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/vendor/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
945d06eb0dcbe99839850dec2ced3f8265adba0ee296ca38c236cef6cc0648fe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:41 GMT
content-encoding
gzip
cf-cache-status
HIT
age
7146
content-length
438
cf-request-id
0a2b879dca0000c2c2f1a84000000001
last-modified
Fri, 30 Apr 2021 08:15:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"11222c6-3cb-5c12c35ec1f17-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6525dba94fa4c2c2-FRA
access-control-allow-headers
origin, x-requested-with, content-type
Portuguese-Brasil.json
cdn.datatables.net/plug-ins/1.10.20/i18n/ Frame D6C4 		971 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/plug-ins/1.10.20/i18n/Portuguese-Brasil.json
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/vendor/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
945d06eb0dcbe99839850dec2ced3f8265adba0ee296ca38c236cef6cc0648fe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:41 GMT
content-encoding
gzip
cf-cache-status
HIT
age
7146
content-length
438
cf-request-id
0a2b879dcb0000c2c2ff023000000001
last-modified
Fri, 30 Apr 2021 08:15:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"11222c6-3cb-5c12c35ec1f17-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6525dba94faac2c2-FRA
access-control-allow-headers
origin, x-requested-with, content-type
event.png
tps20241.doubleverify.com/ Frame A91B 		67 B
492 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20241.doubleverify.com/event.png?impid=668a679e6f0442f3a44ef05714fa0d1a&gdpr=&gdpr_consent=&msrcanlm=392&msrcannum=3&eoid=7&ismms=57&isumms=56&isvelg=1&nvr=6&isgmmims=57&isgmv4mims=57&elmtp=6&isbxdms=2901&b0=100&b11=3036&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&vsos=3&dvp_vsosnmr=16&lftb=3136&sftb=3136&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1072&isuiabvms=1072&isgmpims=213&isgmv4dpims=1072&ispmxpms=1072&engalms=54&dvp_dpr=1&cbust=1621516781138980
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1378.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:40 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
5/19/2021 1:19:41 PM
bsevent.gif
tps20511.doubleverify.com/ Frame 5BD7 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps20511.doubleverify.com/bsevent.gif?impid=1352d7f2114b4f1db6cf92bc004620cc&mascid=kowx7z9bgf5rjqeu23tuuw67exjw83d1&dvp_masver=6&dvp_tisf=2&dvp_t1stMsgB=1289&cbust=1621516781154148
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:41 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=0
Content-Length
860
Expires
5/19/2021 1:19:41 PM
event.png
tps20226.doubleverify.com/ Frame 1595 		67 B
492 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20226.doubleverify.com/event.png?impid=76b7e88c4dd340dab0dede5508ff7db7&gdpr=&gdpr_consent=&msrcanlm=394&msrcannum=4&eoid=7&ismms=18&isumms=17&isvelg=1&nvr=6&elmtp=3&isbxdms=2834&b0=100&b11=2962&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&vsos=3&dvp_vsosnmr=16&lftb=3062&sftb=3062&msrdp=7&naral=2&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1123&isuiabvms=1123&ispmxpms=1123&engalms=17&dvp_dpr=1&cbust=1621516781529177
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1378.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:40 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
5/19/2021 1:19:41 PM
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210517&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb16b8a7bf4a2c6ecc058026d46f92c95634ebba4757f58e518fd2db328723ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 13:19:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7810
x-xss-protection
0
conversion.js
d.tailtarget.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/conversion.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:01:27 GMT
content-encoding
gzip
age
76694
x-guploader-uploadid
ABg5-UzMS2fFRarTG_3txMqnml6N5oISdYq69bQOGDln7S6RoEiCoER1IJduCO_a12SotwtNHv_XRBCj-E3kUwQZA2wxlX9qbA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
6114
last-modified
Mon, 19 Apr 2021 15:43:33 GMT
server
UploadServer
etag
"090fb4b641b03e182ef8a7fdc93d72de"
x-goog-hash
crc32c=VQO11g==, md5=CQ+0tkGwPhgu+Kf9yT1y3g==
content-language
en
x-goog-generation
1618847013991944
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
6114
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 20 May 2021 16:01:27 GMT
js
www.googletagmanager.com/gtag/ 		85 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-931232517
Requested by
Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c48c9fb882036442809506e1290aaec09b9186d6c38f2308dfaef31c6677437e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:41 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34305
x-xss-protection
0
last-modified
Thu, 20 May 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 20 May 2021 13:19:41 GMT
syncframe
gum.criteo.com/ Frame 446E 		1 B
64 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.correiodopovo.com.br
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.correiodopovo.com.br
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

cache-control
private, max-age=0
expires
-1
content-type
text/html
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 20 May 2021 13:19:41 GMT
rs
ad4m.at/ Frame 5085 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1d7709d6a501dc8008c554810810a93dbfaa07acd1aeefd4f874cb83518e027

Request headers

Referer
https://ad4m.at/ad/dr?ed=1j66kbq3sp1qqr27hdwvtpr49qr3dyzfd561qgws14458w38xbp73snzp21qbcj1a8752zf4qpfjmbntdtshgxpt534sakvk2tdf4tyk8rj8m869mpwbw33q0chs35ranwt7f7m249hggewp80rvw92fqbcxvbjy1b42z13vas0az2dew3bf99jssrqjhv4t5mgna9dz2wa514tzbrn3xgyfxavevyhv3kggyfqqaemz0gndnw5db29pw757c0n9sr4xrjr2v1pdp803keqg5s9cp1mk31ykma16baygk39cdrvqma1r3zd8bemht0h97cs4z5cjqd9303q4aggvnfb3wx4q7p7wtstjw23cktyxhscxnbrr102c7tz9c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxNj65mGmYPPCC4iGtOUPv-uywA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQJjF3Zm5HK0PqgDAaoEvwFP0P4y2WixZpLycRONCiuaOVO9ZF6bUHSKKmYoNuZ82jfl6eL4sJ4QHD8XxVpQlgRJLuES7FaK-GrDvV2QbOcChtrVOaAeYyN7yb9xMZt4TadiCtE5lyo0o6O9RS8vMRcafqtryLVRq_maO8aXIqRsqzoJ7RzE2Ja5lRdVW_LM5eLb-ppNbBm-qPRrBkHxO-LItan26dMmNEGjyFsY6vmAuMJ_Hh1CDP5b94vF61DgAKtOBRrvhcCrV4IgH8GxTYAG_pSpkqePyfj-AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2zktj6AU9cqelDL4Q4MQ5TtAqLbg%26client%3Dca-pub-6379854420851476%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 May 2021 13:19:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-backend-server
rs-1tg8
cf-request-id
0a2b87a07600004aa9653bb000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ugljfn%2FS2LpaWiVYMLvDBFYtm6q2SivgaRBLUhhff9LM11TxxfW7ML8wSFOQS2qKeTWzN6RfQd05bv1VxTuI2oAUVkBHDKXOl49iWFr%2FcVYKM0IV"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://ad4m.at
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
cf-ray
6525dbad8a2a4aa9-FRA
rs
ad4m.at/ Frame 0D12 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48a054b6b2b437961fec0b6af7c2b3412fdc25aa96de068b6bc43cdedb5b4d7c

Request headers

Referer
https://ad4m.at/ad/dr?ed=1kk4fc0zpvw490v1stypcqcs28czy5fj0tytwqk016ps1bt9xj2wye12qxasf4g9bzba6ps6twh95fb91nyckpcppfjwx7dksj30tj3qe8mt64rrhnd0rpxga4n8v26rzffszrzjxbb669ne7kk28f3fr8p48vtawczwh6g5x6mvt8agv5sxn0c66kecgwmn5scjtbhbfmy28qq5ka556zn0vvzwecq3gb54m4v6tjd7ywxp4c6kweqrn8w2whbvgsspnhz6dfa3gtpp4jnea6kaccjnsq2nd9nq2gvvgdajd7b1nbrexj6kjp9vnd6ed2rk5we1j9ewferqja7sxdr5ftd3z03tz2xg6e62jd6ngx22kw5kxrmy74qg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4chQ5mGmYL-HNs2EtOUPvIOfiAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvgFP0IAVUpdSStN0u57dok3z_DpcWcHmcVeNy4PXj4PfwcEAXP4RLPZjFZEo4QlVhXvitHPHCG7I4j620Ycubv5d95pYqtjWdq0prQ_9bQNcPZ-BID01CoXCd9_xaTlCgLVJM17SnF_Ctm8kO3wyQB--xaoZL0EjszZySso1QGMhh3xhNjRuWipxUgp8PxvutC7OrPU_IK4Soqy_FgE-jdD0YioMRAq3R7I1HaZ0NfSWZINuoYzel3LzHCIiQBjggAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Zv8ZUxyDHVORaI7AdRE4DVgwFtg%26client%3Dca-pub-6379854420851476%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 May 2021 13:19:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-backend-server
rs-1tg8
cf-request-id
0a2b87a07500004aa93418e000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PbR%2FO5mcJ4emr59aqxkNJB5R3QHo5B9cn9W%2Bn%2BzCPHzop6VGBmf2x5PMdjAT1i3zrYL06PVDgddNmDyiSoatQsCjhtKtYQJI%2BaVsVsP5AXFBI4UI"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://ad4m.at
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
cf-ray
6525dbad8a2e4aa9-FRA
rs
ad4m.at/ Frame DB5F 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96c058dd833329da7261aa0ac07f9a8511ffc8996aca563b2c7408885fc3d59b

Request headers

Referer
https://ad4m.at/ad/dr?ed=1kkekt6jwyskzhnk3vnh93x0jrwghw8pwzyzgr027sfrk5ysbv4ejz70hkvwnxmt1e2abwsda40g6gh01zhjf0y4g7gvjx7ndt2vvqmrgbwj2g5gtgj7xtfez70cw9d67mberq28wm9yhb4m2s1gcs4g7vq5r9n30h98ghjpp1z3awymkpddc3xzdx0e4j1jvkfhq5s6yvv6ss2wn7grgjsqvq2sn442bbxsx2hvvqxz0v75pv6b7frvhm8bk182z8h0rxq7y5f90103r42v6zbpt84yrj2bdq2416p3ha317nvktr8bx044xhp16txgarnhdekcbdq4cx99qtw3ykyp9ryk4ck3hm2zhkpjt8k9ny7wz214fr5hjx9va&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtlCA5mGmYMzsOZujtOUP4fyo0AuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQIDADSgYm-0PqgDAaoEvwFP0NS5UdPWu_mciUDJiYGtYRubJmAeNGzAYCOzluAICYQPvtVGosl6Pu4qASyBTluWW7GGExblpaCyw7u_fAHv3Zl2x0MqcwpUYxAUTE3k6onPHK7T3PMsvmZBA01peVzoSgc1pL5V9hFISi8MTK8ducxDc4jnwkMySp1H5FpiVENi_s1_zJYzFY-edUXuj5jwbiqu3Y24K7Rrm1GwahdnF20HT-N6qkn7L1-6NhF9LEchhQt1xbhb6RiaT02ja4AG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0j6_drOS4nyyVgFrlri9a2HwDsZg%26client%3Dca-pub-6379854420851476%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 May 2021 13:19:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-backend-server
rs-1tg8
cf-request-id
0a2b87a07500004aa945b7a000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lMKp1qDO0ODv%2BbGj0mLfGMwsLkDoiu7o0%2Fh%2Ffh4RAtvuMHCi9xpz9isW98wxKRpvVu1tNItoIWjPbDXturetkbF5kCxvvBxtF36C4fr2YKAwn2NH"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://ad4m.at
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
cf-ray
6525dbad8a314aa9-FRA
social
trc-events.taboola.com/correiodopovo/log/3/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/correiodopovo/log/3/social?route=AM:IL:V&tvi2=84&lti=deflated&ri=c32e0e4d5b6c67785d53b3c70c18ae4a&sd=v2_2d5ae490bf2a5eb7e63aa2c1392bfabd_101f2a7a-3cf6-47b0-bd48-310b1e38a8f4-tuct79fe764_1621516772_1621516772_CIi3jgYQzeNHGPDLuc-YLyABKAEwOjj5twhAn4oQSLyD2QNQv9kMWABgAGixr-m1yv33zq0B&ui=101f2a7a-3cf6-47b0-bd48-310b1e38a8f4-tuct79fe764&pi=/&wi=-5703500169402860967&pt=home&vi=1621516772848&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22player-iframe%22%2C%22nm%22%3A%22video%22%2C%22c%22%3A1%2C%22m%22%3A%22video%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.correiodopovo.com.br%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_undefined_%22%2C%22hdl%22%3A%22Correio%20do%20Povo%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=15%3A19%3A41.697&id=3033&llvl=1&cv=20210520-3-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:41 GMT
server
nginx
x-fastly-to-nlb-rtt
13898
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
tbl-x-upstream
10.41.14.127:10213
rs
ad4m.at/ Frame 4045 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79ff19ba14555656884b114ad91d978389b4b801f4d9b092e874aa435246ca1e

Request headers

Referer
https://ad4m.at/ad/dr?ed=1gjkg324g3pre3zxrbqr58ph0gpa1jbzycn17v243fv7k28xzsbzerba7q7bdwxn1xq8t5k0e96jzbt5d0wjr0d7h1jk9b79qe1yj81v1ga7tej3wwa0x1pvr0qqsr33mvr9s1nz0fvs87exykgp8405gcxcxs0m26xf2j2dpkf0b0zye8xt065f80cfz9bc6y1k8qh3jb5dgzr8edqpczvgvqf5bzhxrg8j02g7z9dazr6jgdsj6hsh0m201d7yw1zebt33y6g5hqk38vfvawfbsbyrjsrm753rm13ytsevv325tk6fpbyajbsh2n1shbkm8x68sg8c090yem5dcyfe8ydxemcnk7tgn72k6aaty3e51mqpw08png8hy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXSaN52GmYKy2BLfVtOUP1cCh2AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvwFP0LxC7iD1UnLZ4o2Y7WHbVbcmHJkSNwSKtsl3qunN5WjctHCAUSlFU1XPLH4aKhn_dmT5Jb3ELrGW6JZZh1NOzML4VrNRWzQ6K7j-tqU0Hs31yboy-HRvDx_fJUGC68UJPnt6memJT8suiLelG-sZmQwMXwmLSvxtn2NafzBEXAuviLO4OBYVY8eOLQs7FXkOIKwf1AyyygpfwjE93FG667D2eMgQSOYR0XDsW9TnscX4DEkYKok7HMgnAaP5HoAG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2NxUavZpPNivuXHwF1vAXOczsnVg%26client%3Dca-pub-6379854420851476%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 May 2021 13:19:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-backend-server
rs-v23g
cf-request-id
0a2b87a09b00001f2d70865000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EU43MSQDmgb1KwMVusQXt9RRa5xzi6XPPZ0Nbpx9xhQFBK05U1XlmHLrSYzNqMaGMP0Tk2KiEJLu%2B6sRvEJU5gZ1svmQ1E7FCUC7hFPi6ORsx62O"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://ad4m.at
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
cf-ray
6525dbadce8e1f2d-FRA
base.js
d.tailtarget.com/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/base.js
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:26:15 GMT
content-encoding
gzip
age
75206
x-guploader-uploadid
ABg5-UwlZNChk2K6YOZEdF0Y5anEMACefz91JtgF00rUVzSb-QzbtIAsDFQCsTbjSIZ46fTteCgFABb0KRAqCns790i-hrheBQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
8332
last-modified
Mon, 19 Apr 2021 15:43:33 GMT
server
UploadServer
etag
"3f338dc5c15f92841113b0350587be44"
x-goog-hash
crc32c=sfk3og==, md5=PzONxcFfkoQRE7A1BYe+RA==
content-language
en
x-goog-generation
1618847013907660
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
8332
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 20 May 2021 16:26:15 GMT
trk
tt-9964-3.seg.t.tailtarget.com/ 		70 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tt-9964-3.seg.t.tailtarget.com/trk?tA=TT-9964-3&tJ=_channel:par-correiodopovo:1|_channel:r7-cas-alimentacaosaudavel:1|_channel:r7-cas-int-em-livros:1|_channel:r7-visao-geral:1&tK=1621516782&tM=direct&tL=direct&tN=direct&tY=3&tZ=580546041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:41 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, private, proxy-revalidate
content-disposition
inline
content-type
image/png
alt-svc
clear
content-length
70
rar
as.ad4m.at/ad/ Frame E065 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=_viUHojspWok5ZTAeJwLzxVo05FRbbLa&g=297b0af21663bba4118019f765fad4ee%2F609353721646030279&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20frfpxzy7yvf5q5b4nsm59688v2ckrfctdegxzh6sme9rhak9a8vm4n45pbyw7wj2jy1s6arx00p094560fkr951bqnahbevn5zhd7dfjaqnt8yr5rb00cdgj2271w679z055k61perby0d6y29wv1vtc3kzj40aah34dj8ps0143ry9cpe86hb26qd7xj63y0grgrmw300a0x4z16mmfz67j8r5hkreeh8zp7895ae3paq9qjgzecnqt5n8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4chQ5mGmYL-HNs2EtOUPvIOfiAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvgFP0IAVUpdSStN0u57dok3z_DpcWcHmcVeNy4PXj4PfwcEAXP4RLPZjFZEo4QlVhXvitHPHCG7I4j620Ycubv5d95pYqtjWdq0prQ_9bQNcPZ-BID01CoXCd9_xaTlCgLVJM17SnF_Ctm8kO3wyQB--xaoZL0EjszZySso1QGMhh3xhNjRuWipxUgp8PxvutC7OrPU_IK4Soqy_FgE-jdD0YioMRAq3R7I1HaZ0NfSWZINuoYzel3LzHCIiQBjggAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Zv8ZUxyDHVORaI7AdRE4DVgwFtg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5ef829db91a879dc98d894f7421c14487c7b26f3cc83045f84a796eed621af3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=_viUHojspWok5ZTAeJwLzxVo05FRbbLa&g=297b0af21663bba4118019f765fad4ee%2F609353721646030279&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20frfpxzy7yvf5q5b4nsm59688v2ckrfctdegxzh6sme9rhak9a8vm4n45pbyw7wj2jy1s6arx00p094560fkr951bqnahbevn5zhd7dfjaqnt8yr5rb00cdgj2271w679z055k61perby0d6y29wv1vtc3kzj40aah34dj8ps0143ry9cpe86hb26qd7xj63y0grgrmw300a0x4z16mmfz67j8r5hkreeh8zp7895ae3paq9qjgzecnqt5n8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4chQ5mGmYL-HNs2EtOUPvIOfiAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvgFP0IAVUpdSStN0u57dok3z_DpcWcHmcVeNy4PXj4PfwcEAXP4RLPZjFZEo4QlVhXvitHPHCG7I4j620Ycubv5d95pYqtjWdq0prQ_9bQNcPZ-BID01CoXCd9_xaTlCgLVJM17SnF_Ctm8kO3wyQB--xaoZL0EjszZySso1QGMhh3xhNjRuWipxUgp8PxvutC7OrPU_IK4Soqy_FgE-jdD0YioMRAq3R7I1HaZ0NfSWZINuoYzel3LzHCIiQBjggAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Zv8ZUxyDHVORaI7AdRE4DVgwFtg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:41 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a2b87a0ab00004aa95934e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6525dbaddb054aa9-FRA
content-encoding
br
rar
as.ad4m.at/ad/ Frame 2FDF 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=iuGcfbeditfcZLQ7mQO4sb9aRwL0bb4l&g=f3240d8f933ca8d1f2bbdb18a3c01430%2F16196834210030529249&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dexdyv38nwx17yktyargwnf7r44axeakb86jsh5g5gjxcc7nh6h54cs25ay71m1kq07s0nhr4xfca93bfm9a1rw5pbzkg70r8hbpbx6hr88qf2jsmxdajjn54qc1bvamyptrg6v3fmpj5gx531v9af3b28qjwjm4vherwjyjxrncjhbdw667zara5xa6wm9q8kjpsxc1gc5tkf1j29zxjw2xp2twfw60z98f7em5t352q37cv6h6aj7bmb8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtlCA5mGmYMzsOZujtOUP4fyo0AuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQIDADSgYm-0PqgDAaoEvwFP0NS5UdPWu_mciUDJiYGtYRubJmAeNGzAYCOzluAICYQPvtVGosl6Pu4qASyBTluWW7GGExblpaCyw7u_fAHv3Zl2x0MqcwpUYxAUTE3k6onPHK7T3PMsvmZBA01peVzoSgc1pL5V9hFISi8MTK8ducxDc4jnwkMySp1H5FpiVENi_s1_zJYzFY-edUXuj5jwbiqu3Y24K7Rrm1GwahdnF20HT-N6qkn7L1-6NhF9LEchhQt1xbhb6RiaT02ja4AG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0j6_drOS4nyyVgFrlri9a2HwDsZg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71395335533fe2b9df9fd4dd184dd90a2aebc4bc0749b5afaf175b2ea846683f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=iuGcfbeditfcZLQ7mQO4sb9aRwL0bb4l&g=f3240d8f933ca8d1f2bbdb18a3c01430%2F16196834210030529249&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dexdyv38nwx17yktyargwnf7r44axeakb86jsh5g5gjxcc7nh6h54cs25ay71m1kq07s0nhr4xfca93bfm9a1rw5pbzkg70r8hbpbx6hr88qf2jsmxdajjn54qc1bvamyptrg6v3fmpj5gx531v9af3b28qjwjm4vherwjyjxrncjhbdw667zara5xa6wm9q8kjpsxc1gc5tkf1j29zxjw2xp2twfw60z98f7em5t352q37cv6h6aj7bmb8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtlCA5mGmYMzsOZujtOUP4fyo0AuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQIDADSgYm-0PqgDAaoEvwFP0NS5UdPWu_mciUDJiYGtYRubJmAeNGzAYCOzluAICYQPvtVGosl6Pu4qASyBTluWW7GGExblpaCyw7u_fAHv3Zl2x0MqcwpUYxAUTE3k6onPHK7T3PMsvmZBA01peVzoSgc1pL5V9hFISi8MTK8ducxDc4jnwkMySp1H5FpiVENi_s1_zJYzFY-edUXuj5jwbiqu3Y24K7Rrm1GwahdnF20HT-N6qkn7L1-6NhF9LEchhQt1xbhb6RiaT02ja4AG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0j6_drOS4nyyVgFrlri9a2HwDsZg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:41 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a2b87a0ac00004aa973988000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6525dbaddb0c4aa9-FRA
content-encoding
br
rar
as.ad4m.at/ad/ Frame A2A7 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=qd3oTPkCXKApnDPgRD1zAlcod5gNMl-G&g=b70aac216f6a5a98bf0e3f3a8a2716dc%2F4761467888437106308&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21n6zhvzrwwrz051m9t5xsb11rntbj7xmkj31cyg2d872vgr40zjd06k63eqb919khckgka07eggnvfcttqnj488d001z504rqmmttdmxmhq9mc5gd5y5480c2msv08y9fap70wrr06mxrcc37crxd0hkv1y1h8twm4cx012vvw8andvnzb0qtycs3srsv24m068v0mcnvtvy336trkqxf7st5w0bncvnmt9038mmgekp1pbbcacey4nx83pm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxNj65mGmYPPCC4iGtOUPv-uywA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQJjF3Zm5HK0PqgDAaoEvwFP0P4y2WixZpLycRONCiuaOVO9ZF6bUHSKKmYoNuZ82jfl6eL4sJ4QHD8XxVpQlgRJLuES7FaK-GrDvV2QbOcChtrVOaAeYyN7yb9xMZt4TadiCtE5lyo0o6O9RS8vMRcafqtryLVRq_maO8aXIqRsqzoJ7RzE2Ja5lRdVW_LM5eLb-ppNbBm-qPRrBkHxO-LItan26dMmNEGjyFsY6vmAuMJ_Hh1CDP5b94vF61DgAKtOBRrvhcCrV4IgH8GxTYAG_pSpkqePyfj-AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2zktj6AU9cqelDL4Q4MQ5TtAqLbg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
796386b91308405873b1af12c7633fbe30783a4ad4531fe688b94d9fb84caab5
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=qd3oTPkCXKApnDPgRD1zAlcod5gNMl-G&g=b70aac216f6a5a98bf0e3f3a8a2716dc%2F4761467888437106308&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21n6zhvzrwwrz051m9t5xsb11rntbj7xmkj31cyg2d872vgr40zjd06k63eqb919khckgka07eggnvfcttqnj488d001z504rqmmttdmxmhq9mc5gd5y5480c2msv08y9fap70wrr06mxrcc37crxd0hkv1y1h8twm4cx012vvw8andvnzb0qtycs3srsv24m068v0mcnvtvy336trkqxf7st5w0bncvnmt9038mmgekp1pbbcacey4nx83pm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxNj65mGmYPPCC4iGtOUPv-uywA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQJjF3Zm5HK0PqgDAaoEvwFP0P4y2WixZpLycRONCiuaOVO9ZF6bUHSKKmYoNuZ82jfl6eL4sJ4QHD8XxVpQlgRJLuES7FaK-GrDvV2QbOcChtrVOaAeYyN7yb9xMZt4TadiCtE5lyo0o6O9RS8vMRcafqtryLVRq_maO8aXIqRsqzoJ7RzE2Ja5lRdVW_LM5eLb-ppNbBm-qPRrBkHxO-LItan26dMmNEGjyFsY6vmAuMJ_Hh1CDP5b94vF61DgAKtOBRrvhcCrV4IgH8GxTYAG_pSpkqePyfj-AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2zktj6AU9cqelDL4Q4MQ5TtAqLbg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:41 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a2b87a0b100004aa906980000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6525dbadeb1f4aa9-FRA
content-encoding
br
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame E5BA 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 20 May 2021 13:18:59 GMT
expires
Fri, 20 May 2022 13:18:59 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
42
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rar
as.ad4m.at/ad/ Frame 63CF 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=fee3b44e7adfc6864384808d55c17f39%2F8037280279441544571&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2228wem3fwr3z72s3yaq36y1ftj276ay15yxx5pksmgqjexgsnr2rkztxszvmw55t4c7111mt2hsa79bkrfnj61x2j82h8wdvfxcvq259ybtdy4emdbjmyzz3z8vkz1e9q343h10pt9n3yypjmh6cb52fehn39e0cjvj79hefq9cgqgzhz9tjpnryhn680f41vqjzhcjdqg1jaae4aam8matzdqee60604gkyzn32ebs3t2t46e3xqc50mzkt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXSaN52GmYKy2BLfVtOUP1cCh2AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvwFP0LxC7iD1UnLZ4o2Y7WHbVbcmHJkSNwSKtsl3qunN5WjctHCAUSlFU1XPLH4aKhn_dmT5Jb3ELrGW6JZZh1NOzML4VrNRWzQ6K7j-tqU0Hs31yboy-HRvDx_fJUGC68UJPnt6memJT8suiLelG-sZmQwMXwmLSvxtn2NafzBEXAuviLO4OBYVY8eOLQs7FXkOIKwf1AyyygpfwjE93FG667D2eMgQSOYR0XDsW9TnscX4DEkYKok7HMgnAaP5HoAG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2NxUavZpPNivuXHwF1vAXOczsnVg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f912e81dde708343686b085c3285fdf2c19811b243581f7134b04773d6dfdec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=fee3b44e7adfc6864384808d55c17f39%2F8037280279441544571&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2228wem3fwr3z72s3yaq36y1ftj276ay15yxx5pksmgqjexgsnr2rkztxszvmw55t4c7111mt2hsa79bkrfnj61x2j82h8wdvfxcvq259ybtdy4emdbjmyzz3z8vkz1e9q343h10pt9n3yypjmh6cb52fehn39e0cjvj79hefq9cgqgzhz9tjpnryhn680f41vqjzhcjdqg1jaae4aam8matzdqee60604gkyzn32ebs3t2t46e3xqc50mzkt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXSaN52GmYKy2BLfVtOUP1cCh2AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvwFP0LxC7iD1UnLZ4o2Y7WHbVbcmHJkSNwSKtsl3qunN5WjctHCAUSlFU1XPLH4aKhn_dmT5Jb3ELrGW6JZZh1NOzML4VrNRWzQ6K7j-tqU0Hs31yboy-HRvDx_fJUGC68UJPnt6memJT8suiLelG-sZmQwMXwmLSvxtn2NafzBEXAuviLO4OBYVY8eOLQs7FXkOIKwf1AyyygpfwjE93FG667D2eMgQSOYR0XDsW9TnscX4DEkYKok7HMgnAaP5HoAG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2NxUavZpPNivuXHwF1vAXOczsnVg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:41 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a2b87a0d200001f2d2ea31000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6525dbae1f171f2d-FRA
content-encoding
br
default.css
as.ad4m.at/ad/style/0.1.6/one-ad/ Frame E065 		59 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.6/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=_viUHojspWok5ZTAeJwLzxVo05FRbbLa&g=297b0af21663bba4118019f765fad4ee%2F609353721646030279&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20frfpxzy7yvf5q5b4nsm59688v2ckrfctdegxzh6sme9rhak9a8vm4n45pbyw7wj2jy1s6arx00p094560fkr951bqnahbevn5zhd7dfjaqnt8yr5rb00cdgj2271w679z055k61perby0d6y29wv1vtc3kzj40aah34dj8ps0143ry9cpe86hb26qd7xj63y0grgrmw300a0x4z16mmfz67j8r5hkreeh8zp7895ae3paq9qjgzecnqt5n8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4chQ5mGmYL-HNs2EtOUPvIOfiAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvgFP0IAVUpdSStN0u57dok3z_DpcWcHmcVeNy4PXj4PfwcEAXP4RLPZjFZEo4QlVhXvitHPHCG7I4j620Ycubv5d95pYqtjWdq0prQ_9bQNcPZ-BID01CoXCd9_xaTlCgLVJM17SnF_Ctm8kO3wyQB--xaoZL0EjszZySso1QGMhh3xhNjRuWipxUgp8PxvutC7OrPU_IK4Soqy_FgE-jdD0YioMRAq3R7I1HaZ0NfSWZINuoYzel3LzHCIiQBjggAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Zv8ZUxyDHVORaI7AdRE4DVgwFtg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=_viUHojspWok5ZTAeJwLzxVo05FRbbLa&g=297b0af21663bba4118019f765fad4ee%2F609353721646030279&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20frfpxzy7yvf5q5b4nsm59688v2ckrfctdegxzh6sme9rhak9a8vm4n45pbyw7wj2jy1s6arx00p094560fkr951bqnahbevn5zhd7dfjaqnt8yr5rb00cdgj2271w679z055k61perby0d6y29wv1vtc3kzj40aah34dj8ps0143ry9cpe86hb26qd7xj63y0grgrmw300a0x4z16mmfz67j8r5hkreeh8zp7895ae3paq9qjgzecnqt5n8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4chQ5mGmYL-HNs2EtOUPvIOfiAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvgFP0IAVUpdSStN0u57dok3z_DpcWcHmcVeNy4PXj4PfwcEAXP4RLPZjFZEo4QlVhXvitHPHCG7I4j620Ycubv5d95pYqtjWdq0prQ_9bQNcPZ-BID01CoXCd9_xaTlCgLVJM17SnF_Ctm8kO3wyQB--xaoZL0EjszZySso1QGMhh3xhNjRuWipxUgp8PxvutC7OrPU_IK4Soqy_FgE-jdD0YioMRAq3R7I1HaZ0NfSWZINuoYzel3LzHCIiQBjggAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Zv8ZUxyDHVORaI7AdRE4DVgwFtg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:41 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
97313
cf-polished
origSize=60706
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-request-id
0a2b87a0f000001f2d3d031000000001
cf-ray
6525dbae4f6e1f2d-FRA
expires
Thu, 20 May 2021 14:19:41 GMT
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame E065 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=_viUHojspWok5ZTAeJwLzxVo05FRbbLa&g=297b0af21663bba4118019f765fad4ee%2F609353721646030279&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20frfpxzy7yvf5q5b4nsm59688v2ckrfctdegxzh6sme9rhak9a8vm4n45pbyw7wj2jy1s6arx00p094560fkr951bqnahbevn5zhd7dfjaqnt8yr5rb00cdgj2271w679z055k61perby0d6y29wv1vtc3kzj40aah34dj8ps0143ry9cpe86hb26qd7xj63y0grgrmw300a0x4z16mmfz67j8r5hkreeh8zp7895ae3paq9qjgzecnqt5n8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4chQ5mGmYL-HNs2EtOUPvIOfiAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvgFP0IAVUpdSStN0u57dok3z_DpcWcHmcVeNy4PXj4PfwcEAXP4RLPZjFZEo4QlVhXvitHPHCG7I4j620Ycubv5d95pYqtjWdq0prQ_9bQNcPZ-BID01CoXCd9_xaTlCgLVJM17SnF_Ctm8kO3wyQB--xaoZL0EjszZySso1QGMhh3xhNjRuWipxUgp8PxvutC7OrPU_IK4Soqy_FgE-jdD0YioMRAq3R7I1HaZ0NfSWZINuoYzel3LzHCIiQBjggAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Zv8ZUxyDHVORaI7AdRE4DVgwFtg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date
Thu, 20 May 2021 13:19:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
52536
cf-polished
origFmt=png, origSize=35453
x-guploader-uploadid
ABg5-Uwa0pHO7p2KwdWZ6A8ZHcFIkQUlgjPhsd8G8bqx4cWC-xpVXJrDEK-e_ZlHLKcIK4mqQ40q-IIwdNNX4JYmbgW8DGCfiw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18872
cf-request-id
0a2b87a0f200004aa9769d3000000001
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=he50Y7FsmKJJzOuHgudM2C1uFC26I%2FQgnKjI6Cl%2F67OVq9uQ9z9FsIRbe7T%2BoPH4eiJJ0EjAbRaaNOPK3QSwGg2xHaBwWjqLta8Py1ojKR2v3L67B18EWVO0lg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589805029334103
content-type
image/webp
expires
Fri, 21 May 2021 13:19:41 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
35453
accept-ranges
bytes
cf-ray
6525dbae4c0b4aa9-FRA
cf-bgj
imgq:85,h2pri
A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame E065 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=_viUHojspWok5ZTAeJwLzxVo05FRbbLa&g=297b0af21663bba4118019f765fad4ee%2F609353721646030279&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20frfpxzy7yvf5q5b4nsm59688v2ckrfctdegxzh6sme9rhak9a8vm4n45pbyw7wj2jy1s6arx00p094560fkr951bqnahbevn5zhd7dfjaqnt8yr5rb00cdgj2271w679z055k61perby0d6y29wv1vtc3kzj40aah34dj8ps0143ry9cpe86hb26qd7xj63y0grgrmw300a0x4z16mmfz67j8r5hkreeh8zp7895ae3paq9qjgzecnqt5n8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4chQ5mGmYL-HNs2EtOUPvIOfiAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvgFP0IAVUpdSStN0u57dok3z_DpcWcHmcVeNy4PXj4PfwcEAXP4RLPZjFZEo4QlVhXvitHPHCG7I4j620Ycubv5d95pYqtjWdq0prQ_9bQNcPZ-BID01CoXCd9_xaTlCgLVJM17SnF_Ctm8kO3wyQB--xaoZL0EjszZySso1QGMhh3xhNjRuWipxUgp8PxvutC7OrPU_IK4Soqy_FgE-jdD0YioMRAq3R7I1HaZ0NfSWZINuoYzel3LzHCIiQBjggAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Zv8ZUxyDHVORaI7AdRE4DVgwFtg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date
Thu, 20 May 2021 13:19:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
58535
cf-polished
origFmt=png, origSize=4031
x-guploader-uploadid
ABg5-UzGiRR4yimbWKfGJZpmBb7Y7HRFdwG_OsOerIJSuqRrvfrFIfTgIYrYfkjPNAsraqsGAdYkDRgmZq7_XAan-8Y
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1598
cf-request-id
0a2b87a0f200004aa91302f000000001
last-modified
Wed, 20 Jan 2021 17:03:56 GMT
server
cloudflare
etag
"7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9EoyKNLqXFioou1fJiT%2BiluvpRSx6XCtMSWwuQNLdENni3tixbLwhtL3P5rPoLX2oFkC2QDW975SKJISOjDTZ1Crprh1T8k%2Bz2bPUFVhrsvqlPfqK9DTLuB2dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1611162235947637
content-type
image/webp
expires
Fri, 21 May 2021 13:19:41 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
4031
accept-ranges
bytes
cf-ray
6525dbae4c0e4aa9-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame E065 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__asuid_viUHojspWok5ZTAeJwLzxVo05FRbbLaasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=_viUHojspWok5ZTAeJwLzxVo05FRbbLa&g=297b0af21663bba4118019f765fad4ee%2F609353721646030279&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20frfpxzy7yvf5q5b4nsm59688v2ckrfctdegxzh6sme9rhak9a8vm4n45pbyw7wj2jy1s6arx00p094560fkr951bqnahbevn5zhd7dfjaqnt8yr5rb00cdgj2271w679z055k61perby0d6y29wv1vtc3kzj40aah34dj8ps0143ry9cpe86hb26qd7xj63y0grgrmw300a0x4z16mmfz67j8r5hkreeh8zp7895ae3paq9qjgzecnqt5n8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4chQ5mGmYL-HNs2EtOUPvIOfiAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvgFP0IAVUpdSStN0u57dok3z_DpcWcHmcVeNy4PXj4PfwcEAXP4RLPZjFZEo4QlVhXvitHPHCG7I4j620Ycubv5d95pYqtjWdq0prQ_9bQNcPZ-BID01CoXCd9_xaTlCgLVJM17SnF_Ctm8kO3wyQB--xaoZL0EjszZySso1QGMhh3xhNjRuWipxUgp8PxvutC7OrPU_IK4Soqy_FgE-jdD0YioMRAq3R7I1HaZ0NfSWZINuoYzel3LzHCIiQBjggAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Zv8ZUxyDHVORaI7AdRE4DVgwFtg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:42 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame E065 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=_viUHojspWok5ZTAeJwLzxVo05FRbbLa&g=297b0af21663bba4118019f765fad4ee%2F609353721646030279&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20frfpxzy7yvf5q5b4nsm59688v2ckrfctdegxzh6sme9rhak9a8vm4n45pbyw7wj2jy1s6arx00p094560fkr951bqnahbevn5zhd7dfjaqnt8yr5rb00cdgj2271w679z055k61perby0d6y29wv1vtc3kzj40aah34dj8ps0143ry9cpe86hb26qd7xj63y0grgrmw300a0x4z16mmfz67j8r5hkreeh8zp7895ae3paq9qjgzecnqt5n8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4chQ5mGmYL-HNs2EtOUPvIOfiAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvgFP0IAVUpdSStN0u57dok3z_DpcWcHmcVeNy4PXj4PfwcEAXP4RLPZjFZEo4QlVhXvitHPHCG7I4j620Ycubv5d95pYqtjWdq0prQ_9bQNcPZ-BID01CoXCd9_xaTlCgLVJM17SnF_Ctm8kO3wyQB--xaoZL0EjszZySso1QGMhh3xhNjRuWipxUgp8PxvutC7OrPU_IK4Soqy_FgE-jdD0YioMRAq3R7I1HaZ0NfSWZINuoYzel3LzHCIiQBjggAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Zv8ZUxyDHVORaI7AdRE4DVgwFtg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date
Thu, 20 May 2021 13:19:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
51546
cf-polished
origFmt=png, origSize=44613
x-guploader-uploadid
ABg5-UwWzV8Vi9wwWB9_t92BZ3hXsqxnGcNPAW0LaVCSpyGkAeICaRXs_LpZzjWYyirMRzo7C0cmfApc-NiuzLQfsg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39202
cf-request-id
0a2b87a0f700004aa91ca55000000001
last-modified
Wed, 22 Jan 2020 13:11:41 GMT
server
cloudflare
etag
"c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ooegCqrWeEcMbSH2NlT72VhFleIjQaNpL5g0yqeznefaUfomEX9KJYwWd9auxCreOptijGMuakb2GOidfM92fR2Z6eLD3uOWcXO7LX0cOr1ZFhRvqlWttLxiZw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698701189315
content-type
image/webp
expires
Fri, 21 May 2021 13:19:41 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
44613
accept-ranges
bytes
cf-ray
6525dbae5c214aa9-FRA
cf-bgj
imgq:85,h2pri
69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame E065 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=_viUHojspWok5ZTAeJwLzxVo05FRbbLa&g=297b0af21663bba4118019f765fad4ee%2F609353721646030279&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20frfpxzy7yvf5q5b4nsm59688v2ckrfctdegxzh6sme9rhak9a8vm4n45pbyw7wj2jy1s6arx00p094560fkr951bqnahbevn5zhd7dfjaqnt8yr5rb00cdgj2271w679z055k61perby0d6y29wv1vtc3kzj40aah34dj8ps0143ry9cpe86hb26qd7xj63y0grgrmw300a0x4z16mmfz67j8r5hkreeh8zp7895ae3paq9qjgzecnqt5n8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4chQ5mGmYL-HNs2EtOUPvIOfiAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvgFP0IAVUpdSStN0u57dok3z_DpcWcHmcVeNy4PXj4PfwcEAXP4RLPZjFZEo4QlVhXvitHPHCG7I4j620Ycubv5d95pYqtjWdq0prQ_9bQNcPZ-BID01CoXCd9_xaTlCgLVJM17SnF_Ctm8kO3wyQB--xaoZL0EjszZySso1QGMhh3xhNjRuWipxUgp8PxvutC7OrPU_IK4Soqy_FgE-jdD0YioMRAq3R7I1HaZ0NfSWZINuoYzel3LzHCIiQBjggAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Zv8ZUxyDHVORaI7AdRE4DVgwFtg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date
Thu, 20 May 2021 13:19:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
55800
cf-polished
origFmt=png, origSize=136328
x-guploader-uploadid
ABg5-UykCxNZ0AP_Fq4FWIDYfil9WRQTsuLGjDxt5DK2RX82WpBPnvBW8foCqTuSn3f01OWO6Sju6hFwgAMnmIYUuyOdBQjmgA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
115268
cf-request-id
0a2b87a0f800004aa91586e000000001
last-modified
Tue, 29 Oct 2019 09:42:57 GMT
server
cloudflare
etag
"0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lh3VqpBvLQlF%2BLcByod7nNwR%2B0H3btzwIyIF0UGiUas7SynIG88Nm2lft%2Br%2Bgr%2BwTR%2FQDkBcNvY5cIU8XGT4ZYMjz8RDK3E2Z45wEM4gRDFr8Eb2mbm%2F33MVag%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1572342177666668
content-type
image/webp
expires
Fri, 21 May 2021 13:19:41 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
136328
accept-ranges
bytes
cf-ray
6525dbae5c234aa9-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame E065 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__asuid_viUHojspWok5ZTAeJwLzxVo05FRbbLaasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=_viUHojspWok5ZTAeJwLzxVo05FRbbLa&g=297b0af21663bba4118019f765fad4ee%2F609353721646030279&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20frfpxzy7yvf5q5b4nsm59688v2ckrfctdegxzh6sme9rhak9a8vm4n45pbyw7wj2jy1s6arx00p094560fkr951bqnahbevn5zhd7dfjaqnt8yr5rb00cdgj2271w679z055k61perby0d6y29wv1vtc3kzj40aah34dj8ps0143ry9cpe86hb26qd7xj63y0grgrmw300a0x4z16mmfz67j8r5hkreeh8zp7895ae3paq9qjgzecnqt5n8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4chQ5mGmYL-HNs2EtOUPvIOfiAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvgFP0IAVUpdSStN0u57dok3z_DpcWcHmcVeNy4PXj4PfwcEAXP4RLPZjFZEo4QlVhXvitHPHCG7I4j620Ycubv5d95pYqtjWdq0prQ_9bQNcPZ-BID01CoXCd9_xaTlCgLVJM17SnF_Ctm8kO3wyQB--xaoZL0EjszZySso1QGMhh3xhNjRuWipxUgp8PxvutC7OrPU_IK4Soqy_FgE-jdD0YioMRAq3R7I1HaZ0NfSWZINuoYzel3LzHCIiQBjggAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Zv8ZUxyDHVORaI7AdRE4DVgwFtg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:41 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame E065 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=_viUHojspWok5ZTAeJwLzxVo05FRbbLa&g=297b0af21663bba4118019f765fad4ee%2F609353721646030279&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20frfpxzy7yvf5q5b4nsm59688v2ckrfctdegxzh6sme9rhak9a8vm4n45pbyw7wj2jy1s6arx00p094560fkr951bqnahbevn5zhd7dfjaqnt8yr5rb00cdgj2271w679z055k61perby0d6y29wv1vtc3kzj40aah34dj8ps0143ry9cpe86hb26qd7xj63y0grgrmw300a0x4z16mmfz67j8r5hkreeh8zp7895ae3paq9qjgzecnqt5n8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4chQ5mGmYL-HNs2EtOUPvIOfiAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvgFP0IAVUpdSStN0u57dok3z_DpcWcHmcVeNy4PXj4PfwcEAXP4RLPZjFZEo4QlVhXvitHPHCG7I4j620Ycubv5d95pYqtjWdq0prQ_9bQNcPZ-BID01CoXCd9_xaTlCgLVJM17SnF_Ctm8kO3wyQB--xaoZL0EjszZySso1QGMhh3xhNjRuWipxUgp8PxvutC7OrPU_IK4Soqy_FgE-jdD0YioMRAq3R7I1HaZ0NfSWZINuoYzel3LzHCIiQBjggAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Zv8ZUxyDHVORaI7AdRE4DVgwFtg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Thu, 20 May 2021 13:19:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
51466
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ABg5-Uw9SETLfk8DtyWaIZce9Gh3X03pLd54DJnm3xkNEbvc2Qt-5aEHU4xCUXItiX2PkICfwMdkPoDB6Bg1d2Cky_8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
cf-request-id
0a2b87a0f800004aa92194d000000001
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Busl2NtUbL4i13nOTWtLjOfEU9WOjH%2FDzd1%2FjvmifbvRQF%2BOVobMjx%2FP8ki%2B4guZuEzsFgRdxyhwCm0UHYTyDacieO4OiwqQZCx3rFlWQXXtmeJrEmZLswdZJw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Fri, 21 May 2021 13:19:41 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
6525dbae5c244aa9-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame E065 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=_viUHojspWok5ZTAeJwLzxVo05FRbbLa&g=297b0af21663bba4118019f765fad4ee%2F609353721646030279&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20frfpxzy7yvf5q5b4nsm59688v2ckrfctdegxzh6sme9rhak9a8vm4n45pbyw7wj2jy1s6arx00p094560fkr951bqnahbevn5zhd7dfjaqnt8yr5rb00cdgj2271w679z055k61perby0d6y29wv1vtc3kzj40aah34dj8ps0143ry9cpe86hb26qd7xj63y0grgrmw300a0x4z16mmfz67j8r5hkreeh8zp7895ae3paq9qjgzecnqt5n8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4chQ5mGmYL-HNs2EtOUPvIOfiAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvgFP0IAVUpdSStN0u57dok3z_DpcWcHmcVeNy4PXj4PfwcEAXP4RLPZjFZEo4QlVhXvitHPHCG7I4j620Ycubv5d95pYqtjWdq0prQ_9bQNcPZ-BID01CoXCd9_xaTlCgLVJM17SnF_Ctm8kO3wyQB--xaoZL0EjszZySso1QGMhh3xhNjRuWipxUgp8PxvutC7OrPU_IK4Soqy_FgE-jdD0YioMRAq3R7I1HaZ0NfSWZINuoYzel3LzHCIiQBjggAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Zv8ZUxyDHVORaI7AdRE4DVgwFtg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Thu, 20 May 2021 13:19:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2391735
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85604
cf-request-id
0a2b87a0f800004aa906986000000001
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=50z2foMxzBavPe40AGkTYMlW3IeS4cz9LqD%2BZN2a3XT%2BuJZ4wPizQAeSPjxYlBjqm%2FJePHw3Vg%2F80QQ6egC1X%2BEcoljOoA5RR4n9Mygm1HM7ddajA8wFIzJ44g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Fri, 21 May 2021 13:19:41 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
6525dbae5c264aa9-FRA
cf-bgj
imgq:85,h2pri
default.css
as.ad4m.at/ad/style/0.1.6/one-ad/ Frame 2FDF 		59 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.6/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=iuGcfbeditfcZLQ7mQO4sb9aRwL0bb4l&g=f3240d8f933ca8d1f2bbdb18a3c01430%2F16196834210030529249&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dexdyv38nwx17yktyargwnf7r44axeakb86jsh5g5gjxcc7nh6h54cs25ay71m1kq07s0nhr4xfca93bfm9a1rw5pbzkg70r8hbpbx6hr88qf2jsmxdajjn54qc1bvamyptrg6v3fmpj5gx531v9af3b28qjwjm4vherwjyjxrncjhbdw667zara5xa6wm9q8kjpsxc1gc5tkf1j29zxjw2xp2twfw60z98f7em5t352q37cv6h6aj7bmb8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtlCA5mGmYMzsOZujtOUP4fyo0AuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQIDADSgYm-0PqgDAaoEvwFP0NS5UdPWu_mciUDJiYGtYRubJmAeNGzAYCOzluAICYQPvtVGosl6Pu4qASyBTluWW7GGExblpaCyw7u_fAHv3Zl2x0MqcwpUYxAUTE3k6onPHK7T3PMsvmZBA01peVzoSgc1pL5V9hFISi8MTK8ducxDc4jnwkMySp1H5FpiVENi_s1_zJYzFY-edUXuj5jwbiqu3Y24K7Rrm1GwahdnF20HT-N6qkn7L1-6NhF9LEchhQt1xbhb6RiaT02ja4AG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0j6_drOS4nyyVgFrlri9a2HwDsZg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=iuGcfbeditfcZLQ7mQO4sb9aRwL0bb4l&g=f3240d8f933ca8d1f2bbdb18a3c01430%2F16196834210030529249&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dexdyv38nwx17yktyargwnf7r44axeakb86jsh5g5gjxcc7nh6h54cs25ay71m1kq07s0nhr4xfca93bfm9a1rw5pbzkg70r8hbpbx6hr88qf2jsmxdajjn54qc1bvamyptrg6v3fmpj5gx531v9af3b28qjwjm4vherwjyjxrncjhbdw667zara5xa6wm9q8kjpsxc1gc5tkf1j29zxjw2xp2twfw60z98f7em5t352q37cv6h6aj7bmb8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtlCA5mGmYMzsOZujtOUP4fyo0AuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQIDADSgYm-0PqgDAaoEvwFP0NS5UdPWu_mciUDJiYGtYRubJmAeNGzAYCOzluAICYQPvtVGosl6Pu4qASyBTluWW7GGExblpaCyw7u_fAHv3Zl2x0MqcwpUYxAUTE3k6onPHK7T3PMsvmZBA01peVzoSgc1pL5V9hFISi8MTK8ducxDc4jnwkMySp1H5FpiVENi_s1_zJYzFY-edUXuj5jwbiqu3Y24K7Rrm1GwahdnF20HT-N6qkn7L1-6NhF9LEchhQt1xbhb6RiaT02ja4AG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0j6_drOS4nyyVgFrlri9a2HwDsZg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:41 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
97313
cf-polished
origSize=60706
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-request-id
0a2b87a0f400001f2d56b62000000001
cf-ray
6525dbae5f7d1f2d-FRA
expires
Thu, 20 May 2021 14:19:41 GMT
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 2FDF 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=iuGcfbeditfcZLQ7mQO4sb9aRwL0bb4l&g=f3240d8f933ca8d1f2bbdb18a3c01430%2F16196834210030529249&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dexdyv38nwx17yktyargwnf7r44axeakb86jsh5g5gjxcc7nh6h54cs25ay71m1kq07s0nhr4xfca93bfm9a1rw5pbzkg70r8hbpbx6hr88qf2jsmxdajjn54qc1bvamyptrg6v3fmpj5gx531v9af3b28qjwjm4vherwjyjxrncjhbdw667zara5xa6wm9q8kjpsxc1gc5tkf1j29zxjw2xp2twfw60z98f7em5t352q37cv6h6aj7bmb8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtlCA5mGmYMzsOZujtOUP4fyo0AuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQIDADSgYm-0PqgDAaoEvwFP0NS5UdPWu_mciUDJiYGtYRubJmAeNGzAYCOzluAICYQPvtVGosl6Pu4qASyBTluWW7GGExblpaCyw7u_fAHv3Zl2x0MqcwpUYxAUTE3k6onPHK7T3PMsvmZBA01peVzoSgc1pL5V9hFISi8MTK8ducxDc4jnwkMySp1H5FpiVENi_s1_zJYzFY-edUXuj5jwbiqu3Y24K7Rrm1GwahdnF20HT-N6qkn7L1-6NhF9LEchhQt1xbhb6RiaT02ja4AG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0j6_drOS4nyyVgFrlri9a2HwDsZg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date
Thu, 20 May 2021 13:19:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
52536
cf-polished
origFmt=png, origSize=35453
x-guploader-uploadid
ABg5-Uwa0pHO7p2KwdWZ6A8ZHcFIkQUlgjPhsd8G8bqx4cWC-xpVXJrDEK-e_ZlHLKcIK4mqQ40q-IIwdNNX4JYmbgW8DGCfiw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18872
cf-request-id
0a2b87a0f700004aa9100b7000000001
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fC0gHrQLWxWzm9vu7f6KZ%2BfRve%2FiHZ4GVFjln71eCm1Kpq%2B29kSVNFBiMtb1YxlyfVwhJIXhJtuYT9IKpj6EKyUcCy3z%2FlBilelSo0J%2FPyuwDlqBY7gcxjaZxg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589805029334103
content-type
image/webp
expires
Fri, 21 May 2021 13:19:41 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
35453
accept-ranges
bytes
cf-ray
6525dbae5c1e4aa9-FRA
cf-bgj
imgq:85,h2pri
A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 2FDF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=iuGcfbeditfcZLQ7mQO4sb9aRwL0bb4l&g=f3240d8f933ca8d1f2bbdb18a3c01430%2F16196834210030529249&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dexdyv38nwx17yktyargwnf7r44axeakb86jsh5g5gjxcc7nh6h54cs25ay71m1kq07s0nhr4xfca93bfm9a1rw5pbzkg70r8hbpbx6hr88qf2jsmxdajjn54qc1bvamyptrg6v3fmpj5gx531v9af3b28qjwjm4vherwjyjxrncjhbdw667zara5xa6wm9q8kjpsxc1gc5tkf1j29zxjw2xp2twfw60z98f7em5t352q37cv6h6aj7bmb8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtlCA5mGmYMzsOZujtOUP4fyo0AuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQIDADSgYm-0PqgDAaoEvwFP0NS5UdPWu_mciUDJiYGtYRubJmAeNGzAYCOzluAICYQPvtVGosl6Pu4qASyBTluWW7GGExblpaCyw7u_fAHv3Zl2x0MqcwpUYxAUTE3k6onPHK7T3PMsvmZBA01peVzoSgc1pL5V9hFISi8MTK8ducxDc4jnwkMySp1H5FpiVENi_s1_zJYzFY-edUXuj5jwbiqu3Y24K7Rrm1GwahdnF20HT-N6qkn7L1-6NhF9LEchhQt1xbhb6RiaT02ja4AG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0j6_drOS4nyyVgFrlri9a2HwDsZg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date
Thu, 20 May 2021 13:19:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
58535
cf-polished
origFmt=png, origSize=4031
x-guploader-uploadid
ABg5-UzGiRR4yimbWKfGJZpmBb7Y7HRFdwG_OsOerIJSuqRrvfrFIfTgIYrYfkjPNAsraqsGAdYkDRgmZq7_XAan-8Y
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1598
cf-request-id
0a2b87a0f800004aa9490fe000000001
last-modified
Wed, 20 Jan 2021 17:03:56 GMT
server
cloudflare
etag
"7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NuBPnDybJcN7%2B5shMnl%2BN0Zdv9buSUV01TnLK58O5vhi6aSEFXE%2F64sx2Q8ycTr1edb0sRoBUX9wegsrZoielnaAwJ1S9y4cF%2FceL8PtWRPtDnjaUquMg8HXaA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1611162235947637
content-type
image/webp
expires
Fri, 21 May 2021 13:19:41 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
4031
accept-ranges
bytes
cf-ray
6525dbae5c254aa9-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 2FDF 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__asuidiuGcfbeditfcZLQ7mQO4sb9aRwL0bb4lasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=iuGcfbeditfcZLQ7mQO4sb9aRwL0bb4l&g=f3240d8f933ca8d1f2bbdb18a3c01430%2F16196834210030529249&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dexdyv38nwx17yktyargwnf7r44axeakb86jsh5g5gjxcc7nh6h54cs25ay71m1kq07s0nhr4xfca93bfm9a1rw5pbzkg70r8hbpbx6hr88qf2jsmxdajjn54qc1bvamyptrg6v3fmpj5gx531v9af3b28qjwjm4vherwjyjxrncjhbdw667zara5xa6wm9q8kjpsxc1gc5tkf1j29zxjw2xp2twfw60z98f7em5t352q37cv6h6aj7bmb8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtlCA5mGmYMzsOZujtOUP4fyo0AuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQIDADSgYm-0PqgDAaoEvwFP0NS5UdPWu_mciUDJiYGtYRubJmAeNGzAYCOzluAICYQPvtVGosl6Pu4qASyBTluWW7GGExblpaCyw7u_fAHv3Zl2x0MqcwpUYxAUTE3k6onPHK7T3PMsvmZBA01peVzoSgc1pL5V9hFISi8MTK8ducxDc4jnwkMySp1H5FpiVENi_s1_zJYzFY-edUXuj5jwbiqu3Y24K7Rrm1GwahdnF20HT-N6qkn7L1-6NhF9LEchhQt1xbhb6RiaT02ja4AG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0j6_drOS4nyyVgFrlri9a2HwDsZg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:42 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 2FDF 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=iuGcfbeditfcZLQ7mQO4sb9aRwL0bb4l&g=f3240d8f933ca8d1f2bbdb18a3c01430%2F16196834210030529249&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dexdyv38nwx17yktyargwnf7r44axeakb86jsh5g5gjxcc7nh6h54cs25ay71m1kq07s0nhr4xfca93bfm9a1rw5pbzkg70r8hbpbx6hr88qf2jsmxdajjn54qc1bvamyptrg6v3fmpj5gx531v9af3b28qjwjm4vherwjyjxrncjhbdw667zara5xa6wm9q8kjpsxc1gc5tkf1j29zxjw2xp2twfw60z98f7em5t352q37cv6h6aj7bmb8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtlCA5mGmYMzsOZujtOUP4fyo0AuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQIDADSgYm-0PqgDAaoEvwFP0NS5UdPWu_mciUDJiYGtYRubJmAeNGzAYCOzluAICYQPvtVGosl6Pu4qASyBTluWW7GGExblpaCyw7u_fAHv3Zl2x0MqcwpUYxAUTE3k6onPHK7T3PMsvmZBA01peVzoSgc1pL5V9hFISi8MTK8ducxDc4jnwkMySp1H5FpiVENi_s1_zJYzFY-edUXuj5jwbiqu3Y24K7Rrm1GwahdnF20HT-N6qkn7L1-6NhF9LEchhQt1xbhb6RiaT02ja4AG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0j6_drOS4nyyVgFrlri9a2HwDsZg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date
Thu, 20 May 2021 13:19:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
51546
cf-polished
origFmt=png, origSize=44613
x-guploader-uploadid
ABg5-UwWzV8Vi9wwWB9_t92BZ3hXsqxnGcNPAW0LaVCSpyGkAeICaRXs_LpZzjWYyirMRzo7C0cmfApc-NiuzLQfsg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39202
cf-request-id
0a2b87a0f800004aa96a03d000000001
last-modified
Wed, 22 Jan 2020 13:11:41 GMT
server
cloudflare
etag
"c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZvG%2B7hYplQ5QCK3wgrOQk6KOjuG0hyp7SOzoaIrY8VWOGwjL5yY3UOYwh3wR14z6iy3LsNxsOUkV2af5eNec6sfo8xC3ZFjpG3D45PnDHPcTgZeglFT%2B7tzKWw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698701189315
content-type
image/webp
expires
Fri, 21 May 2021 13:19:41 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
44613
accept-ranges
bytes
cf-ray
6525dbae5c284aa9-FRA
cf-bgj
imgq:85,h2pri
69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 2FDF 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=iuGcfbeditfcZLQ7mQO4sb9aRwL0bb4l&g=f3240d8f933ca8d1f2bbdb18a3c01430%2F16196834210030529249&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dexdyv38nwx17yktyargwnf7r44axeakb86jsh5g5gjxcc7nh6h54cs25ay71m1kq07s0nhr4xfca93bfm9a1rw5pbzkg70r8hbpbx6hr88qf2jsmxdajjn54qc1bvamyptrg6v3fmpj5gx531v9af3b28qjwjm4vherwjyjxrncjhbdw667zara5xa6wm9q8kjpsxc1gc5tkf1j29zxjw2xp2twfw60z98f7em5t352q37cv6h6aj7bmb8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtlCA5mGmYMzsOZujtOUP4fyo0AuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQIDADSgYm-0PqgDAaoEvwFP0NS5UdPWu_mciUDJiYGtYRubJmAeNGzAYCOzluAICYQPvtVGosl6Pu4qASyBTluWW7GGExblpaCyw7u_fAHv3Zl2x0MqcwpUYxAUTE3k6onPHK7T3PMsvmZBA01peVzoSgc1pL5V9hFISi8MTK8ducxDc4jnwkMySp1H5FpiVENi_s1_zJYzFY-edUXuj5jwbiqu3Y24K7Rrm1GwahdnF20HT-N6qkn7L1-6NhF9LEchhQt1xbhb6RiaT02ja4AG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0j6_drOS4nyyVgFrlri9a2HwDsZg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date
Thu, 20 May 2021 13:19:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
55800
cf-polished
origFmt=png, origSize=136328
x-guploader-uploadid
ABg5-UykCxNZ0AP_Fq4FWIDYfil9WRQTsuLGjDxt5DK2RX82WpBPnvBW8foCqTuSn3f01OWO6Sju6hFwgAMnmIYUuyOdBQjmgA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
115268
cf-request-id
0a2b87a0f900004aa9791c3000000001
last-modified
Tue, 29 Oct 2019 09:42:57 GMT
server
cloudflare
etag
"0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8PN7IITo%2BnwGSZhTAGmlgf%2Butco4DT%2Bd5AxFy0%2FL3Ga%2Bc3QSb4YImX%2BzG4uqW7JPZbYpuKD2I0blDCbs%2F62yznN5JopGoDUIS2CR5mdt%2FLiuf6UCgzVExIHEYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1572342177666668
content-type
image/webp
expires
Fri, 21 May 2021 13:19:41 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
136328
accept-ranges
bytes
cf-ray
6525dbae5c294aa9-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 2FDF 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__asuidiuGcfbeditfcZLQ7mQO4sb9aRwL0bb4lasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=iuGcfbeditfcZLQ7mQO4sb9aRwL0bb4l&g=f3240d8f933ca8d1f2bbdb18a3c01430%2F16196834210030529249&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dexdyv38nwx17yktyargwnf7r44axeakb86jsh5g5gjxcc7nh6h54cs25ay71m1kq07s0nhr4xfca93bfm9a1rw5pbzkg70r8hbpbx6hr88qf2jsmxdajjn54qc1bvamyptrg6v3fmpj5gx531v9af3b28qjwjm4vherwjyjxrncjhbdw667zara5xa6wm9q8kjpsxc1gc5tkf1j29zxjw2xp2twfw60z98f7em5t352q37cv6h6aj7bmb8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtlCA5mGmYMzsOZujtOUP4fyo0AuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQIDADSgYm-0PqgDAaoEvwFP0NS5UdPWu_mciUDJiYGtYRubJmAeNGzAYCOzluAICYQPvtVGosl6Pu4qASyBTluWW7GGExblpaCyw7u_fAHv3Zl2x0MqcwpUYxAUTE3k6onPHK7T3PMsvmZBA01peVzoSgc1pL5V9hFISi8MTK8ducxDc4jnwkMySp1H5FpiVENi_s1_zJYzFY-edUXuj5jwbiqu3Y24K7Rrm1GwahdnF20HT-N6qkn7L1-6NhF9LEchhQt1xbhb6RiaT02ja4AG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0j6_drOS4nyyVgFrlri9a2HwDsZg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:41 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 2FDF 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=iuGcfbeditfcZLQ7mQO4sb9aRwL0bb4l&g=f3240d8f933ca8d1f2bbdb18a3c01430%2F16196834210030529249&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dexdyv38nwx17yktyargwnf7r44axeakb86jsh5g5gjxcc7nh6h54cs25ay71m1kq07s0nhr4xfca93bfm9a1rw5pbzkg70r8hbpbx6hr88qf2jsmxdajjn54qc1bvamyptrg6v3fmpj5gx531v9af3b28qjwjm4vherwjyjxrncjhbdw667zara5xa6wm9q8kjpsxc1gc5tkf1j29zxjw2xp2twfw60z98f7em5t352q37cv6h6aj7bmb8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtlCA5mGmYMzsOZujtOUP4fyo0AuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQIDADSgYm-0PqgDAaoEvwFP0NS5UdPWu_mciUDJiYGtYRubJmAeNGzAYCOzluAICYQPvtVGosl6Pu4qASyBTluWW7GGExblpaCyw7u_fAHv3Zl2x0MqcwpUYxAUTE3k6onPHK7T3PMsvmZBA01peVzoSgc1pL5V9hFISi8MTK8ducxDc4jnwkMySp1H5FpiVENi_s1_zJYzFY-edUXuj5jwbiqu3Y24K7Rrm1GwahdnF20HT-N6qkn7L1-6NhF9LEchhQt1xbhb6RiaT02ja4AG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0j6_drOS4nyyVgFrlri9a2HwDsZg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Thu, 20 May 2021 13:19:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
51466
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ABg5-Uw9SETLfk8DtyWaIZce9Gh3X03pLd54DJnm3xkNEbvc2Qt-5aEHU4xCUXItiX2PkICfwMdkPoDB6Bg1d2Cky_8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
cf-request-id
0a2b87a0f900004aa9f404c000000001
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RRG9dQjFZspRaAt2iqfvb0hnsxSZ%2BHNetoBDr2Y%2B6Fj152ydhfoyCTpN53gG0W1BHoOV7f0he7%2BahjG2AL4h%2FiJY9AaoXRQOtVyvSsaorCJcJHJ3pAevTR18Dw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Fri, 21 May 2021 13:19:41 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
6525dbae5c2b4aa9-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 2FDF 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=iuGcfbeditfcZLQ7mQO4sb9aRwL0bb4l&g=f3240d8f933ca8d1f2bbdb18a3c01430%2F16196834210030529249&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dexdyv38nwx17yktyargwnf7r44axeakb86jsh5g5gjxcc7nh6h54cs25ay71m1kq07s0nhr4xfca93bfm9a1rw5pbzkg70r8hbpbx6hr88qf2jsmxdajjn54qc1bvamyptrg6v3fmpj5gx531v9af3b28qjwjm4vherwjyjxrncjhbdw667zara5xa6wm9q8kjpsxc1gc5tkf1j29zxjw2xp2twfw60z98f7em5t352q37cv6h6aj7bmb8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtlCA5mGmYMzsOZujtOUP4fyo0AuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQIDADSgYm-0PqgDAaoEvwFP0NS5UdPWu_mciUDJiYGtYRubJmAeNGzAYCOzluAICYQPvtVGosl6Pu4qASyBTluWW7GGExblpaCyw7u_fAHv3Zl2x0MqcwpUYxAUTE3k6onPHK7T3PMsvmZBA01peVzoSgc1pL5V9hFISi8MTK8ducxDc4jnwkMySp1H5FpiVENi_s1_zJYzFY-edUXuj5jwbiqu3Y24K7Rrm1GwahdnF20HT-N6qkn7L1-6NhF9LEchhQt1xbhb6RiaT02ja4AG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0j6_drOS4nyyVgFrlri9a2HwDsZg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Thu, 20 May 2021 13:19:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2391735
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85604
cf-request-id
0a2b87a0f900004aa90019c000000001
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hqIZkdYArT6qkVFuu0BfvUUUDaU5Pd%2FKCBMx4or%2Fca9t%2FspzY8vKLH7PoVTWwnM2dFmW0bOdNcFuKC3ZI3wJn7Mua1niokS6OKRBBYLQ%2FhOPWY3JaLj83w4KSw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Fri, 21 May 2021 13:19:41 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
6525dbae5c2e4aa9-FRA
cf-bgj
imgq:85,h2pri
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5292 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210517&jk=2169756935432292&bg=!lZalltLNAAZ7hX_Ue4U7ACkAdvg8WtPgtnWQsaNoDlF26n91uudqGpp4_tgq3m6r_5nF0B11aKMVNgIAAAi3UgAAAC5oAQcKAMXxwTl1qWD9jLBjV5H3C2ls6j7ZmzLsAWqOj8QlDxMtvwfuJVvhMWIM91Mod7nRy-XDAp9DjYQyVy9l1BwOtbG6m6ckta_8jHRIJWOk6JBvv5C8dFbV2GjuYvcXJDZNsfx4hFLdeHLCdEjDfGuz-KVpXN1ecvGki5rqBI4qj2YC4tze1eeglDB5UgvVXBWdXUBs5Oya1E8cRBN7tz1QVzrk_M5hvEFq65UM08EtBCdL3uawtojkZJd1ENxkL5-e4ZYaeLtTHpkCck_O-pVoJKBR5uK91Ea_Jxzpj9sGQSXJGHn3pa7ntP3JyqWZhd8GYTFv7aoQNXlXvfMQ0dfzpqwcm6n4T20UmQENpip89GCZLi7vDmgJfW0KM827ij91brwZWmHYMVjr7Eknl0XKNo40OAAMIsBEs6fbMQLy8YpsREBe0AQ0KAmI5eFquX5NNcnikkdVg7v9Z7lybu4upvOqfzJVB0tvenJnynWYHGYi68II6MIQ9KBu9v1KOt2xRl48jt1yytBPc0y58r-K7D2r_f5cfrUamKQU8-iqu2ktOjC3Y1a-NX9dNyhJ58BdCTscVzoTLtE50Gnf5b-uWnNX01pNDtTneLYJ9ReVwabakIF_OaP8jObugTlXSHrQwDEH_o9ogeMQrQ88kqUGtAJjdguYBKRveEVfGqO5ugXgBVGT_nFGc2il_TnCB97Tm02_6JaFqKmTkmN1oqo531a5gHWMbSZiAiyjvmAatcPzTIcuwJf2uvaBTKa8rstv428DPjEfUGzd3P7nz9ZifiWm1YDiI1onSyLoMdEhdHLt4DwQWMsRyll0FUht_-TX8DPxte2lPamXaH-XqyvETj0WnqxWeYi0_ektLulqn0IgJYcUtS15s_x0Jw5-_idBFHYSv986kOikgZvK0dAk0RboJIxv8J60NwNXlCx7KY0jF3Tz6zcTlBlqg-sq6P4mgFti6oYOaVS9c3CaKAwKRpfIYqDsULHv9DKPqw1CHCvCCGJPji9c1f9iiTWsbaZpkajKPiFxFrOnVyykX6ITVBJ1lT_IlYwsXrLkZHOT-5r_BJaS4Ewkmk2M1cvLLW_mHQL49uknNEtffgFq
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.6/one-ad/ Frame A2A7 		59 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.6/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=qd3oTPkCXKApnDPgRD1zAlcod5gNMl-G&g=b70aac216f6a5a98bf0e3f3a8a2716dc%2F4761467888437106308&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21n6zhvzrwwrz051m9t5xsb11rntbj7xmkj31cyg2d872vgr40zjd06k63eqb919khckgka07eggnvfcttqnj488d001z504rqmmttdmxmhq9mc5gd5y5480c2msv08y9fap70wrr06mxrcc37crxd0hkv1y1h8twm4cx012vvw8andvnzb0qtycs3srsv24m068v0mcnvtvy336trkqxf7st5w0bncvnmt9038mmgekp1pbbcacey4nx83pm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxNj65mGmYPPCC4iGtOUPv-uywA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQJjF3Zm5HK0PqgDAaoEvwFP0P4y2WixZpLycRONCiuaOVO9ZF6bUHSKKmYoNuZ82jfl6eL4sJ4QHD8XxVpQlgRJLuES7FaK-GrDvV2QbOcChtrVOaAeYyN7yb9xMZt4TadiCtE5lyo0o6O9RS8vMRcafqtryLVRq_maO8aXIqRsqzoJ7RzE2Ja5lRdVW_LM5eLb-ppNbBm-qPRrBkHxO-LItan26dMmNEGjyFsY6vmAuMJ_Hh1CDP5b94vF61DgAKtOBRrvhcCrV4IgH8GxTYAG_pSpkqePyfj-AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2zktj6AU9cqelDL4Q4MQ5TtAqLbg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=qd3oTPkCXKApnDPgRD1zAlcod5gNMl-G&g=b70aac216f6a5a98bf0e3f3a8a2716dc%2F4761467888437106308&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21n6zhvzrwwrz051m9t5xsb11rntbj7xmkj31cyg2d872vgr40zjd06k63eqb919khckgka07eggnvfcttqnj488d001z504rqmmttdmxmhq9mc5gd5y5480c2msv08y9fap70wrr06mxrcc37crxd0hkv1y1h8twm4cx012vvw8andvnzb0qtycs3srsv24m068v0mcnvtvy336trkqxf7st5w0bncvnmt9038mmgekp1pbbcacey4nx83pm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxNj65mGmYPPCC4iGtOUPv-uywA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQJjF3Zm5HK0PqgDAaoEvwFP0P4y2WixZpLycRONCiuaOVO9ZF6bUHSKKmYoNuZ82jfl6eL4sJ4QHD8XxVpQlgRJLuES7FaK-GrDvV2QbOcChtrVOaAeYyN7yb9xMZt4TadiCtE5lyo0o6O9RS8vMRcafqtryLVRq_maO8aXIqRsqzoJ7RzE2Ja5lRdVW_LM5eLb-ppNbBm-qPRrBkHxO-LItan26dMmNEGjyFsY6vmAuMJ_Hh1CDP5b94vF61DgAKtOBRrvhcCrV4IgH8GxTYAG_pSpkqePyfj-AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2zktj6AU9cqelDL4Q4MQ5TtAqLbg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:41 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
97313
cf-polished
origSize=60706
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-request-id
0a2b87a10300001f2d299bb000000001
cf-ray
6525dbae6fa31f2d-FRA
expires
Thu, 20 May 2021 14:19:41 GMT
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame A2A7 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=qd3oTPkCXKApnDPgRD1zAlcod5gNMl-G&g=b70aac216f6a5a98bf0e3f3a8a2716dc%2F4761467888437106308&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21n6zhvzrwwrz051m9t5xsb11rntbj7xmkj31cyg2d872vgr40zjd06k63eqb919khckgka07eggnvfcttqnj488d001z504rqmmttdmxmhq9mc5gd5y5480c2msv08y9fap70wrr06mxrcc37crxd0hkv1y1h8twm4cx012vvw8andvnzb0qtycs3srsv24m068v0mcnvtvy336trkqxf7st5w0bncvnmt9038mmgekp1pbbcacey4nx83pm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxNj65mGmYPPCC4iGtOUPv-uywA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQJjF3Zm5HK0PqgDAaoEvwFP0P4y2WixZpLycRONCiuaOVO9ZF6bUHSKKmYoNuZ82jfl6eL4sJ4QHD8XxVpQlgRJLuES7FaK-GrDvV2QbOcChtrVOaAeYyN7yb9xMZt4TadiCtE5lyo0o6O9RS8vMRcafqtryLVRq_maO8aXIqRsqzoJ7RzE2Ja5lRdVW_LM5eLb-ppNbBm-qPRrBkHxO-LItan26dMmNEGjyFsY6vmAuMJ_Hh1CDP5b94vF61DgAKtOBRrvhcCrV4IgH8GxTYAG_pSpkqePyfj-AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2zktj6AU9cqelDL4Q4MQ5TtAqLbg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date
Thu, 20 May 2021 13:19:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
52536
cf-polished
origFmt=png, origSize=35453
x-guploader-uploadid
ABg5-Uwa0pHO7p2KwdWZ6A8ZHcFIkQUlgjPhsd8G8bqx4cWC-xpVXJrDEK-e_ZlHLKcIK4mqQ40q-IIwdNNX4JYmbgW8DGCfiw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18872
cf-request-id
0a2b87a10500001f2d1b1cd000000001
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7xbTLqBoHc%2BkFTCDRHcbKdNS%2BnTAvXleJhUJdzsrldOx3GxLawhNoRTtatinkNrKy8lFoawzUOBknYfLT5t6mmDKVVykg8BeyMaZIFJQll4peC%2FA4bm9W83uLA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589805029334103
content-type
image/webp
expires
Fri, 21 May 2021 13:19:41 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
35453
accept-ranges
bytes
cf-ray
6525dbae6fa91f2d-FRA
cf-bgj
imgq:85,h2pri
A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame A2A7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=qd3oTPkCXKApnDPgRD1zAlcod5gNMl-G&g=b70aac216f6a5a98bf0e3f3a8a2716dc%2F4761467888437106308&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21n6zhvzrwwrz051m9t5xsb11rntbj7xmkj31cyg2d872vgr40zjd06k63eqb919khckgka07eggnvfcttqnj488d001z504rqmmttdmxmhq9mc5gd5y5480c2msv08y9fap70wrr06mxrcc37crxd0hkv1y1h8twm4cx012vvw8andvnzb0qtycs3srsv24m068v0mcnvtvy336trkqxf7st5w0bncvnmt9038mmgekp1pbbcacey4nx83pm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxNj65mGmYPPCC4iGtOUPv-uywA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQJjF3Zm5HK0PqgDAaoEvwFP0P4y2WixZpLycRONCiuaOVO9ZF6bUHSKKmYoNuZ82jfl6eL4sJ4QHD8XxVpQlgRJLuES7FaK-GrDvV2QbOcChtrVOaAeYyN7yb9xMZt4TadiCtE5lyo0o6O9RS8vMRcafqtryLVRq_maO8aXIqRsqzoJ7RzE2Ja5lRdVW_LM5eLb-ppNbBm-qPRrBkHxO-LItan26dMmNEGjyFsY6vmAuMJ_Hh1CDP5b94vF61DgAKtOBRrvhcCrV4IgH8GxTYAG_pSpkqePyfj-AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2zktj6AU9cqelDL4Q4MQ5TtAqLbg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date
Thu, 20 May 2021 13:19:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
58535
cf-polished
origFmt=png, origSize=4031
x-guploader-uploadid
ABg5-UzGiRR4yimbWKfGJZpmBb7Y7HRFdwG_OsOerIJSuqRrvfrFIfTgIYrYfkjPNAsraqsGAdYkDRgmZq7_XAan-8Y
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1598
cf-request-id
0a2b87a10700001f2d591ea000000001
last-modified
Wed, 20 Jan 2021 17:03:56 GMT
server
cloudflare
etag
"7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6mwbYPGCbHDTTdyD5fGbkAaNTZP8a565Ohi684pElCmJkiEZwHfzuqMigU5ZuDDscERG0uGxJZnEdE1FO3QxPVSnGeomoJvl6Nk2ZFNolOaWNm6Jej5GTrBEJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1611162235947637
content-type
image/webp
expires
Fri, 21 May 2021 13:19:41 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
4031
accept-ranges
bytes
cf-ray
6525dbae7fb11f2d-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame A2A7 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__asuidqd3oTPkCXKApnDPgRD1zAlcod5gNMl-Gasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=qd3oTPkCXKApnDPgRD1zAlcod5gNMl-G&g=b70aac216f6a5a98bf0e3f3a8a2716dc%2F4761467888437106308&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21n6zhvzrwwrz051m9t5xsb11rntbj7xmkj31cyg2d872vgr40zjd06k63eqb919khckgka07eggnvfcttqnj488d001z504rqmmttdmxmhq9mc5gd5y5480c2msv08y9fap70wrr06mxrcc37crxd0hkv1y1h8twm4cx012vvw8andvnzb0qtycs3srsv24m068v0mcnvtvy336trkqxf7st5w0bncvnmt9038mmgekp1pbbcacey4nx83pm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxNj65mGmYPPCC4iGtOUPv-uywA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQJjF3Zm5HK0PqgDAaoEvwFP0P4y2WixZpLycRONCiuaOVO9ZF6bUHSKKmYoNuZ82jfl6eL4sJ4QHD8XxVpQlgRJLuES7FaK-GrDvV2QbOcChtrVOaAeYyN7yb9xMZt4TadiCtE5lyo0o6O9RS8vMRcafqtryLVRq_maO8aXIqRsqzoJ7RzE2Ja5lRdVW_LM5eLb-ppNbBm-qPRrBkHxO-LItan26dMmNEGjyFsY6vmAuMJ_Hh1CDP5b94vF61DgAKtOBRrvhcCrV4IgH8GxTYAG_pSpkqePyfj-AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2zktj6AU9cqelDL4Q4MQ5TtAqLbg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:41 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame A2A7 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=qd3oTPkCXKApnDPgRD1zAlcod5gNMl-G&g=b70aac216f6a5a98bf0e3f3a8a2716dc%2F4761467888437106308&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21n6zhvzrwwrz051m9t5xsb11rntbj7xmkj31cyg2d872vgr40zjd06k63eqb919khckgka07eggnvfcttqnj488d001z504rqmmttdmxmhq9mc5gd5y5480c2msv08y9fap70wrr06mxrcc37crxd0hkv1y1h8twm4cx012vvw8andvnzb0qtycs3srsv24m068v0mcnvtvy336trkqxf7st5w0bncvnmt9038mmgekp1pbbcacey4nx83pm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxNj65mGmYPPCC4iGtOUPv-uywA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQJjF3Zm5HK0PqgDAaoEvwFP0P4y2WixZpLycRONCiuaOVO9ZF6bUHSKKmYoNuZ82jfl6eL4sJ4QHD8XxVpQlgRJLuES7FaK-GrDvV2QbOcChtrVOaAeYyN7yb9xMZt4TadiCtE5lyo0o6O9RS8vMRcafqtryLVRq_maO8aXIqRsqzoJ7RzE2Ja5lRdVW_LM5eLb-ppNbBm-qPRrBkHxO-LItan26dMmNEGjyFsY6vmAuMJ_Hh1CDP5b94vF61DgAKtOBRrvhcCrV4IgH8GxTYAG_pSpkqePyfj-AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2zktj6AU9cqelDL4Q4MQ5TtAqLbg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date
Thu, 20 May 2021 13:19:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
51546
cf-polished
origFmt=png, origSize=44613
x-guploader-uploadid
ABg5-UwWzV8Vi9wwWB9_t92BZ3hXsqxnGcNPAW0LaVCSpyGkAeICaRXs_LpZzjWYyirMRzo7C0cmfApc-NiuzLQfsg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39202
cf-request-id
0a2b87a10800001f2d2fa8a000000001
last-modified
Wed, 22 Jan 2020 13:11:41 GMT
server
cloudflare
etag
"c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hHib7lQOtHD9laYSRMgiBLxf%2F5zwgiz9nnn%2FSLS9DMRBXbKdiUZlApsUGaMnJjkWuMowMoJTGp%2FqDxYf648mmc3CjFbn0L%2FyfKAVyf38%2BS0CoioYUpGdv7IBlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698701189315
content-type
image/webp
expires
Fri, 21 May 2021 13:19:41 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
44613
accept-ranges
bytes
cf-ray
6525dbae7fb31f2d-FRA
cf-bgj
imgq:85,h2pri
69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame A2A7 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=qd3oTPkCXKApnDPgRD1zAlcod5gNMl-G&g=b70aac216f6a5a98bf0e3f3a8a2716dc%2F4761467888437106308&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21n6zhvzrwwrz051m9t5xsb11rntbj7xmkj31cyg2d872vgr40zjd06k63eqb919khckgka07eggnvfcttqnj488d001z504rqmmttdmxmhq9mc5gd5y5480c2msv08y9fap70wrr06mxrcc37crxd0hkv1y1h8twm4cx012vvw8andvnzb0qtycs3srsv24m068v0mcnvtvy336trkqxf7st5w0bncvnmt9038mmgekp1pbbcacey4nx83pm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxNj65mGmYPPCC4iGtOUPv-uywA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQJjF3Zm5HK0PqgDAaoEvwFP0P4y2WixZpLycRONCiuaOVO9ZF6bUHSKKmYoNuZ82jfl6eL4sJ4QHD8XxVpQlgRJLuES7FaK-GrDvV2QbOcChtrVOaAeYyN7yb9xMZt4TadiCtE5lyo0o6O9RS8vMRcafqtryLVRq_maO8aXIqRsqzoJ7RzE2Ja5lRdVW_LM5eLb-ppNbBm-qPRrBkHxO-LItan26dMmNEGjyFsY6vmAuMJ_Hh1CDP5b94vF61DgAKtOBRrvhcCrV4IgH8GxTYAG_pSpkqePyfj-AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2zktj6AU9cqelDL4Q4MQ5TtAqLbg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date
Thu, 20 May 2021 13:19:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
55800
cf-polished
origFmt=png, origSize=136328
x-guploader-uploadid
ABg5-UykCxNZ0AP_Fq4FWIDYfil9WRQTsuLGjDxt5DK2RX82WpBPnvBW8foCqTuSn3f01OWO6Sju6hFwgAMnmIYUuyOdBQjmgA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
115268
cf-request-id
0a2b87a10800001f2d8cb0e000000001
last-modified
Tue, 29 Oct 2019 09:42:57 GMT
server
cloudflare
etag
"0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c4yVBQSDWRWRD42Vs2axl5xZrdGENugqB6W2xjxUAE4TllimETWoiBRXD0wQKBA8jgZxBhLGYgYBBaeVjDf10X9RacmPm6yfanDz6dfQfqi%2BMjAgqNnljZvD2A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1572342177666668
content-type
image/webp
expires
Fri, 21 May 2021 13:19:41 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
136328
accept-ranges
bytes
cf-ray
6525dbae7fb41f2d-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame A2A7 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__asuidqd3oTPkCXKApnDPgRD1zAlcod5gNMl-Gasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=qd3oTPkCXKApnDPgRD1zAlcod5gNMl-G&g=b70aac216f6a5a98bf0e3f3a8a2716dc%2F4761467888437106308&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21n6zhvzrwwrz051m9t5xsb11rntbj7xmkj31cyg2d872vgr40zjd06k63eqb919khckgka07eggnvfcttqnj488d001z504rqmmttdmxmhq9mc5gd5y5480c2msv08y9fap70wrr06mxrcc37crxd0hkv1y1h8twm4cx012vvw8andvnzb0qtycs3srsv24m068v0mcnvtvy336trkqxf7st5w0bncvnmt9038mmgekp1pbbcacey4nx83pm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxNj65mGmYPPCC4iGtOUPv-uywA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQJjF3Zm5HK0PqgDAaoEvwFP0P4y2WixZpLycRONCiuaOVO9ZF6bUHSKKmYoNuZ82jfl6eL4sJ4QHD8XxVpQlgRJLuES7FaK-GrDvV2QbOcChtrVOaAeYyN7yb9xMZt4TadiCtE5lyo0o6O9RS8vMRcafqtryLVRq_maO8aXIqRsqzoJ7RzE2Ja5lRdVW_LM5eLb-ppNbBm-qPRrBkHxO-LItan26dMmNEGjyFsY6vmAuMJ_Hh1CDP5b94vF61DgAKtOBRrvhcCrV4IgH8GxTYAG_pSpkqePyfj-AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2zktj6AU9cqelDL4Q4MQ5TtAqLbg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:42 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame A2A7 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=qd3oTPkCXKApnDPgRD1zAlcod5gNMl-G&g=b70aac216f6a5a98bf0e3f3a8a2716dc%2F4761467888437106308&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21n6zhvzrwwrz051m9t5xsb11rntbj7xmkj31cyg2d872vgr40zjd06k63eqb919khckgka07eggnvfcttqnj488d001z504rqmmttdmxmhq9mc5gd5y5480c2msv08y9fap70wrr06mxrcc37crxd0hkv1y1h8twm4cx012vvw8andvnzb0qtycs3srsv24m068v0mcnvtvy336trkqxf7st5w0bncvnmt9038mmgekp1pbbcacey4nx83pm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxNj65mGmYPPCC4iGtOUPv-uywA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQJjF3Zm5HK0PqgDAaoEvwFP0P4y2WixZpLycRONCiuaOVO9ZF6bUHSKKmYoNuZ82jfl6eL4sJ4QHD8XxVpQlgRJLuES7FaK-GrDvV2QbOcChtrVOaAeYyN7yb9xMZt4TadiCtE5lyo0o6O9RS8vMRcafqtryLVRq_maO8aXIqRsqzoJ7RzE2Ja5lRdVW_LM5eLb-ppNbBm-qPRrBkHxO-LItan26dMmNEGjyFsY6vmAuMJ_Hh1CDP5b94vF61DgAKtOBRrvhcCrV4IgH8GxTYAG_pSpkqePyfj-AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2zktj6AU9cqelDL4Q4MQ5TtAqLbg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Thu, 20 May 2021 13:19:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
51466
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ABg5-Uw9SETLfk8DtyWaIZce9Gh3X03pLd54DJnm3xkNEbvc2Qt-5aEHU4xCUXItiX2PkICfwMdkPoDB6Bg1d2Cky_8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
cf-request-id
0a2b87a10900001f2d41819000000001
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Gd7N10wde%2FSSZRLFPDJZpm8oi5RKzrT9QjYtmqoJT9MmWFFRHk33XDOcjedyq8e3XS%2BPMAbDKdhpEodGgtOF0urgYsXtRYWHt660L9%2F92a5Kf%2FkuAiqamJUfQw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Fri, 21 May 2021 13:19:41 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
6525dbae7fb51f2d-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame A2A7 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=qd3oTPkCXKApnDPgRD1zAlcod5gNMl-G&g=b70aac216f6a5a98bf0e3f3a8a2716dc%2F4761467888437106308&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21n6zhvzrwwrz051m9t5xsb11rntbj7xmkj31cyg2d872vgr40zjd06k63eqb919khckgka07eggnvfcttqnj488d001z504rqmmttdmxmhq9mc5gd5y5480c2msv08y9fap70wrr06mxrcc37crxd0hkv1y1h8twm4cx012vvw8andvnzb0qtycs3srsv24m068v0mcnvtvy336trkqxf7st5w0bncvnmt9038mmgekp1pbbcacey4nx83pm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxNj65mGmYPPCC4iGtOUPv-uywA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQJjF3Zm5HK0PqgDAaoEvwFP0P4y2WixZpLycRONCiuaOVO9ZF6bUHSKKmYoNuZ82jfl6eL4sJ4QHD8XxVpQlgRJLuES7FaK-GrDvV2QbOcChtrVOaAeYyN7yb9xMZt4TadiCtE5lyo0o6O9RS8vMRcafqtryLVRq_maO8aXIqRsqzoJ7RzE2Ja5lRdVW_LM5eLb-ppNbBm-qPRrBkHxO-LItan26dMmNEGjyFsY6vmAuMJ_Hh1CDP5b94vF61DgAKtOBRrvhcCrV4IgH8GxTYAG_pSpkqePyfj-AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2zktj6AU9cqelDL4Q4MQ5TtAqLbg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Thu, 20 May 2021 13:19:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2391735
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85604
cf-request-id
0a2b87a10900001f2d3735d000000001
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6mcS%2FOagvRMUW%2F0FOCUk8nuVbGhgYTkEHIWzemojL6eAJ8LadG1ALU2MDTmqmG9RzNy8DTIzVRze2vC4n6WYYTUYC9cQ0EeIY7uH%2BP6nyfVyoGt0fEPbdfCasw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Fri, 21 May 2021 13:19:41 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
6525dbae7fb71f2d-FRA
cf-bgj
imgq:85,h2pri
u
b.t.tailtarget.com/ 		54 B
303 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/u?
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
c1d66928ad6759fb7f75c400f9f98e2a1a5b8683c107c3426b04e83cbed5825e

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:41 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cache-control
private, proxy-revalidate
content-encoding
gzip
alt-svc
clear
link.html
track.webgains.com/ Frame E065 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuid_viUHojspWok5ZTAeJwLzxVo05FRbbLaasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuid_viUHojspWok5ZTAeJwLzxVo05FRbbLaasuid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=_viUHojspWok5ZTAeJwLzxVo05FRbbLa&g=297b0af21663bba4118019f765fad4ee%2F609353721646030279&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20frfpxzy7yvf5q5b4nsm59688v2ckrfctdegxzh6sme9rhak9a8vm4n45pbyw7wj2jy1s6arx00p094560fkr951bqnahbevn5zhd7dfjaqnt8yr5rb00cdgj2271w679z055k61perby0d6y29wv1vtc3kzj40aah34dj8ps0143ry9cpe86hb26qd7xj63y0grgrmw300a0x4z16mmfz67j8r5hkreeh8zp7895ae3paq9qjgzecnqt5n8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4chQ5mGmYL-HNs2EtOUPvIOfiAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvgFP0IAVUpdSStN0u57dok3z_DpcWcHmcVeNy4PXj4PfwcEAXP4RLPZjFZEo4QlVhXvitHPHCG7I4j620Ycubv5d95pYqtjWdq0prQ_9bQNcPZ-BID01CoXCd9_xaTlCgLVJM17SnF_Ctm8kO3wyQB--xaoZL0EjszZySso1QGMhh3xhNjRuWipxUgp8PxvutC7OrPU_IK4Soqy_FgE-jdD0YioMRAq3R7I1HaZ0NfSWZINuoYzel3LzHCIiQBjggAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Zv8ZUxyDHVORaI7AdRE4DVgwFtg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
92c02427aa57afe887187c578aaba81f00ddcb521839758001dee90b491cd539

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:42 GMT
Last-Modified
Thu, 20 May 2021 13:19:42 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
link.html
track.webgains.com/ Frame 2FDF 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidiuGcfbeditfcZLQ7mQO4sb9aRwL0bb4lasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidiuGcfbeditfcZLQ7mQO4sb9aRwL0bb4lasuid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=iuGcfbeditfcZLQ7mQO4sb9aRwL0bb4l&g=f3240d8f933ca8d1f2bbdb18a3c01430%2F16196834210030529249&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dexdyv38nwx17yktyargwnf7r44axeakb86jsh5g5gjxcc7nh6h54cs25ay71m1kq07s0nhr4xfca93bfm9a1rw5pbzkg70r8hbpbx6hr88qf2jsmxdajjn54qc1bvamyptrg6v3fmpj5gx531v9af3b28qjwjm4vherwjyjxrncjhbdw667zara5xa6wm9q8kjpsxc1gc5tkf1j29zxjw2xp2twfw60z98f7em5t352q37cv6h6aj7bmb8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtlCA5mGmYMzsOZujtOUP4fyo0AuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQIDADSgYm-0PqgDAaoEvwFP0NS5UdPWu_mciUDJiYGtYRubJmAeNGzAYCOzluAICYQPvtVGosl6Pu4qASyBTluWW7GGExblpaCyw7u_fAHv3Zl2x0MqcwpUYxAUTE3k6onPHK7T3PMsvmZBA01peVzoSgc1pL5V9hFISi8MTK8ducxDc4jnwkMySp1H5FpiVENi_s1_zJYzFY-edUXuj5jwbiqu3Y24K7Rrm1GwahdnF20HT-N6qkn7L1-6NhF9LEchhQt1xbhb6RiaT02ja4AG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0j6_drOS4nyyVgFrlri9a2HwDsZg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
0980a083224c15167f047867f1e196748e0032631ca0c3783e7051c5fcb3336b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:42 GMT
Last-Modified
Thu, 20 May 2021 13:19:42 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.6/one-ad/ Frame 63CF 		59 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.6/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=fee3b44e7adfc6864384808d55c17f39%2F8037280279441544571&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2228wem3fwr3z72s3yaq36y1ftj276ay15yxx5pksmgqjexgsnr2rkztxszvmw55t4c7111mt2hsa79bkrfnj61x2j82h8wdvfxcvq259ybtdy4emdbjmyzz3z8vkz1e9q343h10pt9n3yypjmh6cb52fehn39e0cjvj79hefq9cgqgzhz9tjpnryhn680f41vqjzhcjdqg1jaae4aam8matzdqee60604gkyzn32ebs3t2t46e3xqc50mzkt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXSaN52GmYKy2BLfVtOUP1cCh2AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvwFP0LxC7iD1UnLZ4o2Y7WHbVbcmHJkSNwSKtsl3qunN5WjctHCAUSlFU1XPLH4aKhn_dmT5Jb3ELrGW6JZZh1NOzML4VrNRWzQ6K7j-tqU0Hs31yboy-HRvDx_fJUGC68UJPnt6memJT8suiLelG-sZmQwMXwmLSvxtn2NafzBEXAuviLO4OBYVY8eOLQs7FXkOIKwf1AyyygpfwjE93FG667D2eMgQSOYR0XDsW9TnscX4DEkYKok7HMgnAaP5HoAG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2NxUavZpPNivuXHwF1vAXOczsnVg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=fee3b44e7adfc6864384808d55c17f39%2F8037280279441544571&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2228wem3fwr3z72s3yaq36y1ftj276ay15yxx5pksmgqjexgsnr2rkztxszvmw55t4c7111mt2hsa79bkrfnj61x2j82h8wdvfxcvq259ybtdy4emdbjmyzz3z8vkz1e9q343h10pt9n3yypjmh6cb52fehn39e0cjvj79hefq9cgqgzhz9tjpnryhn680f41vqjzhcjdqg1jaae4aam8matzdqee60604gkyzn32ebs3t2t46e3xqc50mzkt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXSaN52GmYKy2BLfVtOUP1cCh2AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvwFP0LxC7iD1UnLZ4o2Y7WHbVbcmHJkSNwSKtsl3qunN5WjctHCAUSlFU1XPLH4aKhn_dmT5Jb3ELrGW6JZZh1NOzML4VrNRWzQ6K7j-tqU0Hs31yboy-HRvDx_fJUGC68UJPnt6memJT8suiLelG-sZmQwMXwmLSvxtn2NafzBEXAuviLO4OBYVY8eOLQs7FXkOIKwf1AyyygpfwjE93FG667D2eMgQSOYR0XDsW9TnscX4DEkYKok7HMgnAaP5HoAG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2NxUavZpPNivuXHwF1vAXOczsnVg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:41 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
97313
cf-polished
origSize=60706
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-request-id
0a2b87a14100001f2d5e864000000001
cf-ray
6525dbaec8431f2d-FRA
expires
Thu, 20 May 2021 14:19:41 GMT
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 63CF 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=fee3b44e7adfc6864384808d55c17f39%2F8037280279441544571&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2228wem3fwr3z72s3yaq36y1ftj276ay15yxx5pksmgqjexgsnr2rkztxszvmw55t4c7111mt2hsa79bkrfnj61x2j82h8wdvfxcvq259ybtdy4emdbjmyzz3z8vkz1e9q343h10pt9n3yypjmh6cb52fehn39e0cjvj79hefq9cgqgzhz9tjpnryhn680f41vqjzhcjdqg1jaae4aam8matzdqee60604gkyzn32ebs3t2t46e3xqc50mzkt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXSaN52GmYKy2BLfVtOUP1cCh2AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvwFP0LxC7iD1UnLZ4o2Y7WHbVbcmHJkSNwSKtsl3qunN5WjctHCAUSlFU1XPLH4aKhn_dmT5Jb3ELrGW6JZZh1NOzML4VrNRWzQ6K7j-tqU0Hs31yboy-HRvDx_fJUGC68UJPnt6memJT8suiLelG-sZmQwMXwmLSvxtn2NafzBEXAuviLO4OBYVY8eOLQs7FXkOIKwf1AyyygpfwjE93FG667D2eMgQSOYR0XDsW9TnscX4DEkYKok7HMgnAaP5HoAG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2NxUavZpPNivuXHwF1vAXOczsnVg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date
Thu, 20 May 2021 13:19:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
52536
cf-polished
origFmt=png, origSize=35453
x-guploader-uploadid
ABg5-Uwa0pHO7p2KwdWZ6A8ZHcFIkQUlgjPhsd8G8bqx4cWC-xpVXJrDEK-e_ZlHLKcIK4mqQ40q-IIwdNNX4JYmbgW8DGCfiw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18872
cf-request-id
0a2b87a14100001f2d0c184000000001
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TxNJzsI34ImpbCHVKCeMjXI3TuGFdKiU1rdXOsAUB7GvKnhWHsi4BvvHOljRwZpRklV9JPMnwqkpJERCQdbVMX1dpsR2IIsIboayx6DyB1StnqnRqXrR%2F%2BcgJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589805029334103
content-type
image/webp
expires
Fri, 21 May 2021 13:19:41 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
35453
accept-ranges
bytes
cf-ray
6525dbaec8461f2d-FRA
cf-bgj
imgq:85,h2pri
A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 63CF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=fee3b44e7adfc6864384808d55c17f39%2F8037280279441544571&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2228wem3fwr3z72s3yaq36y1ftj276ay15yxx5pksmgqjexgsnr2rkztxszvmw55t4c7111mt2hsa79bkrfnj61x2j82h8wdvfxcvq259ybtdy4emdbjmyzz3z8vkz1e9q343h10pt9n3yypjmh6cb52fehn39e0cjvj79hefq9cgqgzhz9tjpnryhn680f41vqjzhcjdqg1jaae4aam8matzdqee60604gkyzn32ebs3t2t46e3xqc50mzkt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXSaN52GmYKy2BLfVtOUP1cCh2AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvwFP0LxC7iD1UnLZ4o2Y7WHbVbcmHJkSNwSKtsl3qunN5WjctHCAUSlFU1XPLH4aKhn_dmT5Jb3ELrGW6JZZh1NOzML4VrNRWzQ6K7j-tqU0Hs31yboy-HRvDx_fJUGC68UJPnt6memJT8suiLelG-sZmQwMXwmLSvxtn2NafzBEXAuviLO4OBYVY8eOLQs7FXkOIKwf1AyyygpfwjE93FG667D2eMgQSOYR0XDsW9TnscX4DEkYKok7HMgnAaP5HoAG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2NxUavZpPNivuXHwF1vAXOczsnVg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date
Thu, 20 May 2021 13:19:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
58535
cf-polished
origFmt=png, origSize=4031
x-guploader-uploadid
ABg5-UzGiRR4yimbWKfGJZpmBb7Y7HRFdwG_OsOerIJSuqRrvfrFIfTgIYrYfkjPNAsraqsGAdYkDRgmZq7_XAan-8Y
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1598
cf-request-id
0a2b87a14400001f2d7a09b000000001
last-modified
Wed, 20 Jan 2021 17:03:56 GMT
server
cloudflare
etag
"7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cP%2FsWzrceO4wuB30XGTBKNoJeO6GPS4qlGL0ByhrGHlqApZpXu%2BhyQMyi%2Flj5sBu7zhysk6IwfKp30E5FSh%2FY3Zx3IXPlp2x6uG02uUkRrrvrSBuRWJtM%2Fe5Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1611162235947637
content-type
image/webp
expires
Fri, 21 May 2021 13:19:41 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
4031
accept-ranges
bytes
cf-ray
6525dbaed84c1f2d-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 63CF 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=fee3b44e7adfc6864384808d55c17f39%2F8037280279441544571&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2228wem3fwr3z72s3yaq36y1ftj276ay15yxx5pksmgqjexgsnr2rkztxszvmw55t4c7111mt2hsa79bkrfnj61x2j82h8wdvfxcvq259ybtdy4emdbjmyzz3z8vkz1e9q343h10pt9n3yypjmh6cb52fehn39e0cjvj79hefq9cgqgzhz9tjpnryhn680f41vqjzhcjdqg1jaae4aam8matzdqee60604gkyzn32ebs3t2t46e3xqc50mzkt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXSaN52GmYKy2BLfVtOUP1cCh2AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvwFP0LxC7iD1UnLZ4o2Y7WHbVbcmHJkSNwSKtsl3qunN5WjctHCAUSlFU1XPLH4aKhn_dmT5Jb3ELrGW6JZZh1NOzML4VrNRWzQ6K7j-tqU0Hs31yboy-HRvDx_fJUGC68UJPnt6memJT8suiLelG-sZmQwMXwmLSvxtn2NafzBEXAuviLO4OBYVY8eOLQs7FXkOIKwf1AyyygpfwjE93FG667D2eMgQSOYR0XDsW9TnscX4DEkYKok7HMgnAaP5HoAG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2NxUavZpPNivuXHwF1vAXOczsnVg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:42 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 63CF 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=fee3b44e7adfc6864384808d55c17f39%2F8037280279441544571&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2228wem3fwr3z72s3yaq36y1ftj276ay15yxx5pksmgqjexgsnr2rkztxszvmw55t4c7111mt2hsa79bkrfnj61x2j82h8wdvfxcvq259ybtdy4emdbjmyzz3z8vkz1e9q343h10pt9n3yypjmh6cb52fehn39e0cjvj79hefq9cgqgzhz9tjpnryhn680f41vqjzhcjdqg1jaae4aam8matzdqee60604gkyzn32ebs3t2t46e3xqc50mzkt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXSaN52GmYKy2BLfVtOUP1cCh2AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvwFP0LxC7iD1UnLZ4o2Y7WHbVbcmHJkSNwSKtsl3qunN5WjctHCAUSlFU1XPLH4aKhn_dmT5Jb3ELrGW6JZZh1NOzML4VrNRWzQ6K7j-tqU0Hs31yboy-HRvDx_fJUGC68UJPnt6memJT8suiLelG-sZmQwMXwmLSvxtn2NafzBEXAuviLO4OBYVY8eOLQs7FXkOIKwf1AyyygpfwjE93FG667D2eMgQSOYR0XDsW9TnscX4DEkYKok7HMgnAaP5HoAG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2NxUavZpPNivuXHwF1vAXOczsnVg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date
Thu, 20 May 2021 13:19:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
51546
cf-polished
origFmt=png, origSize=44613
x-guploader-uploadid
ABg5-UwWzV8Vi9wwWB9_t92BZ3hXsqxnGcNPAW0LaVCSpyGkAeICaRXs_LpZzjWYyirMRzo7C0cmfApc-NiuzLQfsg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39202
cf-request-id
0a2b87a14400001f2d62826000000001
last-modified
Wed, 22 Jan 2020 13:11:41 GMT
server
cloudflare
etag
"c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6nyO36vDuhMlxM72RPebS%2FRjWzBXAJq%2FzBuwHQCJfcexn3MfBXdTgcTqbpGVrPZS%2FV%2BpHouEp7goJwpEwv%2FHS8y4qBB%2F450uoyUdF5PbqQNMdXZ4pK%2FVyXcluA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698701189315
content-type
image/webp
expires
Fri, 21 May 2021 13:19:41 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
44613
accept-ranges
bytes
cf-ray
6525dbaed84e1f2d-FRA
cf-bgj
imgq:85,h2pri
69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 63CF 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=fee3b44e7adfc6864384808d55c17f39%2F8037280279441544571&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2228wem3fwr3z72s3yaq36y1ftj276ay15yxx5pksmgqjexgsnr2rkztxszvmw55t4c7111mt2hsa79bkrfnj61x2j82h8wdvfxcvq259ybtdy4emdbjmyzz3z8vkz1e9q343h10pt9n3yypjmh6cb52fehn39e0cjvj79hefq9cgqgzhz9tjpnryhn680f41vqjzhcjdqg1jaae4aam8matzdqee60604gkyzn32ebs3t2t46e3xqc50mzkt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXSaN52GmYKy2BLfVtOUP1cCh2AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvwFP0LxC7iD1UnLZ4o2Y7WHbVbcmHJkSNwSKtsl3qunN5WjctHCAUSlFU1XPLH4aKhn_dmT5Jb3ELrGW6JZZh1NOzML4VrNRWzQ6K7j-tqU0Hs31yboy-HRvDx_fJUGC68UJPnt6memJT8suiLelG-sZmQwMXwmLSvxtn2NafzBEXAuviLO4OBYVY8eOLQs7FXkOIKwf1AyyygpfwjE93FG667D2eMgQSOYR0XDsW9TnscX4DEkYKok7HMgnAaP5HoAG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2NxUavZpPNivuXHwF1vAXOczsnVg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date
Thu, 20 May 2021 13:19:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
55800
cf-polished
origFmt=png, origSize=136328
x-guploader-uploadid
ABg5-UykCxNZ0AP_Fq4FWIDYfil9WRQTsuLGjDxt5DK2RX82WpBPnvBW8foCqTuSn3f01OWO6Sju6hFwgAMnmIYUuyOdBQjmgA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
115268
cf-request-id
0a2b87a14400001f2d93bca000000001
last-modified
Tue, 29 Oct 2019 09:42:57 GMT
server
cloudflare
etag
"0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Mnj4tQk546dA6SX3qBPkmVay2B1w8tK2rd9un1dF933xZ9eipOMPNjrYIyy8c0Ttcyrv0xbz7Rz3%2FjCemhMDCHoBt8EnTqOd4Mlp9tlSW6cNql%2BG5oyp%2FR%2F%2Fpg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1572342177666668
content-type
image/webp
expires
Fri, 21 May 2021 13:19:41 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
136328
accept-ranges
bytes
cf-ray
6525dbaed8521f2d-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 63CF 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=fee3b44e7adfc6864384808d55c17f39%2F8037280279441544571&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2228wem3fwr3z72s3yaq36y1ftj276ay15yxx5pksmgqjexgsnr2rkztxszvmw55t4c7111mt2hsa79bkrfnj61x2j82h8wdvfxcvq259ybtdy4emdbjmyzz3z8vkz1e9q343h10pt9n3yypjmh6cb52fehn39e0cjvj79hefq9cgqgzhz9tjpnryhn680f41vqjzhcjdqg1jaae4aam8matzdqee60604gkyzn32ebs3t2t46e3xqc50mzkt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXSaN52GmYKy2BLfVtOUP1cCh2AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvwFP0LxC7iD1UnLZ4o2Y7WHbVbcmHJkSNwSKtsl3qunN5WjctHCAUSlFU1XPLH4aKhn_dmT5Jb3ELrGW6JZZh1NOzML4VrNRWzQ6K7j-tqU0Hs31yboy-HRvDx_fJUGC68UJPnt6memJT8suiLelG-sZmQwMXwmLSvxtn2NafzBEXAuviLO4OBYVY8eOLQs7FXkOIKwf1AyyygpfwjE93FG667D2eMgQSOYR0XDsW9TnscX4DEkYKok7HMgnAaP5HoAG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2NxUavZpPNivuXHwF1vAXOczsnVg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:42 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 63CF 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=fee3b44e7adfc6864384808d55c17f39%2F8037280279441544571&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2228wem3fwr3z72s3yaq36y1ftj276ay15yxx5pksmgqjexgsnr2rkztxszvmw55t4c7111mt2hsa79bkrfnj61x2j82h8wdvfxcvq259ybtdy4emdbjmyzz3z8vkz1e9q343h10pt9n3yypjmh6cb52fehn39e0cjvj79hefq9cgqgzhz9tjpnryhn680f41vqjzhcjdqg1jaae4aam8matzdqee60604gkyzn32ebs3t2t46e3xqc50mzkt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXSaN52GmYKy2BLfVtOUP1cCh2AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvwFP0LxC7iD1UnLZ4o2Y7WHbVbcmHJkSNwSKtsl3qunN5WjctHCAUSlFU1XPLH4aKhn_dmT5Jb3ELrGW6JZZh1NOzML4VrNRWzQ6K7j-tqU0Hs31yboy-HRvDx_fJUGC68UJPnt6memJT8suiLelG-sZmQwMXwmLSvxtn2NafzBEXAuviLO4OBYVY8eOLQs7FXkOIKwf1AyyygpfwjE93FG667D2eMgQSOYR0XDsW9TnscX4DEkYKok7HMgnAaP5HoAG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2NxUavZpPNivuXHwF1vAXOczsnVg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Thu, 20 May 2021 13:19:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
51466
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ABg5-Uw9SETLfk8DtyWaIZce9Gh3X03pLd54DJnm3xkNEbvc2Qt-5aEHU4xCUXItiX2PkICfwMdkPoDB6Bg1d2Cky_8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
cf-request-id
0a2b87a14500001f2d2ea37000000001
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=go4%2Bj64B0rrim11Df6fNe4hv%2FYxniwxYrxRTosJFSQIFndXBeifveoqehE1uMcCexrVTVqT1klKeIiNelmNizqTUK93xtTNg2i0zwBi9cuYDqL0jF5PkeQmpCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Fri, 21 May 2021 13:19:41 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
6525dbaed8531f2d-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 63CF 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=fee3b44e7adfc6864384808d55c17f39%2F8037280279441544571&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2228wem3fwr3z72s3yaq36y1ftj276ay15yxx5pksmgqjexgsnr2rkztxszvmw55t4c7111mt2hsa79bkrfnj61x2j82h8wdvfxcvq259ybtdy4emdbjmyzz3z8vkz1e9q343h10pt9n3yypjmh6cb52fehn39e0cjvj79hefq9cgqgzhz9tjpnryhn680f41vqjzhcjdqg1jaae4aam8matzdqee60604gkyzn32ebs3t2t46e3xqc50mzkt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXSaN52GmYKy2BLfVtOUP1cCh2AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvwFP0LxC7iD1UnLZ4o2Y7WHbVbcmHJkSNwSKtsl3qunN5WjctHCAUSlFU1XPLH4aKhn_dmT5Jb3ELrGW6JZZh1NOzML4VrNRWzQ6K7j-tqU0Hs31yboy-HRvDx_fJUGC68UJPnt6memJT8suiLelG-sZmQwMXwmLSvxtn2NafzBEXAuviLO4OBYVY8eOLQs7FXkOIKwf1AyyygpfwjE93FG667D2eMgQSOYR0XDsW9TnscX4DEkYKok7HMgnAaP5HoAG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2NxUavZpPNivuXHwF1vAXOczsnVg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Thu, 20 May 2021 13:19:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2391735
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85604
cf-request-id
0a2b87a14500001f2d0e840000000001
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fPMGxc9EZkxWrGiqWa2PEsz7PC%2FuVYjn0V5tB7YKBGNE3CWoqRPuzUVhMY%2BSaJ3IXLxikVdybD%2Fs6FWlhISt4gtYcVWykRWz8eYtGUI2HssiPCH%2FIC60VEJM3g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Fri, 21 May 2021 13:19:41 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
6525dbaed8561f2d-FRA
cf-bgj
imgq:85,h2pri
link.html
track.webgains.com/ Frame A2A7 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidqd3oTPkCXKApnDPgRD1zAlcod5gNMl-Gasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidqd3oTPkCXKApnDPgRD1zAlcod5gNMl-Gasuid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=qd3oTPkCXKApnDPgRD1zAlcod5gNMl-G&g=b70aac216f6a5a98bf0e3f3a8a2716dc%2F4761467888437106308&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21n6zhvzrwwrz051m9t5xsb11rntbj7xmkj31cyg2d872vgr40zjd06k63eqb919khckgka07eggnvfcttqnj488d001z504rqmmttdmxmhq9mc5gd5y5480c2msv08y9fap70wrr06mxrcc37crxd0hkv1y1h8twm4cx012vvw8andvnzb0qtycs3srsv24m068v0mcnvtvy336trkqxf7st5w0bncvnmt9038mmgekp1pbbcacey4nx83pm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxNj65mGmYPPCC4iGtOUPv-uywA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQJjF3Zm5HK0PqgDAaoEvwFP0P4y2WixZpLycRONCiuaOVO9ZF6bUHSKKmYoNuZ82jfl6eL4sJ4QHD8XxVpQlgRJLuES7FaK-GrDvV2QbOcChtrVOaAeYyN7yb9xMZt4TadiCtE5lyo0o6O9RS8vMRcafqtryLVRq_maO8aXIqRsqzoJ7RzE2Ja5lRdVW_LM5eLb-ppNbBm-qPRrBkHxO-LItan26dMmNEGjyFsY6vmAuMJ_Hh1CDP5b94vF61DgAKtOBRrvhcCrV4IgH8GxTYAG_pSpkqePyfj-AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2zktj6AU9cqelDL4Q4MQ5TtAqLbg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
646e3ce4046fafcf71b1651dd30eef3ebacdfe1ce29fb56ae865641a89b6833b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:42 GMT
Last-Modified
Thu, 20 May 2021 13:19:42 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
pagead2.googlesyndication.com/bg/ Frame E5BA 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 09:49:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:08:00 GMT
server
sffe
age
12631
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
expires
Fri, 20 May 2022 09:49:10 GMT
link.html
track.webgains.com/ Frame 63CF 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=fee3b44e7adfc6864384808d55c17f39%2F8037280279441544571&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2228wem3fwr3z72s3yaq36y1ftj276ay15yxx5pksmgqjexgsnr2rkztxszvmw55t4c7111mt2hsa79bkrfnj61x2j82h8wdvfxcvq259ybtdy4emdbjmyzz3z8vkz1e9q343h10pt9n3yypjmh6cb52fehn39e0cjvj79hefq9cgqgzhz9tjpnryhn680f41vqjzhcjdqg1jaae4aam8matzdqee60604gkyzn32ebs3t2t46e3xqc50mzkt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXSaN52GmYKy2BLfVtOUP1cCh2AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvwFP0LxC7iD1UnLZ4o2Y7WHbVbcmHJkSNwSKtsl3qunN5WjctHCAUSlFU1XPLH4aKhn_dmT5Jb3ELrGW6JZZh1NOzML4VrNRWzQ6K7j-tqU0Hs31yboy-HRvDx_fJUGC68UJPnt6memJT8suiLelG-sZmQwMXwmLSvxtn2NafzBEXAuviLO4OBYVY8eOLQs7FXkOIKwf1AyyygpfwjE93FG667D2eMgQSOYR0XDsW9TnscX4DEkYKok7HMgnAaP5HoAG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2NxUavZpPNivuXHwF1vAXOczsnVg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
33ecc2a5288101fd10b7f511f60e7036d9112e5c2e1163a88d29146d2bbc5bcd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:42 GMT
Last-Modified
Thu, 20 May 2021 13:19:42 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
b
b.t.tailtarget.com/ 		115 B
573 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/b?tA=TT-9964-3&tY=1&tS=3&tU=0100007FED61A6608D06B82D02C62E09&tX=b.52&tZ=635775481
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
bce5f3326829ddac717cdae3e34ee8317318b843595a2e76f6ace86180977f5d

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:42 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
content-encoding
gzip
alt-svc
clear
gen_204
pagead2.googlesyndication.com/pagead/ 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210517&jk=1397360267801707&bg=!lpWlldHNAAZ7hX_Ue4U7ACkAdvg8WsMK3AOKqT6XkT_d_p2apQjZ3d7nTB9AspcKKNktf3C0rp1R8QIAAACxUgAAAAxoAQcKAPlg9dHCvcFgG0CfYOeIx0vVRMOuFwhqCBwGHCX4bxUfnGT77faJH0_7yLEMhMI4LpxAiXs06vCB8-7woLGYj1b3c3mORqEIahQRU6EW1oOxD_pZ4rawGE2lrE9A9QPGaBlR7WoStU2v6UAmxM8G04jdpmx-oL7a8dlIx8rv947g5iME7voF7bSvrfDx4X97siD-msYreNCl4iUgjvBSq1hv6NlyVVl3DFmlFQxrRaFAd1HkLB9Ii5x6MWCdHVlJHwNsa_WkZ2ytzz384km8CEFeh-5fmaPtjhegszj5gleGn1TakKukGsyAf4o1sMbXhtcpC2eZkArkWkmZAlCyIdeiTTNmuZN4YFd7gMZZnOFLgfGXLD01Fnmv5MHNkVuLCdNfkNznpx8T_cQbdvoV6NsmkK-oKFBrSdi7fMHuR4pSXLb8HvIeY7Iv1Hn0-yKg5hx0zyzfD5Nnx3R-HUh79RxbJ9ufj3k4piUW74SJwYaUMD3POSzKF_nxrkanQwgqOjo22SP4Aa6ewGQp1oayO2wEwjQqHo5zK0saCiHwl4TeSN-Ke6uJRjV3mrb5hgenpOW8idbvjzyuZWDV7cQwhN8Iw_etSY0WgMawb3ZOzhRKA5iW_Mq5Mvc1UpZUyG77gUw3UStrl5dgjEwUAMJH_G8FnyusTovzKUlZ8nOAgIKoAZjMreQMWAVjKVV5pK1ivgeiYbMo2cDuiFPV_XUxffchUJKz0-skzzMTkNWVpc-Jh0SGCr2ATIEQrAvedl_QZQMrmv8DBhjZBoqMtbRmtVPGsphavJPuLnZuWTZr2QB2g1KI7-_vh95kf01CBFvFz1r3M2sJITWHf21QSJz_wGK5-BTw3_ckZ2d-EPi64gx9yhv7n3BdLMDqVynvoL7QBk2JuuI9bPPGwr1zw4Imd9fZuSYtm7VzBaQSqjD6cS8u6TAJpqo5M2yi5OJZNt8KTdBYTpvOx583jfw4BD43Jm5k4AJm9jhqwOBZu38fleiKBJXlPZ3ohL_bxu19JAoBq9tgs4EQBEEMBgxaujGC-ZXk3v7LxsB4sBrbqyijPtmcv5UJ7dK0kg7b7yLTOAfLJZGqa-NOU3pjflsLMWD63bOu2rqpcZQuVeO86uk1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame E065 		60 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuid_viUHojspWok5ZTAeJwLzxVo05FRbbLaasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuid_viUHojspWok5ZTAeJwLzxVo05FRbbLaasuid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-102.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 07:59:28 GMT
via
1.1 ffe6c29ca0993b4638edf6dcc08181b4.cloudfront.net (CloudFront)
last-modified
Thu, 22 Apr 2021 14:01:05 GMT
server
AmazonS3
age
19215
etag
"4f1db9fdf90b4f2a5576501528dc54bc"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
CDG52-P1
accept-ranges
bytes
content-length
61124
x-amz-cf-id
qf5NrLOtACgRNPRONnTxR_n-iWRHct5U7S7qzg0G2nkgt1bD-MKEUw==
hit
diapi.webgains.com/2.0/ Frame E065 		79 B
374 B 		Script
General
Check archive.org
Download Go to
Full URL
https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1Xa91MedHYMAR0odm_dhrxbuJjkWxv5iJ3A0KAGYjpjV.lV9dVlmcI_FeAixAwjOy4MjNpp0iJ3A0KFgBFY5BNlr91xU..6DE&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221621516782%22%2C%22%22%2C%22%22%2C%22%22%2C%221777036782%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuid_viUHojspWok5ZTAeJwLzxVo05FRbbLaasuid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=25fa5a03760f742569250848841371f5&userIP=37.120.131.196&doAffectv=1&wgtime=1621516782
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuid_viUHojspWok5ZTAeJwLzxVo05FRbbLaasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuid_viUHojspWok5ZTAeJwLzxVo05FRbbLaasuid__dc_reach_suite02wkz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.29.72.47 Croydon, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
81-29-72-47.servers.dedipower.net
Software
Apache /
Resource Hash
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 20 May 2021 13:19:42 GMT
Server
Apache
Connection
close
Content-Length
79
Content-Type
text/javascript;charset=utf-8
link.html
track.webgains.com/ Frame E065 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneid3RdUpf4fgXEt7HrHAtEt9DmsMtWTGxoneid__asuidcvaRI2ILPsy8KLmb1P-auT-fV0VGesx_asuid__UIM_DE_RON_%233_300x250&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=_viUHojspWok5ZTAeJwLzxVo05FRbbLa&g=297b0af21663bba4118019f765fad4ee%2F609353721646030279&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20frfpxzy7yvf5q5b4nsm59688v2ckrfctdegxzh6sme9rhak9a8vm4n45pbyw7wj2jy1s6arx00p094560fkr951bqnahbevn5zhd7dfjaqnt8yr5rb00cdgj2271w679z055k61perby0d6y29wv1vtc3kzj40aah34dj8ps0143ry9cpe86hb26qd7xj63y0grgrmw300a0x4z16mmfz67j8r5hkreeh8zp7895ae3paq9qjgzecnqt5n8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4chQ5mGmYL-HNs2EtOUPvIOfiAuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQI5r7sVpHi0PqgDAaoEvgFP0IAVUpdSStN0u57dok3z_DpcWcHmcVeNy4PXj4PfwcEAXP4RLPZjFZEo4QlVhXvitHPHCG7I4j620Ycubv5d95pYqtjWdq0prQ_9bQNcPZ-BID01CoXCd9_xaTlCgLVJM17SnF_Ctm8kO3wyQB--xaoZL0EjszZySso1QGMhh3xhNjRuWipxUgp8PxvutC7OrPU_IK4Soqy_FgE-jdD0YioMRAq3R7I1HaZ0NfSWZINuoYzel3LzHCIiQBjggAaZ2tD36_Oy94ABoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Zv8ZUxyDHVORaI7AdRE4DVgwFtg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:42 GMT
Last-Modified
Thu, 20 May 2021 13:19:42 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 2FDF 		60 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidiuGcfbeditfcZLQ7mQO4sb9aRwL0bb4lasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidiuGcfbeditfcZLQ7mQO4sb9aRwL0bb4lasuid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-102.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 07:59:28 GMT
via
1.1 ffe6c29ca0993b4638edf6dcc08181b4.cloudfront.net (CloudFront)
last-modified
Thu, 22 Apr 2021 14:01:05 GMT
server
AmazonS3
age
19215
etag
"4f1db9fdf90b4f2a5576501528dc54bc"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
CDG52-P1
accept-ranges
bytes
content-length
61124
x-amz-cf-id
yulao3Zvh5kY27g7nXdBbvg4GYDFM__9G0W9mermUggvbR6DRNM4XA==
hit
diapi.webgains.com/2.0/ Frame 2FDF 		79 B
374 B 		Script
General
Check archive.org
Download Go to
Full URL
https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1Xa91MedF.MAR0odm_dhrxbuJjkWxv5iJ3A0KAGYiey.25.ea269WDK1civojmxbsKTxYMJ5tFFg4K1kl1BNlY6RcApw.32W&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221621516782%22%2C%22%22%2C%22%22%2C%22%22%2C%221777036782%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidiuGcfbeditfcZLQ7mQO4sb9aRwL0bb4lasuid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=fbd19058e4c65e820cd5b4635f5df6a7&userIP=37.120.131.196&doAffectv=1&wgtime=1621516782
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidiuGcfbeditfcZLQ7mQO4sb9aRwL0bb4lasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidiuGcfbeditfcZLQ7mQO4sb9aRwL0bb4lasuid__dc_reach_suite02wkz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.29.72.47 Croydon, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
81-29-72-47.servers.dedipower.net
Software
Apache /
Resource Hash
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 20 May 2021 13:19:42 GMT
Server
Apache
Connection
close
Content-Length
79
Content-Type
text/javascript;charset=utf-8
link.html
track.webgains.com/ Frame 2FDF 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidBJdugfg9Cmx4sxH6H3t9t6k9ubteT86oneid__asuidsv74vowCf2Fs0ji2UWMgpPuiVDkNqh9Iasuid__suite_Netmix_Reach76_TOPROTA_INDEXONLY&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=iuGcfbeditfcZLQ7mQO4sb9aRwL0bb4l&g=f3240d8f933ca8d1f2bbdb18a3c01430%2F16196834210030529249&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22dexdyv38nwx17yktyargwnf7r44axeakb86jsh5g5gjxcc7nh6h54cs25ay71m1kq07s0nhr4xfca93bfm9a1rw5pbzkg70r8hbpbx6hr88qf2jsmxdajjn54qc1bvamyptrg6v3fmpj5gx531v9af3b28qjwjm4vherwjyjxrncjhbdw667zara5xa6wm9q8kjpsxc1gc5tkf1j29zxjw2xp2twfw60z98f7em5t352q37cv6h6aj7bmb8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtlCA5mGmYMzsOZujtOUP4fyo0AuQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQIDADSgYm-0PqgDAaoEvwFP0NS5UdPWu_mciUDJiYGtYRubJmAeNGzAYCOzluAICYQPvtVGosl6Pu4qASyBTluWW7GGExblpaCyw7u_fAHv3Zl2x0MqcwpUYxAUTE3k6onPHK7T3PMsvmZBA01peVzoSgc1pL5V9hFISi8MTK8ducxDc4jnwkMySp1H5FpiVENi_s1_zJYzFY-edUXuj5jwbiqu3Y24K7Rrm1GwahdnF20HT-N6qkn7L1-6NhF9LEchhQt1xbhb6RiaT02ja4AG7cGWv9bnq5_EAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0j6_drOS4nyyVgFrlri9a2HwDsZg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:42 GMT
Last-Modified
Thu, 20 May 2021 13:19:42 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame A2A7 		60 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidqd3oTPkCXKApnDPgRD1zAlcod5gNMl-Gasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidqd3oTPkCXKApnDPgRD1zAlcod5gNMl-Gasuid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-102.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 07:59:28 GMT
via
1.1 ffe6c29ca0993b4638edf6dcc08181b4.cloudfront.net (CloudFront)
last-modified
Thu, 22 Apr 2021 14:01:05 GMT
server
AmazonS3
age
19215
etag
"4f1db9fdf90b4f2a5576501528dc54bc"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
CDG52-P1
accept-ranges
bytes
content-length
61124
x-amz-cf-id
_KuqiB3N7Xc23_OCs15GAvTWetwfW8Jp9sP1NMlfrmDt8R6mKTSpSQ==
hit
diapi.webgains.com/2.0/ Frame A2A7 		79 B
374 B 		Script
General
Check archive.org
Download Go to
Full URL
https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1Xa91MedMKKmr.S9RdPQSzOy_Aw7UTlf_01kKHoNvejV.lV9dVlmcI_FeAixAwjOy4MjNpp0iJ3A0KFgBFY5BNlr95xU..68A&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221621516782%22%2C%22%22%2C%22%22%2C%22%22%2C%221777036782%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidqd3oTPkCXKApnDPgRD1zAlcod5gNMl-Gasuid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=b41fdf67ea0e216b8a2e131e17504bc9&userIP=37.120.131.196&doAffectv=1&wgtime=1621516782
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidqd3oTPkCXKApnDPgRD1zAlcod5gNMl-Gasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidqd3oTPkCXKApnDPgRD1zAlcod5gNMl-Gasuid__dc_reach_suite02wkz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.29.72.47 Croydon, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
81-29-72-47.servers.dedipower.net
Software
Apache /
Resource Hash
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 20 May 2021 13:19:42 GMT
Server
Apache
Connection
close
Content-Length
79
Content-Type
text/javascript;charset=utf-8
link.html
track.webgains.com/ Frame A2A7 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidGzXtBfpfkXRsKHeHGtPtpPDTJtjtekmoneid__webplexmedia_advancedad_Desktop_728x90&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=qd3oTPkCXKApnDPgRD1zAlcod5gNMl-G&g=b70aac216f6a5a98bf0e3f3a8a2716dc%2F4761467888437106308&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21n6zhvzrwwrz051m9t5xsb11rntbj7xmkj31cyg2d872vgr40zjd06k63eqb919khckgka07eggnvfcttqnj488d001z504rqmmttdmxmhq9mc5gd5y5480c2msv08y9fap70wrr06mxrcc37crxd0hkv1y1h8twm4cx012vvw8andvnzb0qtycs3srsv24m068v0mcnvtvy336trkqxf7st5w0bncvnmt9038mmgekp1pbbcacey4nx83pm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxNj65mGmYPPCC4iGtOUPv-uywA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTYzNzk4NTQ0MjA4NTE0NzagAcKu6N0DyAEJqQJjF3Zm5HK0PqgDAaoEvwFP0P4y2WixZpLycRONCiuaOVO9ZF6bUHSKKmYoNuZ82jfl6eL4sJ4QHD8XxVpQlgRJLuES7FaK-GrDvV2QbOcChtrVOaAeYyN7yb9xMZt4TadiCtE5lyo0o6O9RS8vMRcafqtryLVRq_maO8aXIqRsqzoJ7RzE2Ja5lRdVW_LM5eLb-ppNbBm-qPRrBkHxO-LItan26dMmNEGjyFsY6vmAuMJ_Hh1CDP5b94vF61DgAKtOBRrvhcCrV4IgH8GxTYAG_pSpkqePyfj-AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2zktj6AU9cqelDL4Q4MQ5TtAqLbg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:42 GMT
Last-Modified
Thu, 20 May 2021 13:19:42 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 63CF 		60 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-102.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 07:59:28 GMT
via
1.1 ffe6c29ca0993b4638edf6dcc08181b4.cloudfront.net (CloudFront)
last-modified
Thu, 22 Apr 2021 14:01:05 GMT
server
AmazonS3
age
19215
etag
"4f1db9fdf90b4f2a5576501528dc54bc"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
CDG52-P1
accept-ranges
bytes
content-length
61124
x-amz-cf-id
z1w_Jejj-ei6boPzVjTwwOwkH2gpJHWN8tcpoIjnRIYOQVQ0vHh9Pg==
hit
diapi.webgains.com/2.0/ Frame 63CF 		79 B
374 B 		Script
General
Check archive.org
Download Go to
Full URL
https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1Xa91MedB7Q_i.uJtHoqvynx9MsFyxYM914Ve_clrIU.0Y.KI0Y_Fb9WJMSuMtTnw9jTlfe2Rc7L1eWNNW5BNlYiJ4uy.9tp&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221621516782%22%2C%22%22%2C%22%22%2C%22%22%2C%221777036782%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=7a8eaeff400bd9aa062a814f3f25e398&userIP=37.120.131.196&doAffectv=1&wgtime=1621516782
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.29.72.47 Croydon, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
81-29-72-47.servers.dedipower.net
Software
Apache /
Resource Hash
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 20 May 2021 13:19:42 GMT
Server
Apache
Connection
close
Content-Length
79
Content-Type
text/javascript;charset=utf-8
link.html
track.webgains.com/ Frame 63CF 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidBJdugfg9Cmx4sxH6H3t9t6k9ubteT86oneid__asuidsv74vowCf2Fs0ji2UWMgpPuiVDkNqh9Iasuid__suite_Netmix_Reach76_TOPROTA_INDEXONLY&wglinkid=713569
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:42 GMT
Last-Modified
Thu, 20 May 2021 13:19:42 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
tt-9964-3.seg.t.tailtarget.com/ 		83 B
358 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-9964-3.seg.t.tailtarget.com/ca?tZ=497065691
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e50a52ac964562fe9c5f9a1ce02865067b270685fc85c2bb8308e73e877a1ea9

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:42 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
content-encoding
gzip
alt-svc
clear
event.png
tps20241.doubleverify.com/ Frame A91B 		67 B
492 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20241.doubleverify.com/event.png?impid=668a679e6f0442f3a44ef05714fa0d1a&gdpr=&gdpr_consent=&mascid=kowx7z9bgf5rjqeu23tuuw67exjw83d1&dvp_masver=1378&eoid=8&cbust=1621516782336991
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1378.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:41 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
5/19/2021 1:19:42 PM
event.png
tps20226.doubleverify.com/ Frame 1595 		67 B
492 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20226.doubleverify.com/event.png?impid=76b7e88c4dd340dab0dede5508ff7db7&gdpr=&gdpr_consent=&mascid=kowx809g0ohxnp3xhawb4mtu8dkdglx7&dvp_masver=1378&eoid=8&cbust=1621516782432287
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1378.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 13:19:41 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
5/19/2021 1:19:42 PM
fp_decode.html
track.webgains.com/ Frame E065 		63 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/fp_decode.html?wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1Xa91MecBghmr.S9RdPQSzOy_Aw7UTlf_01kKHoNvejV.lV9dVlmcI_FeAixAwjOy4MjNpp0iJ3A0KFgBFY5BNlr91xU..61v
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept
application/json
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 20 May 2021 13:19:42 GMT
Server
Apache
Connection
close
Keep-Alive
timeout=1, max=100
Content-Length
63
Content-Type
application/json
fp_decode.html
track.webgains.com/ Frame 63CF 		63 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/fp_decode.html?wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1Xa91MeclThmr.S9RdPQSzOy_Aw7UTlf_01kKHoNv_jV.lV9dVlmcI_FeAixAwjOy4MjNpp0iJ3A0KFgBFY5BNlr91xU..4zf
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept
application/json
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 20 May 2021 13:19:42 GMT
Server
Apache
Connection
close
Keep-Alive
timeout=1, max=100
Content-Length
63
Content-Type
application/json
tr
www.facebook.com/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=1992888384353851&ev=Tail&cd[custom_audience]=CA15771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:42 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 20 May 2021 13:19:42 GMT
doubleclick
cm.t.tailtarget.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430
  • https://cm.t.tailtarget.com/doubleclick?google_gid=CAESED46TudaPOUKpUZoVQg8XwI&google_cver=1&google_ula=862479430,0
70 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESED46TudaPOUKpUZoVQg8XwI&google_cver=1&google_ula=862479430,0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:42 GMT
via
1.1 google
server
nginx/1.17.8
content-type
image/png
cache-control
no-cache
content-disposition
inline
alt-svc
clear
content-length
70

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESED46TudaPOUKpUZoVQg8XwI&google_cver=1&google_ula=862479430,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
320
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fp_decode.html
track.webgains.com/ Frame 2FDF 		63 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/fp_decode.html?wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1Xa91MeckFrAR0odm_dhrxbuJjkWxv5iJ3A0KAGYiLy.25.ea269WDK1civojmxbsKTxYMJ5tFFg4K1kl1BNlY6RcApw.6LQ
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept
application/json
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 20 May 2021 13:19:42 GMT
Server
Apache
Connection
close
Keep-Alive
timeout=1, max=100
Content-Length
63
Content-Type
application/json
fp_decode.html
track.webgains.com/ Frame A2A7 		63 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/fp_decode.html?wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1Xa91MeclVrAR0odm_dhrxbuJjkWxv5iJ3A0KAGYiey.25.ea269WDK1civojmxbsKTxYMJ5tFFg4K1kl1BNlY6RcQpw.Aw_
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept
application/json
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 20 May 2021 13:19:42 GMT
Server
Apache
Connection
close
Keep-Alive
timeout=1, max=100
Content-Length
63
Content-Type
application/json
__tt.gif
t.tailtarget.com/ 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-9964-3&tE=0&tF=&tI=_copenhagen_capital%20region_dk_1621516782167_628655044&tJ=CA15795,CA15771,CA17813&tQ=par-correiodopovo,r7-cas-alimentacaosaudavel,r7-cas-int-em-livros,r7-visao-geral&tU=0100007FED61A6608D06B82D02C62E09&tX=b.52&tY=1&tZ=998058692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:42 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, private, proxy-revalidate
content-type
image/gif
alt-svc
clear
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Server
54.217.57.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 20 May 2021 13:19:43 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame E065 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.57.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PHP/7.3.27
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 May 2021 13:19:43 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.3.27
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tech-essence-clk.min.js
analytics-wg.webgains.io/ Frame E065 		44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-102.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 19:29:49 GMT
via
1.1 ffe6c29ca0993b4638edf6dcc08181b4.cloudfront.net (CloudFront)
last-modified
Tue, 02 Feb 2021 10:42:29 GMT
server
AmazonS3
age
64195
etag
"8c03dbb33c82f21c7644b0fbe99c300a"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
CDG52-P1
accept-ranges
bytes
content-length
45522
x-amz-cf-id
oh0YXt-lpC9zsJ6qhuIrPXTO2tUxDyx8Ky1scea1mqU7Kew_2lawaQ==
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Server
54.217.57.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 20 May 2021 13:19:43 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame 63CF 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.57.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PHP/7.3.27
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 May 2021 13:19:43 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.3.27
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tech-essence-clk.min.js
analytics-wg.webgains.io/ Frame 63CF 		44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-102.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 19:29:49 GMT
via
1.1 ffe6c29ca0993b4638edf6dcc08181b4.cloudfront.net (CloudFront)
last-modified
Tue, 02 Feb 2021 10:42:29 GMT
server
AmazonS3
age
64195
etag
"8c03dbb33c82f21c7644b0fbe99c300a"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
CDG52-P1
accept-ranges
bytes
content-length
45522
x-amz-cf-id
XyTsBtq0RL732xjaJwMGNx0e83Z01y7_cTeoeLX5Upn7tJzb9fb_ow==
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Server
54.217.57.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 20 May 2021 13:19:43 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame 2FDF 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.57.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PHP/7.3.27
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 May 2021 13:19:43 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.3.27
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tech-essence-clk.min.js
analytics-wg.webgains.io/ Frame 2FDF 		44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-102.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 19:29:49 GMT
via
1.1 ffe6c29ca0993b4638edf6dcc08181b4.cloudfront.net (CloudFront)
last-modified
Tue, 02 Feb 2021 10:42:29 GMT
server
AmazonS3
age
64195
etag
"8c03dbb33c82f21c7644b0fbe99c300a"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
CDG52-P1
accept-ranges
bytes
content-length
45522
x-amz-cf-id
DtSqUA6vJIpvATT5oGz0qwfAEiTjBlQCpYB1LAaldkzc9oWk17XGSA==
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Server
54.217.57.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 20 May 2021 13:19:43 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame A2A7 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.57.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PHP/7.3.27
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 May 2021 13:19:43 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.3.27
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tech-essence-clk.min.js
analytics-wg.webgains.io/ Frame A2A7 		44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-102.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 19:29:49 GMT
via
1.1 ffe6c29ca0993b4638edf6dcc08181b4.cloudfront.net (CloudFront)
last-modified
Tue, 02 Feb 2021 10:42:29 GMT
server
AmazonS3
age
64195
etag
"8c03dbb33c82f21c7644b0fbe99c300a"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
CDG52-P1
accept-ranges
bytes
content-length
45522
x-amz-cf-id
Pbb0adph2DN42ivCi76MZqprSIkK_7MihgV8EY_cj0xQE43T0wAt1g==
tag
w-it.m-t.io/ Frame E065 		18 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/tag?type=impr&date=1621516783693
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:43 GMT
content-encoding
gzip
server
Google Frontend
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
x-cloud-trace-context
ec9f2b84e2c08eb5590d97d2e3ff10aa
cache-control
private
content-length
38
tag
w-it.m-t.io/ Frame 63CF 		18 B
205 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/tag?type=impr&date=1621516783716
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:43 GMT
content-encoding
gzip
server
Google Frontend
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
x-cloud-trace-context
5ecec799a90dddf6c332dc68f2335381
cache-control
private
content-length
38
tag
w-it.m-t.io/ Frame 2FDF 		18 B
121 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/tag?type=impr&date=1621516783728
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:43 GMT
content-encoding
gzip
server
Google Frontend
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
x-cloud-trace-context
cdeb10041ed3bbb60a671a606cf5e062
cache-control
private
content-length
38
tag
w-it.m-t.io/ Frame A2A7 		18 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/tag?type=impr&date=1621516783730
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 13:19:43 GMT
content-encoding
gzip
server
Google Frontend
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
x-cloud-trace-context
b8a2c5788651f9022ead9baf1fa5fb34
cache-control
private
content-length
38
track
w-it.m-t.io/ Frame 63CF 		0
74 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/track?campaignId=1384975&clickId=12607_1384975_16215167821774_29233a40ed&programId=12607&expiry=1777036782&acc=wg&scriptTag=&type=postview&indicator=df7fdf376058e01a1608907c6397971c&
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context
349837cdfd3d46603fcec03191edcf2c
server
Google Frontend
date
Thu, 20 May 2021 13:19:43 GMT
content-length
0
content-type
application/javascript;charset=utf-8
track
w-it.m-t.io/ Frame E065 		0
73 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/track?campaignId=1384975&clickId=12607_1384975_1621516782088_237760af43&programId=12607&expiry=1777036782&acc=wg&scriptTag=&type=postview&indicator=df7fdf376058e01a1608907c6397971c&
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context
6fddd3710dc6aceb2e6b41d6da7046bc
server
Google Frontend
date
Thu, 20 May 2021 13:19:43 GMT
content-length
0
content-type
application/javascript;charset=utf-8
track
w-it.m-t.io/ Frame A2A7 		0
72 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/track?campaignId=1384975&clickId=12607_1384975_16215167821265_b5aac1f6d6&programId=12607&expiry=1777036782&acc=wg&scriptTag=&type=postview&indicator=df7fdf376058e01a1608907c6397971c&
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context
b60ef3b82a9283a268906449047357a3
server
Google Frontend
date
Thu, 20 May 2021 13:19:43 GMT
content-length
0
content-type
application/javascript;charset=utf-8
track
w-it.m-t.io/ Frame 2FDF 		0
71 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/track?campaignId=1384975&clickId=12607_1384975_16215167820924_a04aabf062&programId=12607&expiry=1777036782&acc=wg&scriptTag=&type=postview&indicator=df7fdf376058e01a1608907c6397971c&
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context
2d202b5eaa782b180bbf0c918e7e076b
server
Google Frontend
date
Thu, 20 May 2021 13:19:43 GMT
content-length
0
content-type
application/javascript;charset=utf-8
dc_oe=ChMIvLzP2qzY8AIVlgeLCh0VcAQnEAAYACCmzOZGQhMIlfmf2qzY8AIV0AbgCh0ZEQ21;met=1;&timestamp=1621516785419;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 6DD0 		42 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIvLzP2qzY8AIVlgeLCh0VcAQnEAAYACCmzOZGQhMIlfmf2qzY8AIV0AbgCh0ZEQ21;met=1;&timestamp=1621516785419;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI0efP2qzY8AIVsUHlCh3JmA1DEAAYACCmzOZGQhMIlvmf2qzY8AIV0AbgCh0ZEQ21;met=1;&timestamp=1621516785554;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 5D4B 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI0efP2qzY8AIVsUHlCh3JmA1DEAAYACCmzOZGQhMIlvmf2qzY8AIV0AbgCh0ZEQ21;met=1;&timestamp=1621516785554;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI29LR2qzY8AIV1pV3Ch3HoAADEAAYACCmzOZGQhMIl_mf2qzY8AIV0AbgCh0ZEQ21;met=1;&timestamp=1621516786263;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 999D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI29LR2qzY8AIV1pV3Ch3HoAADEAAYACCmzOZGQhMIl_mf2qzY8AIV0AbgCh0ZEQ21;met=1;&timestamp=1621516786263;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 13:19:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YKZh5gPPw5NBQVHCYkwjnAAABzQAAAAB&google_push=AQvitUIZcGBOpIPsz-ak3NfQsDsiCojTeV7T_JDV4-_MhK65XfwKNNKgaMTN65vBBRyPU7gC8AWojJqEE-OeikNuiqDCYQoO1y6U&google_gid=CAESENfd2kd7iE4sbtC1lEIevtk&google_cver=1&google_tc=
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEBF3LA7D4NhMnU0efo9ns54&google_cver=1&google_push=AQvitUL1gDbRqWrs2k0-Qz8zYpO4ZEQ3bujsmx8ifrJx9QKA8V7bUunCeAxhuSKqvvgj4IzcBCy-vqtFoguKz8yCdTzyzr57v5o

Verdicts & Comments Add Verdict or Comment

437 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| adsbygoogle object| sas function| soclInit string| o object| a object| b function| Navegg object| naveggReady object| nvg23925 string| NVG_qry string| sas_target function| fbq function| _fbq object| gaDevIds function| ga object| gaplugins object| googletag object| ggeac object| google_js_reporting_queue function| $ function| jQuery object| __s object| instgrm object| polopoly object| tempwin string| wsHost object| s object| x object| _comscore object| _qevents function| e function| h object| win number| __WS_BOOT object| _taboola object| _newsroom number| leitorsuperbannermeio string| tagm string| tagsmart number| dnkp object| denakoptag object| regeneratorRuntime boolean| r7BarraLoaded function| SortColBloPod string| txtf string| txt object| objf object| obj string| output string| y number| google_srt object| google_ad_modifications object| google_logging_queue boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| dkpbjs object| google_tag_manager function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| pbjs object| iall number| PREBID_TIMEOUT object| _ttprofiles object| socl_BlackList object| socl_BlackListDNS function| localStorageDB function| uuid object| appConfig function| getCORS function| postCORS function| postJsonCORS function| putCORS function| deleteCORS object| soclPerfCounter object| soclCookie object| soclHelper object| soclError object| soclTracking object| soclConnect object| soclBounce object| firebaseMessaging object| soclPush object| soclOnsiteSales object| soclOnSite object| soclPushEngineAlfajor object| socl string| apiUrl string| wonkaUrl object| soclPorthole function| soclOuibounce object| soclOrganic object| soclBase32 number| blockedPercentForAddtlConsent number| numberBetweenZeroAndOne boolean| isBlockingAddtlConsent boolean| sas_blockAddtlConsent object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| sas_renderMode string| c function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| udm_ object| ns_p object| COMSCORE function| dkpbjsChunk object| _pbjsGlobals object| TRC object| _tblConsole string| pm_pgtp undefined| msg function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired string| pubcidCookie object| gapi object| ___jsl string| version function| TTProfilesBase function| ttProfilesBaseE object| _ttsHolder object| google_tag_data function| pbjsChunk function| JSEncrypt object| ADAGIO object| invibes object| Criteo object| change_video_button object| tag object| firstScriptTag object| player function| onYouTubeIframeAPIReady function| onPlayerReady boolean| done function| onPlayerStateChange function| changeVideo number| newsroomStartsLoadingTime object| tbNewsroom function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| osapi object| gapix object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| preloadImages object| truvidScript object| currentScript boolean| IS_VISITOR boolean| IS_CUSTOMER boolean| IS_FREEMIUM object| sas_snippets object| jQuery111008361206471864517 function| Imager object| currentUser object| persona function| autosize function| videojs function| _V_ object| socialauth string| fotoramaVersion object| Atex function| initInfiniteScroll number| tocandovideo function| openNav function| closeNav number| counter function| retira_acentos function| Share object| $allVideos object| $allvideocapa object| $allVideosarticle object| $allVideosarticlefacebook object| $alltwitterlive object| $allliveblog object| $fluidEl number| atualizacapa function| IntScrollInfinito object| $playercapa function| googleSignInCallback function| FBstatusChangeCallback function| FBcheckLoginState function| fbAsyncInit object| imager number| taboola_view_id function| r7JsonpCallbackFooter string| key object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter string| GoogleAnalyticsObject object| dinConfigs string| dinVERSION object| dinFunctions object| dinTargetForm object| dinWhatsForm object| dinSearchForm object| dinLogger object| dinLeadTracker string| _dPosclickSite object| dinPosclick function| _getdPosclickQueryParams function| _setdPosclickCookie function| _getdPosclickCookie function| _dAutomationGtmRegisterAccess function| _dAutomationGtmAddTimer function| _dAutomationGtmCloseTimer function| _dAutomationGtmAccess object| dinForms function| dinLoadFunction function| Viewability function| Banner object| newObj10108470 object| __twttrll object| twttr object| __twttr object| TTTagManager function| TTTagManagerError object| _ttq boolean| truvid_cb_3291169207650453_loaded function| loadJSFile object| FB object| placementData function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| oi object| _pm_mcg boolean| _tb_vd_pg string| nam object| gaData object| head object| script function| gtag object| newObj10191367 object| newObj9041896 object| _tfa object| newObj10142324 object| newObj9122889 object| newObj9122927 object| newObj9122923 object| newObj9122920 object| brWidgetInit object| truvid_protected object| criteo_pubtag object| criteo_pubtag_prebid_106 object| Criteo_prebid_106 object| newObj10181673 string| n string| nq object| cmds object| _ttconversion object| ttcNamespace object| tbopt object| GoogleGcLKhOms string| _ttcNamespace string| _ttqNamespace function| TTConversionBase function| ttConversionBaseE object| _ttconversionHolder object| ttqNamespace function| TTBase function| ttBaseE object| _ttqHolder object| google_image_requests

2 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
www.correiodopovo.com.br/ Name: dinTrafficSource
Value: eyJ1cmwiOiJodHRwczovL3d3dy5jb3JyZWlvZG9wb3ZvLmNvbS5ici8iLCJyZWZlcmVyIjoiIn0=

26 Console Messages

Source Level URL
Text
console-api error URL: https://www.correiodopovo.com.br/(Line 82)
Message:
TypeError: Cannot read property 'getItem' of null
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 22)
Message:
No Prebid Auction [object Object]
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 14)
Message:
[runAuctions] 31545
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 14)
Message:
[runAuctions] 31546
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 14)
Message:
[runAuctions] 55382
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 14)
Message:
[runAuctions] 31547
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 14)
Message:
[runAuctions] 53988
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 14)
Message:
[runAuctions] 43190
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 14)
Message:
[runAuctions] 59524
console-api error URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0(Line 822)
Message:
Callback function named "googleSignInCallback" not found
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 14)
Message:
[runAuctions] 68987
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 14)
Message:
[runAuctions] 75721
console-api log URL: https://www.correiodopovo.com.br/(Line 6964)
Message:
1
console-api log URL: https://www.correiodopovo.com.br/(Line 6975)
Message:
https://paywall.correiodopovo.com.br/wid/script/1?tags=&loc=https://www.correiodopovo.com.br/&is_visitor=true&is_freemium=true&is_customer=true
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 22)
Message:
No Prebid Auction [object Object]
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 22)
Message:
No Prebid Auction [object Object]
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 28)
Message:
No Ad: sas_38077
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 28)
Message:
No Ad: sas_31549
console-api log URL: https://www.correiodopovo.com.br/(Line 7544)
Message:
atexFbInit complete; FB Object is Available
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 28)
Message:
No Ad: sas_75721
console-api log URL: https://s.trvdp.com/scripts/v5.647/ins.js(Line 40)
Message:
error construct widget
console-api log URL: https://s.trvdp.com/scripts/v5.647/ins.js(Line 40)
Message:
protected error
console-api log URL: https://analytics.webgains.io/pvClk.min.js(Line 1)
Message:
Webgains [object Object]
console-api log URL: https://analytics.webgains.io/pvClk.min.js(Line 1)
Message:
Webgains [object Object]
console-api log URL: https://analytics.webgains.io/pvClk.min.js(Line 1)
Message:
Webgains [object Object]
console-api log URL: https://analytics.webgains.io/pvClk.min.js(Line 1)
Message:
Webgains [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

245a98c871afbdfa0aa7f139d329edb2.safeframe.googlesyndication.com
a.sportradarserving.com
a.tribalfusion.com
accounts.google.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ad4mat.net
ade.googlesyndication.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adservice.google.dk
analytics-wg.webgains.io
analytics.webgains.io
ap.lijit.com
api.webgains.io
apis.google.com
as.ad4m.at
assets.ad4m.at
b.t.tailtarget.com
barra.r7.com
beacon.krxd.net
bidder.criteo.com
c1.adform.net
c2.taboola.com
c2shb.ssp.yahoo.com
cdn.datatables.net
cdn.doubleverify.com
cdn.jsdelivr.net
cdn.taboola.com
cdn3.doubleverify.com
cdnjs.cloudflare.com
ced-ns.sascdn.com
ced.sascdn.com
cm.g.doubleclick.net
cm.t.tailtarget.com
cms-media-api.r7.com
cms.quantserve.com
connect.facebook.net
correiodopovo.com.br
creatives.sascdn.com
csi.gstatic.com
d.agkn.com
d.t.tailtarget.com
d.tailtarget.com
data.ad-score.com
dclk-match.dotomi.com
diapi.webgains.com
digital2.correiodopovo.com.br
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
go.trvdp.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
i.ytimg.com
ib.adnxs.com
image6.pubmatic.com
images.taboola.com
img.r7.com
ius.ctnsnet.com
lp.correiodopovo.com.br
match.adsrvr.org
nr-events.taboola.com
pagead2.googlesyndication.com
partner.googleadservices.com
partners.tremorhub.com
paywall.correiodopovo.com.br
pixel.quantserve.com
pixel.rubiconproject.com
platform.instagram.com
platform.twitter.com
plugins.soclminer.com.br
portal.correiodopovo.com.br
prebid-us.creativecdn.com
prod-rtb.ad4mat.net
r.turn.com
receiver.posclick.dinamize.com
rtb.openx.net
rtb2.doubleverify.com
rules.quantcount.com
s.ad.smaato.net
s.tribalfusion.com
s.trvdp.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
snippets.r7.com
ssl.gstatic.com
static-de.ad4mat.net
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
stg.truvidplayer.com
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
syndication.twitter.com
t.tailtarget.com
tag.navdmp.com
tagmanager.smartadserver.com
tags.t.tailtarget.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tps20226.doubleverify.com
tps20241.doubleverify.com
tps20511.doubleverify.com
track.webgains.com
trc-events.taboola.com
trc.taboola.com
tt-9964-3.seg.t.tailtarget.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
v3.denakop.com
vacina.saude.rs.gov.br
w-it.m-t.io
webservices.webspectator.com
wfpscripts.webspectator.com
widget.perfectmarket.com
www.awin1.com
www.correiodopovo.com.br
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.instagram.com
www.youtube.com
www5.smartadserver.com
x.bidswitch.net
yt3.ggpht.com
cm.g.doubleclick.net
google2waycm.netmng.com
104.111.239.217
104.244.42.72
13.248.242.197
130.211.115.4
141.226.228.48
142.250.184.230
142.250.185.226
142.250.185.98
143.204.202.97
151.101.114.49
151.101.13.181
151.101.13.44
159.253.128.188
172.217.23.98
178.250.0.165
18.158.181.33
18.194.4.26
18.196.184.242
184.30.20.54
184.31.88.106
185.184.10.30
185.29.132.144
185.33.221.87
185.64.189.115
185.94.180.126
189.16.116.12
194.126.175.195
199.187.193.164
199.232.137.44
2.16.186.113
2.18.234.21
200.198.173.170
2001:678:cb4:bbbb::11
213.19.147.44
213.19.147.45
213.254.244.21
216.52.2.39
216.58.212.130
23.37.42.132
23.79.143.124
2600:1901:0:76b9::
2600:1f18:612b:4200:28fe:9b27:fbc6:f054
2600:9000:211e:6a00:6:44e3:f8c0:93a1
2600:9000:211e:9800:3:7e1c:5b40:93a1
2600:9000:214f:2a00:d:3c0f:bcc0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:325d
2606:4700:10::6816:5a5
2606:4700:20::681a:ad1
2606:4700:20::681a:d55
2606:4700:3032::6815:57ae
2606:4700::6810:125e
2606:4700::6810:135e
2606:4700::6810:bf3
2606:4700::6812:c05
2607:f8b0:4023:402::78
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:80:800::7000
2a00:1450:4001:801::2002
2a00:1450:4001:801::200a
2a00:1450:4001:802::2003
2a00:1450:4001:802::2004
2a00:1450:4001:802::200e
2a00:1450:4001:803::2001
2a00:1450:4001:808::2003
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:809::2013
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2016
2a00:1450:4001:810::2001
2a00:1450:4001:810::2003
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2008
2a00:1450:4001:811::200e
2a00:1450:4001:828::2006
2a00:1450:4001:828::200d
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2006
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c04::9a
2a02:2638:1::13
2a02:2638::3
2a02:26f0:6c00:287::4469
2a02:26f0:6c00::210:ba0b
2a02:26f0:6c00::210:ba29
2a02:fa8:8806:13::1370
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:2880:f22d:c4:face:b00c:0:43fe
2a03:2880:f22d:e5:face:b00c:0:4420
2a04:4e42:1b::621
3.126.56.137
3.131.52.32
3.23.208.81
3.232.160.141
34.102.185.99
34.207.18.4
34.98.64.218
35.186.193.173
35.201.123.184
35.227.252.103
37.157.6.253
46.236.13.147
52.1.252.251
52.209.126.197
52.222.149.102
52.222.158.53
52.28.108.245
52.28.203.152
54.217.57.115
54.82.20.194
69.173.144.139
81.29.72.47
99.86.2.82
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00fed2da5781a8401ff55ba3fd96b6f29e17c802c7636c1be141a7705cd7ee48
0141af952b84b4739c59140b52dd7786e24cd2f5bfe642f55f29423bbe38a011
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
020d5dd9987017d323dd6ed1048e55ea089209f930fc9a70299b8f61c0d95a5f
024cf3e5d863b74144b1a54b914d3827ebe8a6d2984cc1956165c33efefe039d
0478f8a286d5e8074dd717ecfdea6fbff972a2a0a4103d7dc9dc4fe680a37c25
06312eaf6212c106b7eb9c622c7023c9a0991b83a098b666ca0ca40efc503a2b
06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3
0980a083224c15167f047867f1e196748e0032631ca0c3783e7051c5fcb3336b
0a5cfbf045af61b12e14293d0f7bec876e592d4d6ada400c3701d2c42fbe498e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cfd7a9f5b0e61c7667f3a157f90e0f4d7b8b0f8f4bee90d224899140030cda0
0ea7a5cf34e2d3962b8bed59055411f4fe67aa93f24317f31620d48898145dd8
0ef5914689244850e59f589b28887dad839aacaae60a5cbc63f117086b1e303d
0f266202b591aab2563e8ef52fcc7cf8d2358f48600ad7f52bc62462787dca01
0f2aa0b48a55e5bada7d08c3a536a9c3d33cf0b4a6cd600a9b3a9aa743dd9ff1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1184674c137c8212dcc1bf6763a147d317e94e4b004bfab579121116d3223ebf
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12812a795939d328c1cf8492d9b66d979104c00611814a4b9a4705cb3585e981
136d787362f737ae981395ad687840cb6710f7c222f732ece72e7b556747b150
13ccb9daf82a23a5a1c8b7fbcd074b720fa6bb5144ab2a95d17ab6fc83a2f913
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
14a52656d0960c81a878231728f482aa83820d6cfd22c41430ce477f9ab6c3a8
14b4b96ca6818049f6d6832323f29955d13f0f01413760e8b483b7a5aa1dba39
14cc03bc3cb62a25bc65bb84d6a79e30a8e18abfdd395ecc9000861ee45443dd
1522e3c015d201d5754016ab5fe55a980dec1b7c2f0e631cd08fcca92f4ad771
1533a0437bab2af5169ff33ed8f37ebb2791793bb3e7001bbd6452a8db798216
169e713c2496498336d93532630b4b80fdb9db45d0a090624d155a5c7853371e
16c46281a5757747fdd6ca090df54b1d2b5c8ef9b24332addfbede65d9f371cb
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5
17e0da2800a542eb7cee178c202ea84e101132e5a77bcf96cf12034fb8d7b8f0
17f51b6b7becd307827ebd7e0184f13419a7df47827d58f758d958534ef32c58
187b2130cdd7857365f314352097dd414d0bea425b98dfb3d0423d7d184d6197
18c87d635507565f16cae963e310d041099274a6788a409f49ca7dcb1fd5d0bb
1ae6763914a4246a02a4714f279e826675c8fbab8d644e93c3fe9de0da330d11
1b084d429d350edc68e28a4b0f291b97bfcc1a8ae416b5c16cf8b0d11e1e59fd
1c706449f1d1d901bcaa4d4b17eeb823f18ff517fd4c4c2fe781bf6e4a9fed16
1cd03b6e08d2fe23841083e3f99fa8b72d931e70567789831131df06234c5957
1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
1f8d8e5b2137aaaaba49590f6cd87ba779858245aa9318c30cd1525e9a1db8bc
223388978aaf4afaa72e2a1fb610909140b5e2da8ff02d6db799615d8d0c25db
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
2450475d377d43989a135a393b7eb9bb31daf1e7dca01a27b854497c46f2adf3
24c019d75ebd646300d09cf1961f824ae2cc235afbe807354660f7b88a4822b5
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
24cfe6aaecec13b113f8d41e60e0c0588e66e16b22e87e89ff0e99d919e72f17
24e4c070f41657ab7c344c8e3b1f49efd5a85a3d30e171b1c0276128506da27c
2709dcd48925c938d98757dd3cbc7708d9f49eb46212174d7954a68ff66390e2
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
29fc8c47a94d2164aa2cbedd171d0975dc9d2ba60921e36eb580467f0a68af13
2b87ad2e3dbfb1efc89a89bc0da9f724824d1612ae8db8bf7e47dd337fdc7151
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dda7a79e68bc8bdfb5616a49436cf167a6a20d6452a7e948615fbb6a1948781
2de2bd744687ffddede21f482ccfcc62aafc0e457a7fbee48ee8135b45f66c44
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f18363fdebecf3ebd553e917a0048fd4644f33250cb98a12be9cf4597ea3919
2f42b3a57c656fe308f398180a400f6b7f687e8396b9e1adabd83e67e7143968
302edabe4f3cfa2f63114b093892010d48ebd3403da5a033e8f19e7ebceb0101
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32fb46e37490028d33d014af2fa2446ddbab6ecbf50318e488483b3b9aa59ad0
33ecc2a5288101fd10b7f511f60e7036d9112e5c2e1163a88d29146d2bbc5bcd
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
35b49913cbbf24416c04b5a74bf0ff74b7c976c964e2304f30d579ffd70f1171
36215762f0b34afa1fa38acacb43aa2b609bfa3ae29b2d660302930653b40997
36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52
36da8563759421f01893e6cc33cdac7a756681d5f8ece58947f6e431a3e10c2a
370e76f4c0fc60b3be74832230f06e22f3b070c59218aed1dee29472f37465f1
38925d240f4b29b4c9fa9607af4efac53ada2ed1659acdf69262934abb6223a2
38c8cf532fa433d258c72dc8b5df1c1497720980a953c1072ec8538006fe79df
3923e7c182008b2e667b295342b146adace165e25a8993e73e8688288968ac1f
39aa17e99f5b39e1ef53ff580629f3275869a7151e266afc646d9eaf51c49d79
39d26fa66a5793471f07832b26d49f23b79200c18eea532a805f3296001f7c09
3bed1f4bad3b984456ba03a05d45cba1da86a34b2e0657b0c855f3478d9fe874
3c550cc6106b84782b282835ee72face4e1d2e527a895493d5aa0a47359fe63b
3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608
3d83af555220c88b18850ee3fbf69a98d6075c6222996861065acc2d619c492d
3de90a9266115ffeaea8148d0604ae89e3eeab3105a52bf9e3a90268319ec629
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e4cf41484e16a8e99ea65620ecac036df5d23dc0b60adfa7ced3f7793f26f72
3eaa924137eb4de4bad4170cf06d147f14b859451245907bc88ca52e4c7febdf
3ed7961b640cad3efd4a453277533d8f8c87368d0b46fde38fd5d8d7d9a7dea8
3f630a191b479def3ee0f7408cfec54c5e6cad83fec65155d68ef83dcd381714
3f912e81dde708343686b085c3285fdf2c19811b243581f7134b04773d6dfdec
3fbf7c3785635c11806b2ed111106a8a570f83cafa2a642226510bca6ef4c47b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fdf8c93dbee14684faf70411833e92b9a084331f198cd5539ac2c6633283993
401c305a433d8f0ec7bcad2bf9acd9637e04aa91fe02d5c6ee4ffefafc8fd206
406fc2ecaa46e7c318d304cadec8b18681d750884c0e1ea0e42f9fcd4f37932a
40d749f0ffb80b848ded5b88e9e3884d4f3688891bce6cf38703e704b72c2585
413dbaabe884bded8ca6f791212d7089fea725e70f77e6c61f8a728910e61103
423293fe3c2551b1a4bb465173ceaa7679df304828662b202aad33265b1a101a
423ae58602522fab7a5f245fa6f8a214da4a76f0a8d8a6b1f809a5ef6dd75b86
425986da2e02da8b34033595c0bc8208f07136653cae6b24393ee50bd35b8415
42ed8aca96bf1e9bb25a813a1176242c2f722734bf4d5048846278b95ae2ae2c
42fc70955f09c40a96eb48b58d9f6e088a33b41ce5e925906b3c6eaae32e90c2
4324a6a9a00b6f60ae885d39ce1fc3cbdcfdc81cc2a89e67a12e084d5a98c91d
433fe7b191081a66df1b4e0be1b98d504accb0bf232637283d37979dd1d1a87b
43ddc3b38bd724d5ee9b39f5f972b778343408f9afd7725def7cabe0d46fee66
441e54b1dba4df6b3fc07406d82f1e6069bb799c4c42f7296bf1830717c1aae7
45018ab3be2b4e2e89eda17e73a7ec0a5ec26872ff6ef5cad680919059db39bc
453e59ad12be6d88a5dcd5708d6b648862bfdbe320e39a0d98e39eada798ece3
45b3ffadbc785de6091fa798527891eb7264e4d115e3c1a37acb60e3d70d4966
4604f95a3781457d2bedcbb3a52f52ee1c619befbd16344e750b2e028d7b5991
466acd3ef2156a1e8d6d03e52cce266d34fc3bcc6935dfaacd538ec88c0b198d
46fd479ffb31457f997272daabf4e1791a0f0814c2127888ef6ecd526d37d00b
4753680a0b899df277d3af917c4f23001db8938d16f4d0873c6ae10d2cdb6399
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b
48a054b6b2b437961fec0b6af7c2b3412fdc25aa96de068b6bc43cdedb5b4d7c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492253d2d2da0bebbef019e63d904ddb0b096f5a037c781a7cfda22c2332f692
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880
49582fd71fd13d10cd0d8071d8ddbf9abc5f5292e5f2bf83ff4028cd99dc16ea
49ce699bc2f71d32d49cdcfcdc1e115436b3eb12dd672249d0777cc17deceea3
4a233fdc512c16069e544a929f5289021f796b2e9c439fd8fd867ab01c9ae6eb
4ad4c7fe5a45289dff3e68f3916244cfa66e216658dc6b572392be72da58c62a
4b2e739a050823a1b2bcf0e0f36e80220430fdb2cb6abe0a44afc5d9260f540b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bbc9cabb74840a85dbdb6dc7dd227f1a7745600b530cd305c1bdcd66165f267
4be684be0cbd259eb324512dd2ca44145e01bcc944eeae2155ba731be8886727
4c051a904ed3bc243e02450daa9e52e53f378348f4e3e997c8c94134b1553484
4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e369635987f4ee1f4bad20a4c30a6eeb4fc2afe3f185fa9f6a8ecb2c5131457
4f90beb9c5ce266d97c88013d263ba85320e90d5fc6f3ab016d42aafd330d70e
4f9fd83d65a6ad09005ec3e12537a23beb340cd017fce8749e138bfeb530da68
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
508fba79123a7eca704546da35ebb132e46337686b8a5a67c4211e0a16e28e8e
52c6021ddc04c53bbd71907e42070e90dcd4093c1e5ebe5c35f465000b4894f6
53627b9ea8d359ffb832eb8fa8428d34d1a69ec9c2460e8ac68ee6ecc5d4c1d5
5367b985d0e7260be2ad1a7dcf0578da95c507ba93b57f0facb134374fd4da4f
544fed9092e26545359b1586b76bcca554329ecfc5f204beaf06bfa4fa6fd2fa
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
552de1ad5c0467eb8ec1a7947ccce51a01d3438d6d86da47549467cb20046d6b
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8
56730c46a744459aa3e621b4c911bea63cfd419ae0b83ba88517d09ebf97e838
57214cdcf15665a435ed82c94b38f24c078b11949eb3a706ad8ae67a3318be5a
576e4b660b1b591912a48438c24665ccaf31c8b69619c20c37f13d492dbe831c
595b403da260ce0bca3c5c65929755b33f32e3cfc402863713273dbf4782b9a1
59758d6213ae16ffc0498f7ec1747b84047dd0cc9ff2c1da7aeb66b47f9bda5c
5b3373d26e094f2aa6c1c6093de6870d8df1c1412389eaee206bd38f3c5ff81d
5b8e349fe54136e445a39b530704cf05270fb20a6c144ea0267bd8176eb3698b
5ba8490cc60fe0c0371c0acd84716072305214b84aa2959bd231c6cbc30c004d
5bd9ca2f57b6c388332dd095d8c9be87dc71c2e1b78b843515ae758fe05a1223
5e89f9845fc2a935c837dcd7089a59af09cde8ffdbf1866dfff621152fc74690
5e9053378edea86a34d5c4cbe3c55b92694ff648e79930224b842a730de76189
5ea49dce4ed7b5d04a4ed0f5cf264062e31c4a2e6959e29e59a3084728010087
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
5f86eaa44bebd90324fd49d796ef010ec39f6af364018066d4e2ace0bab956fe
600ff561432bee59a33c280363a5581abc236781c2f29d56d04a8588d9546359
607a6a5706bbca51e1eb64a7d83783362e92d1ffcd2e91116e778d2d7fe6424b
611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964
61336b29cb6b82ae8722d1ad8af37e23c0b3983e80642f22c4e07746122ca0a9
6152bfeecad2d29b475f5c67e4e649551203ff8fe5aa99112964bdac59f138f8
622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d
62e8401c97fb76307bac29e33631c8775c9b9e15d7506ca0bda87fff66452420
6343215ec319675cb28ea91dedd674c1ef83d3fe9ab2cb8c6c0ead70ab810894
634cd65be298df0c37ecc08654b1335f8a36558a6174996d78870268d1a67fc3
6356dab2c76e9e8b9b9fe33f36effc4b58d2268854e1f4d2609204c4752a765a
646e3ce4046fafcf71b1651dd30eef3ebacdfe1ce29fb56ae865641a89b6833b
64872f9d07c6c4a91d9e1febf7e3908b8637c88e31e409786a34a616ff8a7d27
65929976a7474811485e91671303abba0e9073934a7712e9426cfc0996bb21f2
65b19a5808c1a1d2593655c2b3c39ea52db2d0daa2a7cb3fbad3c2f71bef370b
65b902c64261cb352f2ee7f0c06de82d636f5e2a026fac7894e8cc505ccc7624
65fe793cb53125b1e7a64994c1611a5b172b14187daae2f13b3d69f652ac124d
66623b0935ee7dfbc98fcace56472beb123f03c695a443c8793ae1d0f9c22b3b
66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6844649b3ba012bb5f4ecf36df70fa1ee23a951aae5596823a3992d04295b0fb
69ad0dce761d33049d410d61d1717f194672f08fe532bf88ab2f62866db19f09
6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc
6bb3c7d3cd8b6ae6301a23cafa2167ed0fe548f5dc0826af8643c16844333c2e
6c3baac1987f8ea44ed14204bedd2a588a8480e33a1162df639433fa32c3ec43
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6c7dbf7c801138df4b2faeae1fc17fd4e7501a75dadd64034ec902b8978a454e
6cd2df3d9315f215316ec08d7fe62c380aa3617e04bf459924e12b5f2e263c7a
6d6899ddcbaa1e6a2ae48d5a26995131b3e19998b4e62ce30682ca52ed4fc04e
6e7d6826010c47f64438945a78cec8f26c51ab8981451c0fae14edd66b0b746a
6fe2709db54fb3d3dc405af9a6dc0ba3f8b0a9c48bcd65866c971fa908e87965
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
70d275cf7b1a222c1049ff4536427692b1e25003ec2468e8bced526c8ac4d72e
71395335533fe2b9df9fd4dd184dd90a2aebc4bc0749b5afaf175b2ea846683f
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
738be620a1014ae4177469369cec8187151014303746bcd7f32522926b82d776
74c58dceae9cbe820cdf7d14bf41fd03a98f9e19cfc5a96327d0c13db2777390
74f8bb668af45bc33e9009c79f96d20f72b101b6aa2e54367ca1d57fee38376a
75046723690e555b59fc656ce2b75707fb2e249e7d9446d007210cbec429007c
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
77e7ad71599b73f06bcaea11c25e128d50c80f6e7fb0cc10f317779fc285d954
780849559953abc98981f7964d063930d1b9cdf5f9aff09e60bd64cc2d9de59a
78ac6beb4da15e1e9f06a07eeb39f8f7ea755cd4c3e5958fddb4aa14fc72e123
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
796386b91308405873b1af12c7633fbe30783a4ad4531fe688b94d9fb84caab5
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
79ff19ba14555656884b114ad91d978389b4b801f4d9b092e874aa435246ca1e
7a05de7c3de0c9029a963830574fff9cc4a44e93f985d2f1aa2e680f211220af
7a1d9a7fdb9f6de569ac49bbaafa22ad4dbd395d58bd166ea1b3689113de7f0b
7afd6d7382de0268a425325597decbe50a203c95a3ce5f06624ccd5e00cd7543
7b1c7f8e22a158eaf4528dc6837ddf54344b27aac55c98ba4d843b7a6cba6970
7dca19845fb8fa47d28ddfcda2b6ee88166065fe5418d93c2491765db61cc6b3
7eb8885efae2977beda6754183d187ebf2b43c928d5bf0d0875c3a12a54454ae
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
7f98ff9434849daca0cadf865d4639a48d85a7ad473a30961680c7f285a885eb
7fcbf36a2bdfad4e9007f83c3f3b5d549692d6f079f1156a65fea99a57ef9af0
801dd0d65553bfc907e50b162eccece494a8e153ae228b9f8d7e385a0e37166e
8048551008ffd51823ff935cfe8b20691143984aa7bc3b7d2e720af92ee54a98
80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff
814fbfc1804f477d3a12ef1a73ab55d287331f176ef7c96ea0049c4cfeb806f4
81d048ee35d78885f47c7812da0dad2fcac3d5dacd96c33e66e9b5720f8726d0
8248af8592a78954b8050a4f78d12e1680a57a0f2a8884bae9eec06116d3d8c5
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558
893efdec71c96ce1943ef1aa4aad90b17c69c4605b06363cb67d91161219fa7b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a4ce8c10cf1326eb424a47723b85a0aa1de2c19df4216e167a0648636b48264
8aa33e48b7fd0e2464758afa99f04196872333e81066ac3b90a4abace6cf30bc
8cba0effb5b2fe3741e8a4c0e81f3eec76b8d864e39d05b3c3182dcb427ce308
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9ab80d054d2e605b9041ee3ecfdfd69a53efe23a4cb3a52de658fd3c47b43a
8dd2b33486d15e920d6c71a134be819cb5559c83d45e0016e52f7c9f8dc718e1
8de1758d33f2f42d6812a8c146fd5c785b12e4d071ecab06b9b05848072bb850
8f7939210f06844514bd8c80a75b4aacd44e03b5acc7a21755e172ce202900b5
902fd0729bfc758cd0497c1e3d8f4ee08ce57daa4c550d90a9a69a0686c6412f
905da32b08c8d9c19cfebee75485321140cc70fda679def3978e3453747adf04
906fbc467bc895c76cc9abf45c15cbcd8a995c7d0a13ee0511549a79984bfd74
923c7bc114115535d3859aa2a1ab45e35c6a674d7b221d6cb3b3520f6550d053
92585ced325c8cb308504f95b18f6fb8ec1089a52453f9c9b73a30ddf9182ae8
92c02427aa57afe887187c578aaba81f00ddcb521839758001dee90b491cd539
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668
945d06eb0dcbe99839850dec2ced3f8265adba0ee296ca38c236cef6cc0648fe
95d722457b6b19c9b2248849d162602edaf41b594c82e44e6f6a316ba4d3d294
961cb61d6a9bbaa0ef6485fcd8bb7b8dc500ab65e287cb3e98fff3ff75e48454
9639244213f83b30ccdc150e7b592be27b96d2d5eb06ce4753ad449ee4845a2c
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
96c058dd833329da7261aa0ac07f9a8511ffc8996aca563b2c7408885fc3d59b
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5
98344eec8842ef328890a29cd19a5d3b308eb9db3906b47e8146e5231d4a2eb0
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
986007c6e5ee35ac075b04c5eb0a766f9d5d744acb8f9e55122fd5aec690d94c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
999e9d04a207ec40f3fc8ef2c55e5e0076f4733a20681dd180096825da1c6367
9a877726a7ea75d3ff46da702d8e1efbf615f7af09763ac702b2fe96f3e6f998
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b7a012dab4a4d1e5902a407b8eb9169935186368a4bbca4e43bce919adf221f
9bb352c2fc96520ae890ff0c1d27abe98ee00df999294febf4f194dcc80d9702
9c9ac6a6240e80e9c27305fbf104935e6276c8cad2ef9081377735cfea02ae47
9eb8abd21cd55dccbf594f924fc021a47ad55572e0f621d5cb3fd587e9f668f8
9ed220fe446b0b7ff457f877e80b70aad1cdfed9d8cf6b596f6d0249fcd4eac5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ff5526fbe195ceaf4c14ad2a2adb2ebb1428fc3fade5a2bccc9a00a14bb24d8
a0344654400c543fe5276f74fccb78123bd1e4ccc649ece2fff96aa20cbd0d46
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a1d7709d6a501dc8008c554810810a93dbfaa07acd1aeefd4f874cb83518e027
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3226ebe4e39bc1ddcc45093d268ce2fb898cd9d27ed7e75100a97602229169a
a3c33c7b5803c16252a349b24b1e736c922b0cbe23196c0016428847d7901b25
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c0938e087a40c05a99d723eaf012958e03b048659bed9b36a2bc63f766d32b
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
a51d30b532fd6d11b67754b83e3af505df5fdc961fbbbe801afaa86e93841bab
a6b771e9d8e68cfa8ef0d0bc8e3cbe90ed3e4cb2767155953383360caae1b4ac
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a752ad4a6219ea21dec555f682ff9e49ed22c8c4c4e2d992312b13c8cebcec31
a7a74171254ab21da9204f07a8a8db491930cd68dda782bcb63cda652d0d51be
a9536f1a343804be256fc5fbdf07ae30c27b6024d9cdfe4b16c52f150e439f2d
aa258e219c8bf5751afcfe73c1b88e29aa336aae2495ce4d9f5ce2097b4951a4
aaad17d860310d83cdb8c7cfc336143de3f08ea3c34ced5d880bd6c666247ebc
aab89b8e0efe5e5a4bcde4192da0ca6227bdb55cd32de482f526bfda1e25ca6f
ac236d488ce8c272fc5d08b70cb2f9630aa481e321be283cf1c2a209fd144241
ad69ed06c586efd0d3af3a02e6b5cbdd152e66b61cb526ebf5fd72a5d74430f2
af0968fb178c7fcb64ce8b722be02a0bd1df0b61aa5329d69660098869ea6e01
af1f381103707015c1efb1924b9104a024a2a78c7c9e8a94f374764d19e6529e
af5fd803088fcdc627e5cd97fb88d7fcbbb02a705f38fd48b1ab5f4ffca50ae8
afa2e2dd93902815a71f3a23ff1a688f6c89b711646da9d26ec57115167bfcb0
afff77b14f4fd39a8df9c4af489f376b4ee451b9183302d7a56d134ac2b505a2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b403f883d0e6b89e431fbcb325c9f93924256746d04ebf34aaa8076ac2ca3baa
b46c63400ba0334576d697fd78ddc26ca60d177cc78b05b3658292ba655f67a8
b5299a75c461bd083e7b974222999d4df3957c9ed4ec34662a1e8830c0d37d41
b5b1f8c0ce1ab29cca4050e19cdb04030d00671931d88126bc8f9c4ebb492aa9
b5c38989ba7e43503bb4fc3d070653f93347a2eb6d84b8cc0ef09c79b8ebb861
b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c
b5fae5af4f5970094cc33b7f9e835218efb988926e77acc342bf5fb6062f7251
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
b610b883dd18684c86347c1682a9be11f96faf879644a4701e4109c4dd1d591e
b69d755c3e25a2f7a066c1b113f9b5fb1cb1ddca1c36dcdd710af9325e0b2e62
b715761e92524c9442ef612af378e2fdf19167f92492568f4961260e9f377a0a
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
b7d5093eb11205e1b6a2329321c14b3c617b9c78b6bc473b7f90362a91ff5015
b87fd5ecb8d9b1c33f0a6ba0687b5ef3e3767d7a1f95f157dbf31f8d5b015f3f
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bce49d1d03ca581a9c1559e1d5595d03ebaa1123cb5d3f96f532279fc1750b51
bce5f3326829ddac717cdae3e34ee8317318b843595a2e76f6ace86180977f5d
bd2a0b865bd8877704bae5d0802071a7da620a59190a3173ef020779b67d2de5
be3ec5f1725890958c7ef75833b5fcaf41aa692812557006dec25f664b77ce33
be735dbbce112db814813ebefa31710c76e242cce684d3daf6a9598bcac039f7
c01c98dc32c9889b4120afd376d61fe7a172b6cb323b48011b71572a4d97ff8a
c1621c49c695a43466f2c965969d87f5307967a62eda30228a1e4f923fb2b70e
c1d66928ad6759fb7f75c400f9f98e2a1a5b8683c107c3426b04e83cbed5825e
c20f4e658ca4e7fae8204a198a8c770d19b8eb3e13cca4ddab9769f108173f88
c3325fba4bc0b8a61018adb2d0bb0fa89a1ab92e7fb8459bc16d39209b82ad7f
c34906f621bed08d975d42900c107ad05e7633d06ecb202739f5a9a99af910f1
c48c9fb882036442809506e1290aaec09b9186d6c38f2308dfaef31c6677437e
c590aca54c4c209cf85c327fbb0588ff79aaf3767f4a5738cd9de9ac5e62d7e5
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c65dc23c9b6d7bdf0633746c5c48ab5fab0074c5087cfb6f2a814a426fd62273
c71ae879b1a05ea9dd1ab5091b5ffc554087c41e1718d05f203f9b71321c5641
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c740d8dd4494a96507134e544fb09e2d7e7812ded83f4978c7e5878188414647
c7d5f6634a0f8fce8d15073fe52566a01f8d0b18821728cb2372f6defbabad7a
c8be74ac4dc355f0a46acec8e7ab86091eca59c2eaac5d21a0b403bd6241291e
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
c9996338cf56895fe00f9ce9bd9733fbc484e636442a6c6917ee959cad2bcf85
c9ef226218315b5804f91c7ae1b34352194e14f1dac157c814325d179dbcc25d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cac9fabd6f802244da4a2c68c48005162433f6a89df5f315b137f3886e809b21
cb8645e0bd04e1ff25faa1c0e956ad2f12f35d752d55ba2ae97cee37d37e2836
ccd9a6015e8b5f982a3e135cfbf1fee3f53925720dde880567544a11a58a000f
cd62db48fe38b5f3ec0ab5eb8a38167f7fa7d360d9c73ac44439416f6f7b550d
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
cdbb929d9ca1e2ce7b2b4227a6e752b820a215a1e4a7e6bc56f943887210e2d7
cdf00f9e3a077552349eaf8c11abce651c9ae58a334821b20202d473a09ad913
ce52949e9b1d83b7909932a5a0893e2f7aa0a447c853e21956cf91bc7fbc902d
ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf487f0a51b3f46d2b7dc753ce7141f2cecf3e50e0df3bdf0b23fc24e7e8e17e
cfcc22d197db65b2991542ddb35450493e299781d1491c95015d0f8537ccdf4f
cfef45803dc66cb82642977c78b48f4f53b9d03a7bb0c0ed3c91f1f17fada608
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d0eed6847355ded30be066907ce2a995bf769371745fa0f6d5c80007271c2d90
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d14a92927736ceba28302c4a9912a202758709026fa4b609183b224c254fce6a
d2fca2ae6ff4ffea8690cb747cfb9237c873b227c4ad3425a1d84598c8bd0148
d3674fcd1c65192a32ebf67cc37b9aa3dbd5a83b1f67b590c7e2d08d30eae1d4
d3731214648827ccda1150b21e10f5ff1815e0371cf902546b1f78a535e3e4ed
d40f2b4afef1f4eed946a3d960a6c88e0ec4f8bb03d7e45c24ab063488425a46
d4852e0c1e28302c1d482a7afe0c0cd2caf3207aa83bb34cdfa182dd2e6386ae
d48def4cae4a07986d7ba7a0489bbe7c2d4669f2aba3d98c556e353d160d2e37
d5d7d6a6a2357829d763ffe0ae7a664dcbffb98d82b0726e130c51506fe3aaf4
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d86ab98d72507329a569234e06f680d4c24d6174388faf8ab2c7b9c6102f5e8e
d97edfe6552e3143d0007b5e8103f3b39a3dd32898a97c20cb7337978feaf83f
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
d9bf1380c53fadec6336158b7d5cb245a2f8a2b543837e51f04eee916d66f486
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dace3c80f41ab245b0c1ed8ee192cfda1cc764a4a15e83c28bdbae529b1d1ee3
db4243fcb42af79e27f42ebeb09f99e3ef5b4e0ea12f99cbd10d29e28e6966fd
dcd36419da7937e52754772f60380387c49f3243240a21f41ca6d87346f72a0e
dda7802e5d3be02ad2054fc3e8dd05ab2a9318637120997c750ab89f0af5965d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de449772271eceedac2a492a41a7bf860b29402fadeb390e034ad2ed0b654b21
de4725cc1de7a73311f5c3cae1a2bd989f59f404fc53f8b216b8c5efe1b93bea
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
deaa8c25f96a0b2b3f348a5f55da84b402621e4a4be31baeb56ba3de133c99d6
dfaff480d3d69518a9293729aeb2d9c8c651d4bf6f1a38d1d64afab8566ed817
e0a652a1bd36b70149fa3c6fdb4bd8641593273e261f2c43ae5e5309fa98bd56
e0f51425326244714ce3cad94c4ee1c40c669860d10b15a734bbd5ec6af88536
e1525da0eb146a3c688ebfdb6c6e70e0488f8e39fbc4c61a7fbd62c906dd0747
e2d9bd9f5ffc43461e3a39c12001ed9c90664a090e83eb7985434dd93c283e21
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f2ee4e6cab3237e279603d00e40eb3c565c199a20aeffba0e9a34e83033395
e50a52ac964562fe9c5f9a1ce02865067b270685fc85c2bb8308e73e877a1ea9
e52e9748877c5d37dda20d44b5990b8d6d961b9be111e8d3531eabda37185ec3
e581acc738cba51dead610202c58d80a9ab824bbda760b8764d82d0cd5949015
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e5b77e18f570c03a69866a02eb1e7281e5ef072043fe6afd68abba126920919a
e67c7005f97f0b57b13f0725ab31c7b0c27aff3753701b6e8fd7631e163e5209
e8e6dcb13b124bea507bcde9ea4f2c591f6c7c277e041277cb14619c6d2fd411
e917a397ab38a9f921fc4c9edc85efec8eff9896034d762898457e61d109a550
e9a50c3fbd67964dcbfc166909d19e96f25f32c40ad50d656899f2aa381973b0
eb16b8a7bf4a2c6ecc058026d46f92c95634ebba4757f58e518fd2db328723ed
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ec2e1296380c1680aef32b3123b5d26e3a343b94e14fda81520920cecc93cee4
eca965f18f3bf501516fd5bdd7343363c6c8d002531d573a7461ad3281a27aa8
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ee02e8a1152b104e2b5eeba69154b873ad70a9422be49e4e4909ab016c9257df
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee2eb05a42f913e9d0b507359bf249acc024088eae85e30976cca0169a557cd2
ee668ae90a3edf6f9b16833ea1025f3d7c10bb88e69417a6690325a8cd0c60a1
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eed7ceea33ee3b5f6159f6513e4ffd02bf00ab1acfa88ed898195249cb61bf76
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0bc367042f0949be4b4930174c39c95b78d1aa1b448a0e28eb8097575122beb
f1acbff229c00a2ef2e12fbdb8277152bb49e5027973e39b14bd22f66a180762
f2223ba3cdce251b5827734b4b97a3f918fc8829688dc351eb00b47f410a36ff
f233796ee55fd25944984755fcaea084557dd93d9e3c4d603c307966cb0f0ff3
f2f6d277e9a00330022be2b7ef4441ed84127e2359bfe7f7800c10f294e81917
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f4922f1f24da0717dd235134de97891c5f25557741655b02f70eb5b5b7b365b5
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f4a852bdf0dfa921e7144308a4c48b1aed1695389eb76bdd71d4a48799441052
f5ef829db91a879dc98d894f7421c14487c7b26f3cc83045f84a796eed621af3
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7a939d43320bc1e8606404dfb97b3ac8cd6c32bb3f821d47112c36f343f3109
f7c79cdfc8317fd3bb217ed0e5c96b3d6d60ac583ce428f71b4e0e3aec776273
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da
f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77
f9a3c8c5712cba189115d7a63fbd487719a42ab0d628dc63b0cd506cf1914e97
f9b29e7257cfb5e783e10b78557c63f08b5fe7766a6dcb327d759d4fc91904ab
fa7f3e34aeffa172cebd8a89c53a94f3fb5804b9c6b2ddeccdfc14e95d163ffb
fb66d50466654410ed1aba9e24bb40f3e64594968136cfc472c1afd1eb180dba
fbd1edd661c3eeeae3650b9b6511e253dfe96ea8b4d016407025d439d40def1a
fc82356ef7a919c86e09c2443e566fca222945e2dd484899fab2fb94e0c74cf2
fcf5f61d096c619a0cf83bd9e1bcd9cdd40db137b76111d3c2eef2d8e7fbe404
fe55f6306326e8e0ae4495684d8d742eeb3565d40bc0c9d95e0c6f557a65e64c
ff01449b1bea94db745889e4cf6a95aca957ea1d548392c6219826cdd5763352
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2