controle.diariodocentrodomundo.com.br Open in urlscan Pro
190.89.239.238 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://controle.diariodocentrodomundo.com.br/
Submission: On October 20 via automatic, source certstream-suspicious (October 20th 2023, 11:21:42 pm UTC) — Scanned from DE

Summary HTTP 385 Redirects Links 83 Behaviour Indicators

Summary

This website contacted 67 IPs in 12 countries across 50 domains to perform 385 HTTP transactions. The main IP is 190.89.239.238, located in Brazil and belongs to HVC-AS, US. The main domain is controle.diariodocentrodomundo.com.br.
TLS certificate: Issued by R3 on October 20th 2023. Valid for: 3 months.

This is the only time controle.diariodocentrodomundo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	190.89.239.238 190.89.239.238	29802 (HVC-AS) (HVC-AS)
2	190.89.238.88 190.89.238.88	28209 (Under Ser...) (Under Servicos de Internet Ltda)
17	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:d73b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
3	35.201.123.184 35.201.123.184	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	95.101.149.35 95.101.149.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:160e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 8	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
4	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
3 25	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
14	172.67.10.198 172.67.10.198	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
8	2602:803:c003... 2602:803:c003:200::61	26667 (RUBICONPR...) (RUBICONPROJECT)
8	185.86.139.59 185.86.139.59	201081 (SMARTADSE...) (SMARTADSERVER)
8	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
2	2.18.161.51 2.18.161.51	16625 (AKAMAI-AS) (AKAMAI-AS)
24	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
8 10	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
4 8	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
5	138.201.63.164 138.201.63.164	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.64.38 138.201.64.38	24940 (HETZNER-AS) (HETZNER-AS)
4	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	23.212.218.19 23.212.218.19	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.42.246.66 13.42.246.66	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.147.120 18.66.147.120	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.53 99.86.4.53	16509 (AMAZON-02) (AMAZON-02)
4	34.102.185.99 34.102.185.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
2	18.169.68.239 18.169.68.239	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	184.30.16.183 184.30.16.183	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.35.229.251 23.35.229.251	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	216.52.2.48 216.52.2.48	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 2	167.235.114.248 167.235.114.248	24940 (HETZNER-AS) (HETZNER-AS)
4 4	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 2	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
1	8.2.108.175 8.2.108.175	46636 (NATCOWEB) (NATCOWEB)
1	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
2 2	2a02:2638:3::6 2a02:2638:3::6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	3.65.170.64 3.65.170.64	16509 (AMAZON-02) (AMAZON-02)
2 2	18.192.43.30 18.192.43.30	16509 (AMAZON-02) (AMAZON-02)
1 1	2.16.238.19 2.16.238.19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	3.69.215.73 3.69.215.73	16509 (AMAZON-02) (AMAZON-02)
385	67

25 190.89.239.238 (Brazil)

ASN29802 (HVC-AS, US)
PTR: us373.serverdo.in

controle.diariodocentrodomundo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 190.89.238.88 (Brazil)

ASN28209 (Under Servicos de Internet Ltda, BR)
PTR: br204.serverdo.in

tags.juicebarads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com

tags.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:160e (United States)

ASN13335 (CLOUDFLARENET, US)

tags.denakop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.diariodocentrodomundo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 37.252.171.149 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)

prebid.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csync.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.86.139.59 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

prebid-us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.161.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.16.194 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.27.193 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.63.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.64.38 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.38.64.201.138.clients.your-server.de

hal900011.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 145.239.193.130 (France)

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.218.19 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-218-19.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.42.246.66 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-246-66.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-120.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-53.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com

b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tt-11382-4.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.169.68.239 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-68-239.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.16.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-183.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.229.251 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-251.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.48 (New York, United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.235.114.248 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.248.114.235.167.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.174.117 (United Kingdom) 4 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.191.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.108.175 (United States)

ASN46636 (NATCOWEB, US)

us.ck-ie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::6 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

ssp-sync.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.65.170.64 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-170-64.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.43.30 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-43-30.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.238.19 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-19.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.69.215.73 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-215-73.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	googlesyndication.com 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	338 KB
45	doubleclick.net 10 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 static.doubleclick.net — Cisco Umbrella Rank: 304 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 187732	347 KB
27	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 261 acdn.adnxs.com — Cisco Umbrella Rank: 663	51 KB
26	diariodocentrodomundo.com.br controle.diariodocentrodomundo.com.br www.diariodocentrodomundo.com.br Failed	248 KB
24	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 344	558 KB
14	smilewanted.com prebid.smilewanted.com — Cisco Umbrella Rank: 6260 csync.smilewanted.com — Cisco Umbrella Rank: 2991 static.smilewanted.com — Cisco Umbrella Rank: 10113	17 KB
11	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 563 eus.rubiconproject.com — Cisco Umbrella Rank: 662 token.rubiconproject.com — Cisco Umbrella Rank: 504	19 KB
10	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 913	3 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49 imasdk.googleapis.com — Cisco Umbrella Rank: 498 jnn-pa.googleapis.com — Cisco Umbrella Rank: 237	160 KB
9	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 41903 hal900011.redintelligence.net — Cisco Umbrella Rank: 386054	210 KB
9	teads.tv a.teads.tv — Cisco Umbrella Rank: 1558 at.teads.tv — Cisco Umbrella Rank: 5088 sync.teads.tv — Cisco Umbrella Rank: 1584 t.teads.tv — Cisco Umbrella Rank: 3060	138 KB
9	google.com 1 redirects news.google.com — Cisco Umbrella Rank: 6566 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1474 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 118	92 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716	4 KB
8	creativecdn.com prebid-us.creativecdn.com — Cisco Umbrella Rank: 10905	2 KB
8	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1721	5 KB
8	gstatic.com fonts.gstatic.com	162 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	614 KB
7	tailtarget.com tags.t.tailtarget.com — Cisco Umbrella Rank: 60313 d.tailtarget.com — Cisco Umbrella Rank: 68896 b.t.tailtarget.com — Cisco Umbrella Rank: 54564 tt-11382-4.seg.t.tailtarget.com t.tailtarget.com — Cisco Umbrella Rank: 8785	32 KB
7	youtube.com www.youtube.com — Cisco Umbrella Rank: 85	1000 KB
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 379	121 KB
5	criteo.com 3 redirects gum.criteo.com — Cisco Umbrella Rank: 478 ssp-sync.criteo.com — Cisco Umbrella Rank: 1344 dis.criteo.com — Cisco Umbrella Rank: 648	2 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42 region1.google-analytics.com — Cisco Umbrella Rank: 2250	21 KB
4	medialead.de pv.medialead.de — Cisco Umbrella Rank: 51750	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	236 KB
3	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 387	2 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 649	2 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 33897 api.webgains.io — Cisco Umbrella Rank: 91885	19 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3981 onesignal.com — Cisco Umbrella Rank: 1303	73 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1204	1 KB
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1822	1 KB
2	richaudience.com 1 redirects sync.richaudience.com — Cisco Umbrella Rank: 2114	412 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 547	418 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	88 KB
2	juicebarads.com tags.juicebarads.com — Cisco Umbrella Rank: 894697	44 KB
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 621
1	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 620	614 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1279	106 B
1	ck-ie.com us.ck-ie.com — Cisco Umbrella Rank: 3356
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1343	481 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1024	434 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 754
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 363	125 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 109006	3 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 59583	2 KB
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 18074	702 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 270642	931 B
1	google.de www.google.de — Cisco Umbrella Rank: 6147	408 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	185 B
1	denakop.com tags.denakop.com — Cisco Umbrella Rank: 236627	101 KB
0	spotxchange.com Failed sync.search.spotxchange.com Failed
385	50

	Domain	Requested by
30	pagead2.googlesyndication.com	controle.diariodocentrodomundo.com.br 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net
25	ib.adnxs.com	3 redirects tags.denakop.com googleads.g.doubleclick.net acdn.adnxs.com
25	controle.diariodocentrodomundo.com.br	controle.diariodocentrodomundo.com.br
24	s0.2mdn.net	controle.diariodocentrodomundo.com.br s0.2mdn.net 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
22	tpc.googlesyndication.com	controle.diariodocentrodomundo.com.br 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net
17	securepubads.g.doubleclick.net	controle.diariodocentrodomundo.com.br securepubads.g.doubleclick.net
10	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net
10	onetag-sys.com	tags.denakop.com csync.smilewanted.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	prebid-us.creativecdn.com	tags.denakop.com
8	prg.smartadserver.com	tags.denakop.com
8	fastlane.rubiconproject.com	tags.denakop.com
8	prebid.smilewanted.com	tags.denakop.com
8	googleads.g.doubleclick.net	1 redirects www.youtube.com 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com pagead2.googlesyndication.com controle.diariodocentrodomundo.com.br
8	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
8	www.googletagmanager.com	controle.diariodocentrodomundo.com.br tags.juicebarads.com www.googletagmanager.com adv.office-partner.de
7	www.youtube.com	controle.diariodocentrodomundo.com.br www.youtube.com
7	cdn.ampproject.org	controle.diariodocentrodomundo.com.br securepubads.g.doubleclick.net
6	googleads4.g.doubleclick.net	controle.diariodocentrodomundo.com.br
5	csync.smilewanted.com	tags.denakop.com csync.smilewanted.com
5	hal9000.redintelligence.net	367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com hal900011.redintelligence.net
5	367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	fonts.googleapis.com	controle.diariodocentrodomundo.com.br hal900011.redintelligence.net s0.2mdn.net
4	pv.medialead.de	hal900011.redintelligence.net
4	hal900011.redintelligence.net	1 redirects 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com hal900011.redintelligence.net
4	www.googletagservices.com	367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
4	jnn-pa.googleapis.com	www.youtube.com
4	news.google.com	controle.diariodocentrodomundo.com.br news.google.com
3	x.bidswitch.net	2 redirects csync.smilewanted.com
3	sync.1rx.io	3 redirects
3	sync.teads.tv	a.teads.tv googleads.g.doubleclick.net
3	www.google.com	1 redirects controle.diariodocentrodomundo.com.br tpc.googlesyndication.com
3	a.teads.tv	tags.juicebarads.com a.teads.tv
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	rtb.mfadsrvr.com	2 redirects
2	ssp-sync.criteo.com	2 redirects
2	ads.betweendigital.com	2 redirects
2	sync.richaudience.com	1 redirects csync.smilewanted.com
2	eus.rubiconproject.com	tags.denakop.com eus.rubiconproject.com
2	acdn.adnxs.com	tags.denakop.com
2	gum.criteo.com	tags.denakop.com
2	api.webgains.io	analytics.webgains.io
2	b.t.tailtarget.com	d.tailtarget.com
2	d.tailtarget.com	controle.diariodocentrodomundo.com.br d.tailtarget.com
2	us-u.openx.net	googleads.g.doubleclick.net
2	5994599.fls.doubleclick.net	1 redirects 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
2	t.teads.tv	controle.diariodocentrodomundo.com.br
2	region1.google-analytics.com	www.googletagmanager.com
2	connect.facebook.net	controle.diariodocentrodomundo.com.br connect.facebook.net
2	cdn.onesignal.com	controle.diariodocentrodomundo.com.br cdn.onesignal.com
2	tags.juicebarads.com	controle.diariodocentrodomundo.com.br
1	match.sharethrough.com	csync.smilewanted.com
1	ads.stickyadstv.com	1 redirects
1	dis.criteo.com	1 redirects
1	cm.adform.net	csync.smilewanted.com
1	us.ck-ie.com	csync.smilewanted.com
1	sync.targeting.unrulymedia.com	1 redirects
1	ad.turn.com	1 redirects
1	ap.lijit.com	csync.smilewanted.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	static.smilewanted.com	csync.smilewanted.com
1	t.tailtarget.com
1	tt-11382-4.seg.t.tailtarget.com	d.tailtarget.com
1	ups.analytics.yahoo.com	googleads.g.doubleclick.net
1	cdn.track.production.webgains.team	367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
1	analytics.webgains.io	track.webgains.com
1	adservice.google.com	5994599.fls.doubleclick.net
1	track.webgains.com	367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
1	www.awin1.com	hal900011.redintelligence.net
1	adv.office-partner.de	hal900011.redintelligence.net
1	www.google.de	controle.diariodocentrodomundo.com.br
1	at.teads.tv	a.teads.tv
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.doubleclick.net	www.youtube.com
1	www.facebook.com	controle.diariodocentrodomundo.com.br
1	onesignal.com	cdn.onesignal.com
1	tags.denakop.com	tags.juicebarads.com
1	tags.t.tailtarget.com	controle.diariodocentrodomundo.com.br
1	imasdk.googleapis.com	tags.juicebarads.com
1	fundingchoicesmessages.google.com	tags.juicebarads.com
1	www.diariodocentrodomundo.com.br	controle.diariodocentrodomundo.com.br cdn.ampproject.org
0	sync.search.spotxchange.com Failed	googleads.g.doubleclick.net
385	82

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
twitter.com
www.facebook.com
www.diariodocentrodomundo.com.br
www.youtube.com
www.ig.com.br

Subject Issuer	Validity	Valid
controle.diariodocentrodomundo.com.br R3	`2023-10-20` - `2024-01-18`	3 months	crt.sh
www.tags.juicebarads.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-10` - `2024-08-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.news.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-30` - `2023-10-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-08-09`	a year	crt.sh
teads.tv R3	`2023-10-09` - `2024-01-07`	3 months	crt.sh
denakop.com Cloudflare Inc ECC CA-3	`2023-10-15` - `2024-10-14`	a year	crt.sh
diariodocentrodomundo.com.br E1	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
redintelligence.net R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
pv.medialead.de R3	`2023-10-12` - `2024-01-10`	3 months	crt.sh
adv.office-partner.de R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.richaudience.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
ck-ie.com Go Daddy Secure Certificate Authority - G2	`2022-11-12` - `2023-12-14`	a year	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh

This page contains 43 frames:

Primary Page: https://controle.diariodocentrodomundo.com.br/
Frame ID: 5C52F725C1CD8AFD3785243F6C1F3D0B
Requests: 204 HTTP requests in this frame

Frame: https://www.youtube.com/embed/NZPi-h08p14?feature=oembed
Frame ID: CF3C9CC00A7AC6A617D79D082904BD26
Requests: 14 HTTP requests in this frame

Frame: https://www.diariodocentrodomundo.com.br/web-stories/os-oito-maiores-doadores-das-eleicoes-2022/
Frame ID: 7A53F4AC1D46029BF6EEAC7FA4439ED5
Requests: 1 HTTP requests in this frame

Frame: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CB2D4691045B7C80506C386B1D5EA70D
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/wigo-no-slot
Frame ID: CC6D642FE9C4EC57532C6BEEB5F48707
Requests: 1 HTTP requests in this frame

Frame: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 49C7CE29588B962DDC28D4DFBC298AF3
Requests: 13 HTTP requests in this frame

Frame: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D5B25487C15C325B34B99CB2CE6D0EDA
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNW_zX8Zygg-Lr1FrUWP0gYmZXfpHoMZ13cyfAtaJDiGOjIipvjl2Eg5mUvNHhHBvBKb6xnXdCJhGcOxwgX9caDXkZfGgcAsoeUBFM8tfzmIV4f8Z_5PVnRSf5-3AB6WmYRibzRlCO9MMYX-Z3-rdfbERKe0YWEuMSjsScH2gHCJwXl8xi8
Frame ID: F52F10F3C1FE49C6BE27D22A5D426ED2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNUNqpHQ2ZDKWYRqi86ub0c9V5qafVinv8XRUxKa5-14VgV1mbUW_KA0_3rRBY3qMZPZL7XnMr_lckD_XFYL0QHqUAkOb3bwXv2D9teJGAOGofOyqw-WED0C3rxRu1oRphyOep1fi4N_qc0ZLMesdcOzYDgJWDXQrrmHEbJXre1NIzQyzO4
Frame ID: 31BB5F4A25EE7553FD9D84B06C23DA93
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EF97EC2C27ECBAE35AB3C84E72EBA3D9
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/685625985474656849/index.html?ev=01_250
Frame ID: 6BD03567F08225BBA2DDD061D31ACEF0
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310061803000/amp4ads-v0.mjs
Frame ID: 419079BC078A94EA27FCDCB174847601
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 229BE6B14E0970B9EE3383D8934E498C
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=16421100004313004444990012484011&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 78221FDC3CD9EB7F290E131BCFF000EE
Requests: 1 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=16421100004313004444990012484011&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 38422D620D12E2BAACAD3CC74972B4F4
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 8FC91E2375104325ABD78C722C95FEA0
Requests: 3 HTTP requests in this frame

Frame: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0EA83BBCAC089F66BAF63E8911AFDD73
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLWyPMDEIG6ltgEGJWLiOwBMAE&v=APEucNXgTzwE65t6ImEUjmzZwhp4GVzCB4aoEd5ttEkCXiIBqZVhjhy1MhKJlNIFJt2F0QJ6oDNIt6sxu3B7UPCTdRv4x9_tpT2UGdyIxfVWc8ZBhGNyVnAv6ZI-4qw9eh5YuLm5cazwR--E0UqzHI0zFy6a4iSNcHaQgSq_wcEJoPd7Rj79WM8
Frame ID: 8856CDA6F940A71DF757E48B7EFE772F
Requests: 5 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CP-5mZLihYIDFRwXBgAdyRQPUA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4508107646724.22
Frame ID: 58F7DB9DE6F2B9B2E44211A8C23CBC12
Requests: 2 HTTP requests in this frame

Frame: https://hal900011.redintelligence.net/request_content.php?s=16421100004313004444990012484011&a=412d29f7
Frame ID: 36E6BBA04A123C7BBB25DA5B033E4303
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0CD06A8139C293B8964EEE757081DC7E
Requests: 3 HTTP requests in this frame

Frame: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C5EDE225DDDAD42D57AA4DB1B198C2B5
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E12CA8106E3F62AF6311A9360C0C1C94
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C90909B559F82AA6961A2F8DDB721A0E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYifey5wEwAQ&v=APEucNX7F--bl9S4vqlpLDAGdUJ9zaKoJzf5EkKSYjHFKnr3uztEyH1xA9Nw6aFXCwjvG2Oi62vRPCxGHR8NyUgOvbNUm5lazqs9dktaMG6A_r8zq2mE1UqgiIR1A23GJOE7oPO6z88C17XBRCSOgvZWzkJ3ac66PIxJNtBq5klk3dUgY04poIs
Frame ID: C9BFF15D5A15F9B7049727A955F2A83B
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: DDD559C76CD0B95E86BAB1F09AA7E3CC
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10683947489417618049/index.html?ev=01_250
Frame ID: 5B23AFD0F9B218FA7185C91F5B59764D
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D08A798B6007C6F9A2CCEBF8296B0E21
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 59E550EAFFF47B6A38168B6F4BE79A73
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1697844095567
Frame ID: 2D03D2A665FAB591B53B68CAFC683345
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3F5790C4E5161F703329351639A35E9B
Requests: 3 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 9717C2D266E19BFC367A869641F6AECF
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: E7843E493F27FA9FFC52F1DFB0DAE807
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 1FB1643DC738015129F7CC65495F4898
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: A4A94497DFFD14A298E912CE1A27B6FE
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: E6DCE4C9167F91ADB1CDBEF83B9CCB05
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-0441b874-5190-4856-9a1c-f22c1c229b86-003
Frame ID: 53436BB2DF4A05E467DD1EBEAD97F1E7
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/9f3c04dd-ed34-5226-979f-d44df2acdfce
Frame ID: FBD470E1A387A8475C0A9077AF87E486
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: E0607308250F27BE6043EEBA55826982
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Frame ID: B1B3F62E6B0540A950B00C1F4BA3311F
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=2c301c4b-5494-4b8f-bd14-9f493f978116&ssp=criteo
Frame ID: F6D30C70D75A015874B4F57EE98D6D3D
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/c33a802290cbae4028c818a5bdb7b1b?gdpr_consent=&gdpr=0
Frame ID: 9B09140882A4369AFFE2BFF59D5CBC50
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 0C5339CF23977DA0F38DB133DBBBF741
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Diário do Centro do Mundo | O que interessa e nada mais

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

385
Requests

83 %
HTTPS

45 %
IPv6

50
Domains

82
Subdomains

67
IPs

12
Countries

4704 kB
Transfer

13988 kB
Size

61
Cookies

83 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/diariodocentrodomundo/

Search URL Search Domain Scan URL

URL: https://twitter.com/dcm_online

Search URL Search Domain Scan URL

URL: https://www.facebook.com/diariodocentrodomundo/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/apoie/
Title: Apoie o DCM

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/ultimas-noticias/
Title: ÚLTIMAS

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/politica/
Title: POLÍTICA

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/brasil/
Title: BRASIL

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/mundo/
Title: MUNDO

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/midia/
Title: MÍDIA

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/comportamento/
Title: COMPORTAMENTO

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/cultura/
Title: CULTURA

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/economia/
Title: ECONOMIA

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/especiais-dcm/
Title: Especiais DCM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCutrj9cR0cNi2PfiTMGAWrA
Title: DCM TV

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/dcm-bahia/
Title: DCM Bahia

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/marco-temporal-e-vetado-por-lula/
Title: Projeto do Marco Temporal é vetado parcialmente por Lula

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/espionagem-na-abin-tinha-motivacoes-golpistas-dizem-agentes-da-pf/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/delegado-do-rio-e-preso-acusado-de-desviar-280-kg-de-cocaina/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/ministros-do-stf-e-adversarios-de-bolsonaro-foram-alvos-de-espionagem-da-abin/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/bancos-e-empresas-sofrem-ataques-ciberneticos-coordenados-por-causa-da-guerra-israel-hamas/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/primeira-ministra-da-italia-se-separa-do-marido-apos-suposta-traicao-ouca-audios/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/essencial/parlamentar-bolsonarista-quer-apagar-obra-exu-te-ama-de-museu-no-ce/
Title: Parlamentar bolsonarista quer apagar obra “Exu te Ama” de museu no CE

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/essencial/expulsao-de-sheherazade-pode-doer-no-bolso-da-record-entenda/
Title: Expulsão de Sheherazade pode doer no bolso da Record; entenda

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/essencial/marilia-gabriela-e-operada-as-pressas-para-tratar-prolapso-genital/
Title: Marília Gabriela é operada às pressas para tratar prolapso genital

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/essencial/deputada-bolsonarista-pede-aos-eua-que-cassem-o-visto-de-parlamentares-de-esquerda/
Title: Deputada bolsonarista pede aos EUA que cassem o visto de parlamentares de esquerda

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/essencial/golpe-do-tinder-empresario-e-baleado-ao-tentar-fugir-de-cilada-em-sp/
Title: Golpe do Tinder: empresário é baleado ao tentar fugir de cilada em SP

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/tarcisio-pode-cortar-r-9-bilhoes-da-educacao-em-sp-entenda/
Title: Tarcísio pode cortar R$ 9 bilhões da Educação em SP; entenda

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/abin-fez-mais-de-30-mil-acoes-ilegais-de-espionagem-durante-governo-bolsonaro/
Title: Abin fez mais de 30 mil ações ilegais de espionagem durante governo Bolsonaro

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/video-coordenadora-do-mbl-tem-casa-pichada-em-sp-fascista/
Title: VÍDEO – Coordenadora do MBL tem casa pichada em SP: “Fascista”

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/embaixador-de-israel-e-convocado-pelo-itamaraty-apos-atacar-lula-e-o-pt/
Title: Embaixador de Israel é convocado pelo Itamaraty após atacar Lula e o PT

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/dcm-ao-meio-dia-abin-de-bolsonaro-espionou-jornalistas/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/essencial-do-dcm-tv-eua-interceptam-misseis-lancados-por-aliados-do-ira-contra-israel-china-pede-solucao-justa/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/dcm-ao-meio-dia-governo-lula-tenta-aprovar-nova-resolucao-onu/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/essencial-do-dcm-tv-bolsonaristas-comemoram-veto-dos-eua-a-proposta-de-paz-do-brasil/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/categorias/brasil/
Title: Brasil

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/armas-roubadas-do-exercito-sao-devolvidas-pelo-comando-vermelho/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/filho-de-general-santos-cruz-e-alvo-de-operacao-da-pf-sobre-espionagem-ilegal-da-abin-de-bolsonaro/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/espionagem-ilegal-pf-apreende-us-170-mil-em-dinheiro-com-diretor-afastado-da-abin/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/categorias/analise-jornalistica/
Title: Mídia

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/comediante-egipcio-destroi-apresentador-de-tv-britanico-em-licao-sobre-israel-hamas-e-os-palestinos/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/bombardeio-de-hospital-lembra-a-mentira-de-israel-no-caso-de-jornalista-assassinada/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/jorge-pontual-diz-que-exercito-de-israel-nao-comete-crimes-de-guerra-advogados-checam-antes/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/jornalistas-da-bbc-sao-agredidos-pela-policia-de-israel/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/categorias/comportamento/
Title: Comportamento

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/a-tal-cura-gay-mata-por-erika-oliveira-de-paula/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/o-que-e-npc-febre-do-tik-tok-que-rende-dinheiro-para-quem-gosta-de-passar-vergonha/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/quem-e-wilson-aliano-o-idoso-que-ameacou-padre-julio-em-bilhete/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/o-que-larissa-manoela-e-lewis-hamilton-poderiam-ensinar-a-neymar-sobre-seu-pai-por-luan-araujo/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/categorias/mundo/
Title: Mundo

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/israel-ameaca-bombardear-hospital-com-12-mil-pessoas-diz-crescente-vermelho/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/acordo-entre-brasil-e-ue-preve-fundo-ambiental-de-r-639-bilhoes/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/israel-fechara-meios-de-comunicacao-criticos-que-supostamente-minam-seguranca-nacional/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/hamas-liberta-duas-refens-americanas-por-razoes-humanitarias/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/categorias/economia/
Title: Economia

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/preco-da-carne-deve-fechar-2023-com-a-maior-queda-desde-o-plano-real/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/bndes-ja-garantiu-r-65-bilhoes-para-apoiar-micro-pequenas-e-medias-empresas-em-2023/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/mtst-pede-taxacao-de-super-ricos-em-frente-a-empresa-de-paulo-guedes-em-sp/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/categorias/entretenimento/cultura/
Title: Cultura

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/sextou-com-bemvindo-sequeira-e-gustavo-mendes-3/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/1o-indigena-eleito-para-a-abi-krenak-reparacao-historica/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/essencial-do-dcm-sextou-com-bemvindo-sequeira-mib/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/essencial-do-dcm-sextou-com-bemvindo-sequeira-bruce-lee/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/web-stories/os-oito-maiores-doadores-das-eleicoes-2022/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/web-stories/como-uma-eleicao-termina-no-primeiro-turno/
Title: Como uma eleição termina no primeiro turno?

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/web-stories/a-trajetoria-da-rainha-elizabeth-ii-copia/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/web-stories/a-trajetoria-de-elizabeth-ii/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/web-stories/lula-defende-legado-jornal-nacional/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/categorias/esporte/
Title: Esporte

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/video-rebeca-andrade-supera-simone-biles-e-e-ouro-no-mundial-de-ginastica-artistica/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/tentam-me-apagar-ex-juiz-alvo-de-racismo-e-banido-de-evento-afro-da-federacao-gaucha-de-futebol/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/a-demissao-correta-da-assessora-de-anielle-que-ofendeu-paulistas-e-sao-paulinos/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/sao-paulo-e-flamengo-farao-final-sob-calor-atipico-na-capital-paulista/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/categorias/especiais-dcm/
Title: crowdfundings & projetos especiais

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/relatorios-de-moro-comprovam-participacao-do-fbi-na-lava-jato/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/eua-e-ira-disputam-vaga-na-copa-do-mundo-em-jogo-com-pesada-carga-politica/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/brasil-vence-por-2-a-0-a-servia-em-sua-estreia-na-copa-do-catar-veja-os-gols/

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/03/midia-kit-dcm-2023.pdf
Title: Midia kit

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/expediente/
Title: Expediente

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/contato/
Title: Fale conosco

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/sobre/
Title: Sobre nós

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/panorama-mundial-da-internet-2015/
Title: Panorama Mundial da Internet

Search URL Search Domain Scan URL

URL: https://www.ig.com.br/
Title: IG Último Segundo

Search URL Search Domain Scan URL

URL: https://www.diariodocentrodomundo.com.br/politica-de-privacidade/
Title: Política de Privacidade

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/tagreuters-com2023binary_lynxmpej8k00d-filedimage-600x400.webp HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/tagreuters-com2023binary_lynxmpej8k00d-filedimage-600x400.webp

Request Chain 21

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2022/03/stuckert-lula-reproducao-600x400.jpg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2022/03/stuckert-lula-reproducao-600x400.jpg

Request Chain 22

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/renato-mariano-600x400.webp HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/renato-mariano-600x400.webp

Request Chain 23

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/abin-pf-600x400.webp HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/abin-pf-600x400.webp

Request Chain 24

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/israel1-600x400.webp HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/israel1-600x400.webp

Request Chain 25

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/giorgia_meloni_lascia_andrea_giambruno_jpg_1600x900_crop_q85-600x400.webp HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/giorgia_meloni_lascia_andrea_giambruno_jpg_1600x900_crop_q85-600x400.webp

Request Chain 26

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/exuteama-600x400.jpg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/exuteama-600x400.jpg

Request Chain 27

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/record_rachel-600x400.jpg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/record_rachel-600x400.jpg

Request Chain 28

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/marilia-gabriela-600x400.webp HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/marilia-gabriela-600x400.webp

Request Chain 29

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/169772543965313bff41412_1697725439_3x2_lg-600x400.jpg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/169772543965313bff41412_1697725439_3x2_lg-600x400.jpg

Request Chain 30

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/golpe-do-tinder-600x400.jpg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/golpe-do-tinder-600x400.jpg

Request Chain 31

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/tarcisio-de-freitas-7-600x400.webp HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/tarcisio-de-freitas-7-600x400.webp

Request Chain 32

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/amanda-pichada-600x400.png HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/amanda-pichada-600x400.png

Request Chain 33

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/zonshine-e-bolsonaro-600x400.jpg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/zonshine-e-bolsonaro-600x400.jpg

Request Chain 34

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/dcm-ao-meio-dia-8-600x400.jpg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/dcm-ao-meio-dia-8-600x400.jpg

Request Chain 35

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/essencial_1910-600x400.jpg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/essencial_1910-600x400.jpg

Request Chain 36

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/dcm-ao-meio-dia-7-600x400.jpg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/dcm-ao-meio-dia-7-600x400.jpg

Request Chain 37

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/essencial_1810-600x400.jpg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/essencial_1810-600x400.jpg

Request Chain 38

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/104734706-ri-rio-de-janeiro-19-09-2023-oito-das-21-metralhadoras-do-exercito-que-foram-furtada-600x400.webp HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/104734706-ri-rio-de-janeiro-19-09-2023-oito-das-21-metralhadoras-do-exercito-que-foram-furtada-600x400.webp

Request Chain 39

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/ocinpasnca-600x400.png HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/ocinpasnca-600x400.png

Request Chain 40

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/1697806296653277d80f821_1697806296_3x2_md-600x400.jpg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/1697806296653277d80f821_1697806296_3x2_md-600x400.jpg

Request Chain 41

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/45465_1697616623-600x400.jpeg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/45465_1697616623-600x400.jpeg

Request Chain 42

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/shireen-abu-akleh-morte-al-jazeera-600x400.jpg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/shireen-abu-akleh-morte-al-jazeera-600x400.jpg

Request Chain 43

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/screenshot-2023-10-14-at-20-07-56-600x400.png HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/screenshot-2023-10-14-at-20-07-56-600x400.png

Request Chain 44

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/foto_destaque-600x400.jpg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/foto_destaque-600x400.jpg

Request Chain 45

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/karoleller001-jpeg-600x400.jpg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/karoleller001-jpeg-600x400.jpg

Request Chain 46

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/npc_1-600x400.jpg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/npc_1-600x400.jpg

Request Chain 47

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/08/idoso-18-600x400-1.webp HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/08/idoso-18-600x400-1.webp

Request Chain 48

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/08/o-que-larissa-lewis-poderiam-ensinar-neymar-600x400.jpg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/08/o-que-larissa-lewis-poderiam-ensinar-neymar-600x400.jpg

Request Chain 49

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/al-quds-hospital-gaza-20102023153400647-600x400.jpeg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/al-quds-hospital-gaza-20102023153400647-600x400.jpeg

Request Chain 50

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/120623-o-presidente-lula-e-a-presidente-da-comissao-europeia-ursula-von-der-leyen-em-encontro-no-palacio-do-planalto-1686589497247_v2_900x506-jpg-600x400.webp HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/120623-o-presidente-lula-e-a-presidente-da-comissao-europeia-ursula-von-der-leyen-em-encontro-no-palacio-do-planalto-1686589497247_v2_900x506-jpg-600x400.webp

Request Chain 51

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/netanyahu-600x400.jpeg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/netanyahu-600x400.jpeg

Request Chain 52

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/20231020145446437983a-600x400.jpg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/20231020145446437983a-600x400.jpg

Request Chain 53

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/08/friboi-canada-carnes-premium-600x400.jpg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/08/friboi-canada-carnes-premium-600x400.jpg

Request Chain 54

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/07/bndes-600x400.jpg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/07/bndes-600x400.jpg

Request Chain 55

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/mtst-protesto-600x400.jpg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/mtst-protesto-600x400.jpg

Request Chain 56

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/essencial_1310-600x400.jpg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/essencial_1310-600x400.jpg

Request Chain 57

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/ailton-krenak-600x400.jpg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/ailton-krenak-600x400.jpg

Request Chain 58

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/essencial-2-600x400.jpg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/essencial-2-600x400.jpg

Request Chain 59

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/essencial-dcm-1-600x400.jpg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/essencial-dcm-1-600x400.jpg

Request Chain 60

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/rebeca-ouro-600x400.png HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/rebeca-ouro-600x400.png

Request Chain 61

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/25424663-600x400.jpg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/25424663-600x400.jpg

Request Chain 62

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/assessora-anielle-sao-paulo-flamengo-600x400.webp HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/assessora-anielle-sao-paulo-flamengo-600x400.webp

Request Chain 63

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/copadobrasil-600x400.webp HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/copadobrasil-600x400.webp

Request Chain 64

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/05/capa-relatorios-moro-comprovam-participacao-fbi-lava-jato-600x400.jpg HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/05/capa-relatorios-moro-comprovam-participacao-fbi-lava-jato-600x400.jpg

Request Chain 65

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2022/11/2019-02-11t102037z-1921740306-rc1da6acd270-rtrmadp-3-iran-revolution-anniversary-rally-tasnim-news-agency-reuters-600x400.webp HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2022/11/2019-02-11t102037z-1921740306-rc1da6acd270-rtrmadp-3-iran-revolution-anniversary-rally-tasnim-news-agency-reuters-600x400.webp

Request Chain 66

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2022/11/richarlison-563580-600x400.webp HTTP 302
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2022/11/richarlison-563580-600x400.webp

Request Chain 121

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 178

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2ioYmuK5vzPZAFGq2ebG8&google_cver=1

Request Chain 179

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTMLf903l4bfY5Ld9GQndgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2ioYmuK5vzPZAFGq2ebG8&google_cver=1

Request Chain 180

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEG0_fT3d74cJBHb8D2_fUkQ&google_cver=1

Request Chain 181

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgxOTUyMzU2Njk3MTI3NjA0MQ%3D%3D

Request Chain 182

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2ioYmuK5vzPZAFGq2ebG8&google_cver=1

Request Chain 183

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTMLf903l4bfY5Ld9GQndgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2ioYmuK5vzPZAFGq2ebG8&google_cver=1

Request Chain 184

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEG0_fT3d74cJBHb8D2_fUkQ&google_cver=1

Request Chain 185

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgxOTUyMzU2Njk3MTI3NjA0MQ%3D%3D

Request Chain 212

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 225

https://hal900011.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=fbdd289bbf&subid=&uid=d9384111d84de849&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQGxCfwszZYfYGInE7gOgzpXADablvaBplZOcp8kP8C4QASDWzrdOYJWSoYKwB8gBCakC0I9ASjzGsT6oAwHIA5sEqgTNAk_Q9Um1bsz7vH6dHWUWDc2EFJn1XDQ181HZi_iTLKqpqMTfz2xbTqHV9-0w9vQ-7OAhXczeK9jgdzFUobJ5c3x-5Nn4UVqxvUEXfGnEaZFqxDb8CLBjNgw0oRFEpzrvkub9Leo9fsz8FLw1YudEMgfBsnISAy5t7ogWbQDJvf-xX8tYpK9KAQ-QYXSXzp_d5GdBIsYXg3pGrHE5OgzAUTgfprnfQXtddYLHB2kYCchWaKMMhp-A-Yi9jIYNRMY0GPXIMbZxxWu17XDe_H-kAVTlKo10nVu2_VaaRE7UurnIlAYYDLnbnG4UJ58hZgTkCtkLOmInW0g0T84GFiiugnvsnhU1gIRA0DoLt4ulM4jJsj32Bvki5CJZ9TErV1jOuoGOAboe-1A24NudPfeCeD9m1LuApdlp0yqSEi7YSFqxZeDxXVzXWqx5cCnUGcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tOTEyMzk1MDE0MDEwODg1NoAKA5gLAcgLAYAMAaIMDCoKCgjktLEC7rWxAqoNAkRF4g0TCLSpr5HihYIDFQmiewodIGcF2LATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNprOdktcOGjqltSMCgj6TGK4dVYy4CCRGFx_6OKmVVmSmE1JtqjkSnmyOk8vwn5EoMJ9iRaykk94kpf5MNad0zXenLZ8WmPMYAQ%26sig%3DAOD64_2mb2iE-6F5ON82C2UNMXSzdus5jw%26client%3Dca-pub-2845463438153782%26dbm_c%3DAKAmf-CwFznSN1WN3mVWHdDm9xxwqRmwLngXB6VDdlOGbQWx_AVqZqamuQiDUiFn3aITfQNoMM3INAz_JyTmznhOk51LBlAJIQaXtDbZCfCuymCgZHMq1gdlq5co-GSF0HJ2vaX9KwhsxFjbVgMKlNx-8QUTEW30uMLfX_aCnW1Wr13WVSh7uGY%26cry%3D1%26dbm_d%3DAKAmf-DOEVfxVBb8Ygej02ECbDDmsQ99Tr8emsQS-7nof_gl6oyMQedl1X2VJzlKreFNozUOQpHbw3niU4A6bSKxelJ89F-98_9wy3ijojwR9dF69GpoH1K29D0OC3yDseyHuJrbOXh3i_RnESfoQnpRtKDy3mE59tvmVHCurad3RzvB_vMUa8rkH00utNmznr9NPSw08DLOllIByhRbRCZvvfNnk68qWCAxFBU6jrhY82iCwqz6k4FCvFAs29Jz1lo6ZY90fVJAr0ARceJ4vI8VzIGpJFB0UYPi6Im_slJpfMrLnZ-QF_p0P3ceDPk80o0LX1ayh2b7_mPHDxVXYG9OnGlBgV-kZpf0vbC7fcOTvLF3i26BVjZLctrmdAq5ccaxmlBF8JhFywOLXOZhrKBfaOYjT1Kad6Vq-iCduARqPKFwT6sQCP3CkBHivlee0TVdXgJrQDO4EyUqMzs94YQ1GthFxIptlkf4HjVn8z8kd_oQxpzeUK__YAvVIxqFxp6FiS5QXACBVDClO4x51WXvWPKHlsUCPKVMPmjK--nsSOzAs5VeiiTHSU6EkH1TZ8hVDqxdKIJW%26adurl%3D&documentReferer=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br&random=7685693624757&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900011.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=fbdd289bbf&subid=&uid=d9384111d84de849&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQGxCfwszZYfYGInE7gOgzpXADablvaBplZOcp8kP8C4QASDWzrdOYJWSoYKwB8gBCakC0I9ASjzGsT6oAwHIA5sEqgTNAk_Q9Um1bsz7vH6dHWUWDc2EFJn1XDQ181HZi_iTLKqpqMTfz2xbTqHV9-0w9vQ-7OAhXczeK9jgdzFUobJ5c3x-5Nn4UVqxvUEXfGnEaZFqxDb8CLBjNgw0oRFEpzrvkub9Leo9fsz8FLw1YudEMgfBsnISAy5t7ogWbQDJvf-xX8tYpK9KAQ-QYXSXzp_d5GdBIsYXg3pGrHE5OgzAUTgfprnfQXtddYLHB2kYCchWaKMMhp-A-Yi9jIYNRMY0GPXIMbZxxWu17XDe_H-kAVTlKo10nVu2_VaaRE7UurnIlAYYDLnbnG4UJ58hZgTkCtkLOmInW0g0T84GFiiugnvsnhU1gIRA0DoLt4ulM4jJsj32Bvki5CJZ9TErV1jOuoGOAboe-1A24NudPfeCeD9m1LuApdlp0yqSEi7YSFqxZeDxXVzXWqx5cCnUGcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tOTEyMzk1MDE0MDEwODg1NoAKA5gLAcgLAYAMAaIMDCoKCgjktLEC7rWxAqoNAkRF4g0TCLSpr5HihYIDFQmiewodIGcF2LATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNprOdktcOGjqltSMCgj6TGK4dVYy4CCRGFx_6OKmVVmSmE1JtqjkSnmyOk8vwn5EoMJ9iRaykk94kpf5MNad0zXenLZ8WmPMYAQ%26sig%3DAOD64_2mb2iE-6F5ON82C2UNMXSzdus5jw%26client%3Dca-pub-2845463438153782%26dbm_c%3DAKAmf-CwFznSN1WN3mVWHdDm9xxwqRmwLngXB6VDdlOGbQWx_AVqZqamuQiDUiFn3aITfQNoMM3INAz_JyTmznhOk51LBlAJIQaXtDbZCfCuymCgZHMq1gdlq5co-GSF0HJ2vaX9KwhsxFjbVgMKlNx-8QUTEW30uMLfX_aCnW1Wr13WVSh7uGY%26cry%3D1%26dbm_d%3DAKAmf-DOEVfxVBb8Ygej02ECbDDmsQ99Tr8emsQS-7nof_gl6oyMQedl1X2VJzlKreFNozUOQpHbw3niU4A6bSKxelJ89F-98_9wy3ijojwR9dF69GpoH1K29D0OC3yDseyHuJrbOXh3i_RnESfoQnpRtKDy3mE59tvmVHCurad3RzvB_vMUa8rkH00utNmznr9NPSw08DLOllIByhRbRCZvvfNnk68qWCAxFBU6jrhY82iCwqz6k4FCvFAs29Jz1lo6ZY90fVJAr0ARceJ4vI8VzIGpJFB0UYPi6Im_slJpfMrLnZ-QF_p0P3ceDPk80o0LX1ayh2b7_mPHDxVXYG9OnGlBgV-kZpf0vbC7fcOTvLF3i26BVjZLctrmdAq5ccaxmlBF8JhFywOLXOZhrKBfaOYjT1Kad6Vq-iCduARqPKFwT6sQCP3CkBHivlee0TVdXgJrQDO4EyUqMzs94YQ1GthFxIptlkf4HjVn8z8kd_oQxpzeUK__YAvVIxqFxp6FiS5QXACBVDClO4x51WXvWPKHlsUCPKVMPmjK--nsSOzAs5VeiiTHSU6EkH1TZ8hVDqxdKIJW%26adurl%3D&documentReferer=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br&random=7685693624757&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 264

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4508107646724.22 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CP-5mZLihYIDFRwXBgAdyRQPUA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4508107646724.22

Request Chain 267

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELiO4B26VrSyX_p4keQ_rjE&google_cver=1

Request Chain 269

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEG12jNttYzjs7uX0vB5ZdJM&google_cver=1

Request Chain 330

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEIAEiwiLXTzi2-ZupoR-sCw&google_cver=1

Request Chain 380

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F

Request Chain 381

https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1697844099242 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=7579829842 HTTP 302
https://sync.1rx.io/usersync/turn/3854831900112456153?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-0441b874-5190-4856-9a1c-f22c1c229b86-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-0441b874-5190-4856-9a1c-f22c1c229b86-003 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-0441b874-5190-4856-9a1c-f22c1c229b86-003

Request Chain 382

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=-7060205663746123815 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/betweenx/9f3c04dd-ed34-5226-979f-d44df2acdfce

Request Chain 385

https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230 HTTP 302
https://dis.criteo.com/dis/usersync.aspx?r=73&p=230&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fgdprapplies%3d0%26gdpr%3d%26redir%3dhttps%253A%252F%252Fcsync.smilewanted.com%252Fset_partner_userid_get%252Fcriteo%252F%2524%257BCRITEO_USER_ID%257D%26profile%3d230%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=&gpp= HTTP 302
https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24{CRITEO_USER_ID}&profile=230&uid=14935f16-5647-4149-8abf-2cd0e78e872b&dised=true&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?ssp=criteo&custom_data=-3zeUV9vZDZQZmZwS1dMOFd4TU81aHBOZ0NsTDVUNlJQVHlBaERPSDVlaEVveE53dFZ3V2JMbjVWaFhRaHhhTkZlSmIxMkUzeTRja0xYclB5NGtTR2taTVE5UTRTYTNsbFo5Z2E5ekJUd0toN0hzNVQlMkZLSXZpJTJGeHpteTJnRkszaUZCY2lFREJKJTJCVmlHc1VNbDdiJTJCcUhSUFQxVlR0ZEZtS2pRMm54Y2lYMllhbDF0MXI3cUs4T1BTYmI5cFZwSWZLdGxRcw&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-jSjbqz_Bi6P6Q3dJZvp3rkQZ4qy6UByh_Ic9uQ HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=-3zeUV9vZDZQZmZwS1dMOFd4TU81aHBOZ0NsTDVUNlJQVHlBaERPSDVlaEVveE53dFZ3V2JMbjVWaFhRaHhhTkZlSmIxMkUzeTRja0xYclB5NGtTR2taTVE5UTRTYTNsbFo5Z2E5ekJUd0toN0hzNVQlMkZLSXZpJTJGeHpteTJnRkszaUZCY2lFREJKJTJCVmlHc1VNbDdiJTJCcUhSUFQxVlR0ZEZtS2pRMm54Y2lYMllhbDF0MXI3cUs4T1BTYmI5cFZwSWZLdGxRcw&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-jSjbqz_Bi6P6Q3dJZvp3rkQZ4qy6UByh_Ic9uQ HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=9d242d4d-2bb3-4e7e-b003-36bab045c692&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=9d242d4d-2bb3-4e7e-b003-36bab045c692&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=2c301c4b-5494-4b8f-bd14-9f493f978116&ssp=criteo

Request Chain 386

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/freewheel/c33a802290cbae4028c818a5bdb7b1b?gdpr_consent=&gdpr=0

385 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
controle.diariodocentrodomundo.com.br/ 118 KB
20 KB 934ms
631ms Document
text/html 190.89.239.238
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.89.239.238 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us373.serverdo.in
Software: nginx/1.24.0 /
Resource Hash: 13e66b6fa2fc157f6883f7eca9b1e59c460b3a1fd11e90daa01a3127af161d53

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 20 Oct 2023 23:21:33 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://controle.diariodocentrodomundo.com.br/wp-json/>; rel="https://api.w.org/" <https://controle.diariodocentrodomundo.com.br/wp-json/wp/v2/pages/54145>; rel="alternate"; type="application/json" <https://www.diariodocentrodomundo.com.br/>; rel=shortlink
pragma: no-cache
server: nginx/1.24.0
vary: Accept-Encoding

GET
H2 200 style.min.css
controle.diariodocentrodomundo.com.br/wp-includes/css/dist/block-library/ 95 KB
13 KB 138ms
134ms Stylesheet
text/css 190.89.239.238
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodocentrodomundo.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.2
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.89.239.238 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us373.serverdo.in
Software: nginx/1.24.0 /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:33 GMT
content-encoding: gzip
last-modified: Mon, 15 May 2023 18:48:52 GMT
server: nginx/1.24.0
etag: W/"64627e94-17ced"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 classic-themes.min.css
controle.diariodocentrodomundo.com.br/wp-includes/css/ 291 B
345 B 139ms
135ms Stylesheet
text/css 190.89.239.238
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodocentrodomundo.com.br/wp-includes/css/classic-themes.min.css?ver=6.2
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.89.239.238 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us373.serverdo.in
Software: nginx/1.24.0 /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:33 GMT
content-encoding: gzip
last-modified: Mon, 15 May 2023 18:48:52 GMT
server: nginx/1.24.0
etag: W/"64627e94-123"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 dcm-theme-handler-public.css
controle.diariodocentrodomundo.com.br/wp-content/plugins/dcm-theme-handler/public/css/ 98 B
221 B 139ms
135ms Stylesheet
text/css 190.89.239.238
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodocentrodomundo.com.br/wp-content/plugins/dcm-theme-handler/public/css/dcm-theme-handler-public.css?ver=1.0.0
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.89.239.238 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us373.serverdo.in
Software: nginx/1.24.0 /
Resource Hash: 547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:33 GMT
last-modified: Thu, 08 Sep 2022 04:05:53 GMT
server: nginx/1.24.0
accept-ranges: bytes
etag: "63196a21-62"
content-length: 98
content-type: text/css

GET
H2 200 front.min.css
controle.diariodocentrodomundo.com.br/wp-content/plugins/cookie-notice/css/ 5 KB
1 KB 262ms
258ms Stylesheet
text/css 190.89.239.238
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodocentrodomundo.com.br/wp-content/plugins/cookie-notice/css/front.min.css?ver=6.2
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.89.239.238 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us373.serverdo.in
Software: nginx/1.24.0 /
Resource Hash: f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:33 GMT
content-encoding: gzip
last-modified: Thu, 31 Aug 2023 14:57:14 GMT
server: nginx/1.24.0
etag: W/"64f0aa4a-14d6"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 js_composer.min.css
controle.diariodocentrodomundo.com.br/wp-content/plugins/js_composer/assets/css/ 474 KB
45 KB 263ms
259ms Stylesheet
text/css 190.89.239.238
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodocentrodomundo.com.br/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.8.0
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.89.239.238 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us373.serverdo.in
Software: nginx/1.24.0 /
Resource Hash: 521457922129a04fbc4524021ac47021659a1e1931c5dfe1a0e13be5dcaaefba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:33 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 12:50:25 GMT
server: nginx/1.24.0
etag: W/"623b1791-76891"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 main.css
controle.diariodocentrodomundo.com.br/wp-content/themes/v2-dcm/dist/styles/ 300 KB
34 KB 273ms
269ms Stylesheet
text/css 190.89.239.238
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodocentrodomundo.com.br/wp-content/themes/v2-dcm/dist/styles/main.css
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.89.239.238 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us373.serverdo.in
Software: nginx/1.24.0 /
Resource Hash: 26218cb3014fd037f084f500adf0a20fd3d8f47fc1c05a3b911d54dbdb869aa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:33 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2022 05:44:49 GMT
server: nginx/1.24.0
etag: W/"6316de51-4ae69"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 jquery.min.js Show response
controle.diariodocentrodomundo.com.br/wp-includes/js/jquery/ 88 KB
31 KB 391ms
388ms Script
application/javascript 190.89.239.238
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodocentrodomundo.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.89.239.238 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us373.serverdo.in
Software: nginx/1.24.0 /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:33 GMT
content-encoding: gzip
last-modified: Mon, 15 May 2023 18:48:52 GMT
server: nginx/1.24.0
etag: W/"64627e94-15ed7"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
controle.diariodocentrodomundo.com.br/wp-includes/js/jquery/ 13 KB
5 KB 400ms
397ms Script
application/javascript 190.89.239.238
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodocentrodomundo.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.89.239.238 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us373.serverdo.in
Software: nginx/1.24.0 /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:33 GMT
content-encoding: gzip
last-modified: Mon, 15 May 2023 18:48:52 GMT
server: nginx/1.24.0
etag: W/"64627e94-3470"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 dcm-theme-handler-public.js Show response
controle.diariodocentrodomundo.com.br/wp-content/plugins/dcm-theme-handler/public/js/ 838 B
624 B 401ms
398ms Script
application/javascript 190.89.239.238
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodocentrodomundo.com.br/wp-content/plugins/dcm-theme-handler/public/js/dcm-theme-handler-public.js?ver=1.0.0
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.89.239.238 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us373.serverdo.in
Software: nginx/1.24.0 /
Resource Hash: 57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:33 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 04:05:53 GMT
server: nginx/1.24.0
etag: W/"63196a21-346"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 diariodocentrodomundo.js Show response
tags.juicebarads.com/js/ 76 KB
22 KB 243ms
227ms Script
application/javascript 190.89.238.88
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.juicebarads.com/js/diariodocentrodomundo.js?v=1697844092&ver=6.2

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.89.238.88 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),

Reverse DNS

br204.serverdo.in

Software

nginx /

Resource Hash

4dfd6dba6688605c98bc2a7b75895f83f13d0fea3384613001a845cdde222c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	âDENYâ
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 19 Oct 2023 18:35:59 GMT
server: nginx
content-encoding: gzip
etag: W/"6531770f-12e9e"
vary: Accept-Encoding
x-frame-options: âDENYâ
content-type: application/javascript
x-xss-protection: 1; mode=block

GET style.css
www.diariodocentrodomundo.com.br/wp-content/themes/Newsmag/ 0
0

GET
H2 200 diariodocentrodomundo.js Show response
tags.juicebarads.com/js/ 76 KB
22 KB 687ms
224ms Script
application/javascript 190.89.238.88
Under Servicos de...

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.juicebarads.com/js/diariodocentrodomundo.js

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.89.238.88 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),

Reverse DNS

br204.serverdo.in

Software

nginx /

Resource Hash

4dfd6dba6688605c98bc2a7b75895f83f13d0fea3384613001a845cdde222c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	âDENYâ
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 19 Oct 2023 18:35:59 GMT
server: nginx
content-encoding: gzip
etag: W/"6531770f-12e9e"
vary: Accept-Encoding
x-frame-options: âDENYâ
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 114ms
52ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8410d6e14af3dedaee1f2e1607413f7e0425e0994f15820235bfffffb0f59b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29209
x-xss-protection: 0
server: cafe
etag: 419 / 19650 / 31078968 / config-hash: 4808689989001815818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 23:21:33 GMT

GET
H2 200 swg-basic.js Show response
news.google.com/swg/js/v1/ 246 KB
71 KB 111ms
28ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-basic.js

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0cf859681c6d2bc6c8329066a7639ec52932f654e43a161b4a7af96fc7237ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:20:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72296
x-xss-protection: 0
last-modified: Thu, 19 Oct 2023 00:02:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sat, 21 Oct 2023 00:10:14 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
902 B 95ms
34ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans&family=Oswald:wght@400;500&display=swap

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

925af85c767a5f924eaa2f39a50ebeac3957791ca9860c4f025d356604c11ff6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 23:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 23:21:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 23:21:33 GMT

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 94ms
33ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;700&display=swap

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1378a98d9f8a65ca651ebf805935ecd6ce3cbc433b9ea4ea9feea97487d42d90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 23:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 22:51:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 23:21:33 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
529 B 99ms
39ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Anton&display=swap

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eef2d843b6778b710b40edb636b588fa4ccc8975a29cef25ac3125b96cc778cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 23:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 21:38:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 23:21:33 GMT

GET
H2 200 logo-dcm.png
controle.diariodocentrodomundo.com.br/wp-content/themes/v2-dcm/dist/images/ 10 KB
10 KB 401ms
399ms Image
image/png 190.89.239.238
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodocentrodomundo.com.br/wp-content/themes/v2-dcm/dist/images/logo-dcm.png
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.89.239.238 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us373.serverdo.in
Software: nginx/1.24.0 /
Resource Hash: e8e5cf0256c8aaa31bc7c44b0a98d9372a3a8891350494b18e1d5fd85dee188b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:33 GMT
last-modified: Tue, 06 Sep 2022 05:44:49 GMT
server: nginx/1.24.0
accept-ranges: bytes
etag: "6316de51-280c"
content-length: 10252
content-type: image/png

GET
H2 200 logo-dcm-mobile.png
controle.diariodocentrodomundo.com.br/wp-content/themes/v2-dcm/dist/images/ 5 KB
5 KB 401ms
399ms Image
image/png 190.89.239.238
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodocentrodomundo.com.br/wp-content/themes/v2-dcm/dist/images/logo-dcm-mobile.png
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.89.239.238 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us373.serverdo.in
Software: nginx/1.24.0 /
Resource Hash: 12361e37780b64baaf947147ddcb46d7377e0c2f1d17a3751d3b7dfd878bdabf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:33 GMT
last-modified: Tue, 06 Sep 2022 05:44:49 GMT
server: nginx/1.24.0
accept-ranges: bytes
etag: "6316de51-1538"
content-length: 5432
content-type: image/png

GET
H2 200 search-form-icon.png
controle.diariodocentrodomundo.com.br/wp-content/themes/v2-dcm/dist/images/ 407 B
532 B 127ms
127ms Image
image/png 190.89.239.238
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controle.diariodocentrodomundo.com.br/wp-content/themes/v2-dcm/dist/images/search-form-icon.png
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.89.239.238 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us373.serverdo.in
Software: nginx/1.24.0 /
Resource Hash: 2fcd2d5345742ca74d01b6c75ed42853d2cc9e2beab67d80825c9f4887df8516

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:33 GMT
last-modified: Tue, 06 Sep 2022 05:44:49 GMT
server: nginx/1.24.0
accept-ranges: bytes
etag: "6316de51-197"
content-length: 407
content-type: image/png

GET

tagreuters-com2023binary_lynxmpej8k00d-filedimage-600x400.webp
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/tagreuters-com2023binary_lynxmpej8k00d-filedimage-600x400.webp
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/tagreuters-com2023binary_lynxmpej8k00d-filedimage-600x400.webp

0
0

GET

stuckert-lula-reproducao-600x400.jpg
www.diariodocentrodomundo.com.br/wp-content/uploads/2022/03/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2022/03/stuckert-lula-reproducao-600x400.jpg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2022/03/stuckert-lula-reproducao-600x400.jpg

0
0

GET

renato-mariano-600x400.webp
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/renato-mariano-600x400.webp
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/renato-mariano-600x400.webp

0
0

GET

abin-pf-600x400.webp
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/abin-pf-600x400.webp
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/abin-pf-600x400.webp

0
0

GET

israel1-600x400.webp
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/israel1-600x400.webp
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/israel1-600x400.webp

0
0

GET

giorgia_meloni_lascia_andrea_giambruno_jpg_1600x900_crop_q85-600x400.webp
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/giorgia_meloni_lascia_andrea_giambruno_jpg_1600x900_crop_q85-600x400.webp
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/giorgia_meloni_lascia_andrea_giambruno_jpg_1600x900_crop_q85-600x400.webp

0
0

GET

exuteama-600x400.jpg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/exuteama-600x400.jpg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/exuteama-600x400.jpg

0
0

GET

record_rachel-600x400.jpg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/record_rachel-600x400.jpg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/record_rachel-600x400.jpg

0
0

GET

marilia-gabriela-600x400.webp
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/marilia-gabriela-600x400.webp
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/marilia-gabriela-600x400.webp

0
0

GET

169772543965313bff41412_1697725439_3x2_lg-600x400.jpg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/169772543965313bff41412_1697725439_3x2_lg-600x400.jpg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/169772543965313bff41412_1697725439_3x2_lg-600x400.jpg

0
0

GET

golpe-do-tinder-600x400.jpg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/golpe-do-tinder-600x400.jpg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/golpe-do-tinder-600x400.jpg

0
0

GET

tarcisio-de-freitas-7-600x400.webp
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/tarcisio-de-freitas-7-600x400.webp
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/tarcisio-de-freitas-7-600x400.webp

0
0

GET

amanda-pichada-600x400.png
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/amanda-pichada-600x400.png
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/amanda-pichada-600x400.png

0
0

GET

zonshine-e-bolsonaro-600x400.jpg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/zonshine-e-bolsonaro-600x400.jpg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/zonshine-e-bolsonaro-600x400.jpg

0
0

GET

dcm-ao-meio-dia-8-600x400.jpg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/dcm-ao-meio-dia-8-600x400.jpg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/dcm-ao-meio-dia-8-600x400.jpg

0
0

GET

essencial_1910-600x400.jpg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/essencial_1910-600x400.jpg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/essencial_1910-600x400.jpg

0
0

GET

dcm-ao-meio-dia-7-600x400.jpg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/dcm-ao-meio-dia-7-600x400.jpg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/dcm-ao-meio-dia-7-600x400.jpg

0
0

GET

essencial_1810-600x400.jpg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/essencial_1810-600x400.jpg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/essencial_1810-600x400.jpg

0
0

GET

104734706-ri-rio-de-janeiro-19-09-2023-oito-das-21-metralhadoras-do-exercito-que-foram-furtada-600x400.webp
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/104734706-ri-rio-de-janeiro-19-09-2023-oito-das-21-metralhadoras-do-exercito-que-foram-furtada-600x400.webp
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/104734706-ri-rio-de-janeiro-19-09-2023-oito-das-21-metralhadoras-do-exercito-que-foram-furtada-600x400.webp

0
0

GET

ocinpasnca-600x400.png
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/ocinpasnca-600x400.png
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/ocinpasnca-600x400.png

0
0

GET

1697806296653277d80f821_1697806296_3x2_md-600x400.jpg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/1697806296653277d80f821_1697806296_3x2_md-600x400.jpg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/1697806296653277d80f821_1697806296_3x2_md-600x400.jpg

0
0

GET

45465_1697616623-600x400.jpeg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/45465_1697616623-600x400.jpeg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/45465_1697616623-600x400.jpeg

0
0

GET

shireen-abu-akleh-morte-al-jazeera-600x400.jpg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/shireen-abu-akleh-morte-al-jazeera-600x400.jpg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/shireen-abu-akleh-morte-al-jazeera-600x400.jpg

0
0

GET

screenshot-2023-10-14-at-20-07-56-600x400.png
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/screenshot-2023-10-14-at-20-07-56-600x400.png
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/screenshot-2023-10-14-at-20-07-56-600x400.png

0
0

GET

foto_destaque-600x400.jpg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/foto_destaque-600x400.jpg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/foto_destaque-600x400.jpg

0
0

GET

karoleller001-jpeg-600x400.jpg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/karoleller001-jpeg-600x400.jpg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/karoleller001-jpeg-600x400.jpg

0
0

GET

npc_1-600x400.jpg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/npc_1-600x400.jpg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/npc_1-600x400.jpg

0
0

GET

idoso-18-600x400-1.webp
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/08/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/08/idoso-18-600x400-1.webp
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/08/idoso-18-600x400-1.webp

0
0

GET

o-que-larissa-lewis-poderiam-ensinar-neymar-600x400.jpg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/08/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/08/o-que-larissa-lewis-poderiam-ensinar-neymar-600x400.jpg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/08/o-que-larissa-lewis-poderiam-ensinar-neymar-600x400.jpg

0
0

GET

al-quds-hospital-gaza-20102023153400647-600x400.jpeg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/al-quds-hospital-gaza-20102023153400647-600x400.jpeg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/al-quds-hospital-gaza-20102023153400647-600x400.jpeg

0
0

GET

120623-o-presidente-lula-e-a-presidente-da-comissao-europeia-ursula-von-der-leyen-em-encontro-no-palacio-do-planalto-1686589497247_v2_900x506-jpg-600x400.webp
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/120623-o-presidente-lula-e-a-presidente-da-comissao-europeia-ursula-von-der-leyen-em-encontro-no-palacio-do-planalto-1686589...
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/120623-o-presidente-lula-e-a-presidente-da-comissao-europeia-ursula-von-der-leyen-em-encontro-no-palacio-do-planalto-168658949724...

0
0

GET

netanyahu-600x400.jpeg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/netanyahu-600x400.jpeg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/netanyahu-600x400.jpeg

0
0

GET

20231020145446437983a-600x400.jpg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/20231020145446437983a-600x400.jpg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/20231020145446437983a-600x400.jpg

0
0

GET

friboi-canada-carnes-premium-600x400.jpg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/08/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/08/friboi-canada-carnes-premium-600x400.jpg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/08/friboi-canada-carnes-premium-600x400.jpg

0
0

GET

bndes-600x400.jpg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/07/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/07/bndes-600x400.jpg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/07/bndes-600x400.jpg

0
0

GET

mtst-protesto-600x400.jpg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/mtst-protesto-600x400.jpg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/mtst-protesto-600x400.jpg

0
0

GET

essencial_1310-600x400.jpg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/essencial_1310-600x400.jpg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/essencial_1310-600x400.jpg

0
0

GET

ailton-krenak-600x400.jpg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/ailton-krenak-600x400.jpg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/ailton-krenak-600x400.jpg

0
0

GET

essencial-2-600x400.jpg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/essencial-2-600x400.jpg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/essencial-2-600x400.jpg

0
0

GET

essencial-dcm-1-600x400.jpg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/essencial-dcm-1-600x400.jpg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/essencial-dcm-1-600x400.jpg

0
0

GET

rebeca-ouro-600x400.png
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/rebeca-ouro-600x400.png
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/rebeca-ouro-600x400.png

0
0

GET

25424663-600x400.jpg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/25424663-600x400.jpg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/25424663-600x400.jpg

0
0

GET

assessora-anielle-sao-paulo-flamengo-600x400.webp
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/assessora-anielle-sao-paulo-flamengo-600x400.webp
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/assessora-anielle-sao-paulo-flamengo-600x400.webp

0
0

GET

copadobrasil-600x400.webp
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/copadobrasil-600x400.webp
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/copadobrasil-600x400.webp

0
0

GET

capa-relatorios-moro-comprovam-participacao-fbi-lava-jato-600x400.jpg
www.diariodocentrodomundo.com.br/wp-content/uploads/2023/05/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2023/05/capa-relatorios-moro-comprovam-participacao-fbi-lava-jato-600x400.jpg
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/05/capa-relatorios-moro-comprovam-participacao-fbi-lava-jato-600x400.jpg

0
0

GET

2019-02-11t102037z-1921740306-rc1da6acd270-rtrmadp-3-iran-revolution-anniversary-rally-tasnim-news-agency-reuters-600x400.webp
www.diariodocentrodomundo.com.br/wp-content/uploads/2022/11/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2022/11/2019-02-11t102037z-1921740306-rc1da6acd270-rtrmadp-3-iran-revolution-anniversary-rally-tasnim-news-agency-reuters-600x400.webp
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2022/11/2019-02-11t102037z-1921740306-rc1da6acd270-rtrmadp-3-iran-revolution-anniversary-rally-tasnim-news-agency-reuters-600x400.webp

0
0

GET

richarlison-563580-600x400.webp
www.diariodocentrodomundo.com.br/wp-content/uploads/2022/11/
Redirect Chain

https://controle.diariodocentrodomundo.com.br/wp-content/uploads/2022/11/richarlison-563580-600x400.webp
https://www.diariodocentrodomundo.com.br/wp-content/uploads/2022/11/richarlison-563580-600x400.webp

0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
64 KB 111ms
41ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-33507983-1

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2baed425dd0f5479f5a6b0d55d4d485466c3550b7ce4ee546ac8bdad1ed156cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65206
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 22:18:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 20 Oct 2023 23:21:34 GMT

GET
H2 200 web-stories-carousel.css
controle.diariodocentrodomundo.com.br/wp-content/plugins/web-stories/assets/css/ 2 KB
836 B 137ms
137ms Stylesheet
text/css 190.89.239.238
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodocentrodomundo.com.br/wp-content/plugins/web-stories/assets/css/web-stories-carousel.css?ver=138af3cab395c6a9a527
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.89.239.238 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us373.serverdo.in
Software: nginx/1.24.0 /
Resource Hash: b5e98a07cf259dab27425ba4955f304c780f9ba143bf6f49299db4e426b91361

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:33 GMT
content-encoding: gzip
last-modified: Mon, 15 May 2023 18:51:41 GMT
server: nginx/1.24.0
etag: W/"64627f3d-6fa"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 web-stories-list-styles.css
controle.diariodocentrodomundo.com.br/wp-content/plugins/web-stories/assets/css/ 13 KB
3 KB 140ms
140ms Stylesheet
text/css 190.89.239.238
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodocentrodomundo.com.br/wp-content/plugins/web-stories/assets/css/web-stories-list-styles.css?ver=1.32.0
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.89.239.238 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us373.serverdo.in
Software: nginx/1.24.0 /
Resource Hash: 4d60785fbe6224b14b175bbfdd66dba285ecf8a450e2d9a1caf70a96d81c0dd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:33 GMT
content-encoding: gzip
last-modified: Mon, 15 May 2023 18:51:41 GMT
server: nginx/1.24.0
etag: W/"64627f3d-321d"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 amp-story-player-v0.css
cdn.ampproject.org/ 1 KB
1 KB 114ms
34ms Stylesheet
text/css 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/amp-story-player-v0.css?ver=v0

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 20 Oct 2023 23:21:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 433
x-xss-protection: 0
server: sffe
etag: "6562de6f4aaa40a0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 20 Oct 2023 23:21:34 GMT

GET
H2 200 front.min.js Show response
controle.diariodocentrodomundo.com.br/wp-content/plugins/cookie-notice/js/ 8 KB
2 KB 200ms
190ms Script
application/javascript 190.89.239.238
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodocentrodomundo.com.br/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.10
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.89.239.238 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us373.serverdo.in
Software: nginx/1.24.0 /
Resource Hash: 08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:34 GMT
content-encoding: gzip
last-modified: Thu, 31 Aug 2023 14:57:14 GMT
server: nginx/1.24.0
etag: W/"64f0aa4a-21fc"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 main.js Show response
controle.diariodocentrodomundo.com.br/wp-content/themes/v2-dcm/dist/scripts/ 323 KB
55 KB 149ms
148ms Script
application/javascript 190.89.239.238
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodocentrodomundo.com.br/wp-content/themes/v2-dcm/dist/scripts/main.js
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.89.239.238 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us373.serverdo.in
Software: nginx/1.24.0 /
Resource Hash: c710fc3285d3e2038d27dafe77e59956ecb61a69f18d28c0957eabd9b4abdd88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:34 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2022 05:44:49 GMT
server: nginx/1.24.0
etag: W/"6316de51-50c49"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 106ms
36ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.2

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:34 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1687
etag: W/"2a3bbde818bef34d53a0df862ead5d5f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8194ff74e9a39186-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Mon, 23 Oct 2023 23:21:34 GMT

GET
H2 200 wp-polyfill-inert.min.js Show response
controle.diariodocentrodomundo.com.br/wp-includes/js/dist/vendor/ 8 KB
3 KB 139ms
138ms Script
application/javascript 190.89.239.238
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodocentrodomundo.com.br/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.89.239.238 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us373.serverdo.in
Software: nginx/1.24.0 /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:34 GMT
content-encoding: gzip
last-modified: Mon, 15 May 2023 18:48:52 GMT
server: nginx/1.24.0
etag: W/"64627e94-1feb"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 regenerator-runtime.min.js Show response
controle.diariodocentrodomundo.com.br/wp-includes/js/dist/vendor/ 6 KB
3 KB 150ms
134ms Script
application/javascript 190.89.239.238
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodocentrodomundo.com.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.89.239.238 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us373.serverdo.in
Software: nginx/1.24.0 /
Resource Hash: 6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:34 GMT
content-encoding: gzip
last-modified: Mon, 15 May 2023 18:48:52 GMT
server: nginx/1.24.0
etag: W/"64627e94-19cf"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 wp-polyfill.min.js Show response
controle.diariodocentrodomundo.com.br/wp-includes/js/dist/vendor/ 17 KB
7 KB 155ms
138ms Script
application/javascript 190.89.239.238
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodocentrodomundo.com.br/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.89.239.238 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us373.serverdo.in
Software: nginx/1.24.0 /
Resource Hash: 1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:34 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 01:39:38 GMT
server: nginx/1.24.0
etag: W/"638562da-459f"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 dom-ready.min.js Show response
controle.diariodocentrodomundo.com.br/wp-includes/js/dist/ 498 B
476 B 156ms
139ms Script
application/javascript 190.89.239.238
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodocentrodomundo.com.br/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.89.239.238 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us373.serverdo.in
Software: nginx/1.24.0 /
Resource Hash: 166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:34 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 01:39:38 GMT
server: nginx/1.24.0
etag: W/"638562da-1f2"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 hooks.min.js Show response
controle.diariodocentrodomundo.com.br/wp-includes/js/dist/ 5 KB
2 KB 157ms
141ms Script
application/javascript 190.89.239.238
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodocentrodomundo.com.br/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.89.239.238 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us373.serverdo.in
Software: nginx/1.24.0 /
Resource Hash: 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:34 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 01:39:38 GMT
server: nginx/1.24.0
etag: W/"638562da-132e"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 i18n.min.js Show response
controle.diariodocentrodomundo.com.br/wp-includes/js/dist/ 10 KB
4 KB 158ms
142ms Script
application/javascript 190.89.239.238
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodocentrodomundo.com.br/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.89.239.238 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us373.serverdo.in
Software: nginx/1.24.0 /
Resource Hash: 01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:34 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 01:39:38 GMT
server: nginx/1.24.0
etag: W/"638562da-27f6"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 web-stories-carousel.js Show response
controle.diariodocentrodomundo.com.br/wp-content/plugins/web-stories/assets/js/ 10 KB
4 KB 159ms
143ms Script
application/javascript 190.89.239.238
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodocentrodomundo.com.br/wp-content/plugins/web-stories/assets/js/web-stories-carousel.js?ver=138af3cab395c6a9a527
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.89.239.238 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us373.serverdo.in
Software: nginx/1.24.0 /
Resource Hash: ac63b4552bdf253714da1c00ea927ea09d4d84cf7687ea1b1cfb3685405774b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:34 GMT
content-encoding: gzip
last-modified: Mon, 15 May 2023 18:51:41 GMT
server: nginx/1.24.0
etag: W/"64627f3d-28d4"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 amp-story-player-v0.js Show response
cdn.ampproject.org/ 55 KB
17 KB 50ms
33ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/amp-story-player-v0.js?ver=v0

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55e737d40b9f3f5a5ee5d0e9d12c87dbe40bfbb4577d133afc28d887259ed918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 20 Oct 2023 23:21:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16798
x-xss-protection: 0
server: sffe
etag: "395d58df5be55e02"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 20 Oct 2023 23:21:34 GMT

GET
H2 200 web-stories-lightbox.js Show response
controle.diariodocentrodomundo.com.br/wp-content/plugins/web-stories/assets/js/ 2 KB
896 B 160ms
144ms Script
application/javascript 190.89.239.238
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://controle.diariodocentrodomundo.com.br/wp-content/plugins/web-stories/assets/js/web-stories-lightbox.js?ver=01e950ce1c78d799dd67
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.89.239.238 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS: us373.serverdo.in
Software: nginx/1.24.0 /
Resource Hash: 40b0a6be42af90a7fb8c962e05f445731656fcb9496b5f0ceeeb49606775d38f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:34 GMT
content-encoding: gzip
last-modified: Mon, 15 May 2023 18:51:41 GMT
server: nginx/1.24.0
etag: W/"64627f3d-89f"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 199 KB
53 KB 93ms
28ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 20 Oct 2023 23:21:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53588
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: naA+gXUMxQRa/4sbGzBNlIqSnl4FD8v9yskb6DLubsXvWyyn14ykgsPW6kKyW+rJM2q+Wmt8sUZV8plrSeDxdA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 NZPi-h08p14 Show response
www.youtube.com/embed/ Frame CF3C 84 KB
39 KB 142ms
72ms Document
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/NZPi-h08p14?feature=oembed

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

edd9e84c61af433a486d16d1ffa3d0283829039adaeb70256f7f202cf6a7269f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 23:21:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v53/ 21 KB
21 KB 129ms
67ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&family=Oswald:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99027d866818f716d208569108a962ac72200197cae503efe5b6bf002bf4915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://controle.diariodocentrodomundo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 00:18:31 GMT
x-content-type-options: nosniff
age: 82983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21444
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:38:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Oct 2024 00:18:31 GMT

GET
H2 200 1Ptgg87LROyAm3Kz-C8.woff2
fonts.gstatic.com/s/anton/v25/ 18 KB
18 KB 144ms
83ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/anton/v25/1Ptgg87LROyAm3Kz-C8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Anton&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9ad420bf51c2930fc2a49d44209d202cb18acb2d8b82853a01023e69eab6885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://controle.diariodocentrodomundo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:22:58 GMT
x-content-type-options: nosniff
age: 176316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18796
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:21:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 22:22:58 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 88ms
27ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://controle.diariodocentrodomundo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:17:53 GMT
x-content-type-options: nosniff
age: 104621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 18:17:53 GMT

GET
DATA 200
OK truncated
/ 156 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 428669244dc25878dc92d727b1caef42384c54305988196073497ec7b082ec53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 50ms
49ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:34 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1792
etag: W/"7f9669464fe15e6a516c0eb693b26dbb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8194ff7529c49186-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Mon, 23 Oct 2023 23:21:34 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/dd34ec3d/ Frame CF3C 379 KB
48 KB 28ms
27ms Stylesheet
text/css 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dd34ec3d/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NZPi-h08p14?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42d9e8a5975207cb02aae556e0403d885ec3e05da4ef170c07595c4a500c69d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/NZPi-h08p14?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:47:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5638
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49033
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 01:52:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 19 Oct 2024 21:47:36 GMT

GET
H2 200 301448060382165 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 165ms
155ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/301448060382165?v=2.9.135&r=stable&domain=controle.diariodocentrodomundo.com.br

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fcaabad50df154a36d8d74eb5e73d957e961bab7b962b754ab83ea8fbcd70365

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 20 Oct 2023 23:21:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: DcdF+99jeobRxNb2cW+lQupbuEjfVIzeK66jrazADFeSoNrygnDwBauHmRcqUpMEk2njHUZmaLrxs0GeBhDvFw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 306 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5dca04c94ca9ce00ac27f8035781270aaefe1a48597cf9dc3cc0cd71845b254b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CF3C 15 KB
15 KB 28ms
27ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NZPi-h08p14?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 06:47:09 GMT
x-content-type-options: nosniff
age: 578065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Oct 2024 06:47:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CF3C 15 KB
15 KB 30ms
29ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NZPi-h08p14?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 21:26:35 GMT
x-content-type-options: nosniff
age: 93299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 21:26:35 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/dd34ec3d/player_ias.vflset/de_DE/ Frame CF3C 54 KB
17 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NZPi-h08p14?feature=oembed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67b27d97ce1d287bd6b2fa55e6e5ce400e37444754afb6746e0f17a45643d024

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/NZPi-h08p14?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:36:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 402320
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17010
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 01:52:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 15 Oct 2024 07:36:14 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/dd34ec3d/www-embed-player.vflset/ Frame CF3C 318 KB
95 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dd34ec3d/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NZPi-h08p14?feature=oembed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ee5c9e9f3ff16052b3ccd7ba71c89dc87f5364b8135ff8c604bd7be650cad62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/NZPi-h08p14?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:05:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 977
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97482
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 01:52:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 19 Oct 2024 23:05:17 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/dd34ec3d/player_ias.vflset/de_DE/ Frame CF3C 3 MB
801 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NZPi-h08p14?feature=oembed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f14fe12ab7033abf1ec82fbd6c7dedaf36998f5718010b37a99cc26147441651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/NZPi-h08p14?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402320
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 819909
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 01:52:21 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 15 Oct 2024 07:36:14 GMT

GET
H2 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 31ms
30ms Other
image/svg+xml 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg-basic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sat, 21 Oct 2023 00:10:12 GMT

GET
H2 200 swg-mini-prompt.css
news.google.com/swg/js/v1/ 3 KB
3 KB 30ms
29ms Stylesheet
text/css 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-mini-prompt.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg-basic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64756c19bee5e8d01058b314e7d783f74489b1c667f8db67010d05cca73a8bce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:19:42 GMT
x-content-type-options: nosniff
age: 112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2717
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 21:44:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sat, 21 Oct 2023 00:09:42 GMT

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 31ms
30ms Stylesheet
text/css 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg-basic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6456
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 21:11:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Fri, 20 Oct 2023 23:55:26 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/ 421 KB
132 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f1999dd213ea15813d6e27249169c4d54cfec7150e81ed1e1aad85d7b20202f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 11:57:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41068
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135205
x-xss-protection: 0
server: cafe
etag: 9147680799068891735
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 19 Oct 2024 11:57:06 GMT

GET
H2 200 pub-5822243610880583 Show response
fundingchoicesmessages.google.com/i/ 20 KB
9 KB 151ms
47ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-5822243610880583?ers=1

Requested by

Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/diariodocentrodomundo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4dc499b26f68e4b89e16f0d8b28f43fc7b7e7fd9b92e067558af0491e41543c4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uLlq_D2iD6FSdBKUBQHowA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-uLlq_D2iD6FSdBKUBQHowA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 46ms
41ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-175164381-48

Requested by

Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/diariodocentrodomundo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

71c7f8038f75b230b714c7ad28ae8ef1b2b1deace85e39b8abdf484a85de8dd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69211
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 22:18:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 20 Oct 2023 23:21:34 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 91ms
25ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-33507983-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 20 Oct 2023 21:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5512
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 20 Oct 2023 23:49:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 87ms
84ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-175164381-48&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-33507983-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

43c0740c9a5980492d28922f3ef96c7a0fab1fd229fd02fe6ee7cc36cfa81d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69224
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 22:18:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 20 Oct 2023 23:21:34 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 362 KB
125 KB 131ms
36ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/diariodocentrodomundo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2b62fdeda07eb6006a6c2cd6ca5c103f7eabb0d28409ef2d2609f4d5898029f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127115
x-xss-protection: 0
expires: Fri, 20 Oct 2023 23:21:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 77ms
74ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1B73ZLD4M4

Requested by

Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/diariodocentrodomundo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27d2fa812fb99bf6f044e7c9cb32d5816237ca7866b1aaab76634e7da375ae88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92804
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 20 Oct 2023 23:21:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 78ms
77ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1B73ZLD4M4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-33507983-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

934ae5f5f7098e352b9234af02536e15fdf15465695230d5ecdee84a09f36a12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92878
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 20 Oct 2023 23:21:34 GMT

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 15 KB
15 KB 122ms
31ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-11382-4/CT-1249
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 6fdd4e9b40aca531e10530f776c3fbb6ef8c74d360d93a75a23cb22153fbecbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 22:54:13 GMT
via: 1.1 google
age: 1641
x-guploader-uploadid: ADPycdtDjnxhTjDpLBUiA8v20K7tJRpXZp4RxnWbQ0YZmGATu8s_BGsatD8sDJz0SnLeQwKZxM0
x-goog-storage-class: STANDARD
x-guploader-response-body-transformations: gunzipped
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15001
last-modified: Thu, 19 Dec 2019 17:12:55 GMT
server: nginx/1.8.1
etag: W/"0aa924c986b60c68345be2b644a237df"
vary: Accept-Encoding,Accept-Encoding
x-goog-generation: 1576775575233105
x-goog-hash: md5=CqkkyYa2DGg0W+K2RKI33w==
content-type: application/javascript
warning: 214 UploadServer gunzipped
cache-control: max-age=7200,public
x-goog-stored-content-length: 6184
expires: Sat, 21 Oct 2023 00:54:13 GMT

GET
H2 200 tag Show response
a.teads.tv/page/138813/ 692 B
748 B 172ms
55ms Script
application/javascript 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/138813/tag
Requested by: Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/diariodocentrodomundo.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f1a299824fc7f40c9ec86c226229c219b24db0a16f151daddc070a1ffbe86d69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:34 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, no-store
access-control-allow-credentials: true
content-length: 439
expires: 0

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 11 KB
4 KB 146ms
29ms Script
text/javascript 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/diariodocentrodomundo.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id: q9b9clsZLLfdBtwdmheOfdbmJj61AqqK
date: Fri, 20 Oct 2023 23:21:34 GMT
content-encoding: br
last-modified: Wed, 16 Aug 2023 09:22:55 GMT
x-amz-request-id: DW6CS3GRFDYFAPE5
etag: "ee3af1e29ac1607ef3d41c515d1e05ad"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 3418
x-amz-id-2: kjfwGafZWJoh+7JvZO6u91SkNxsQKboqL8MqaF7LxOPoGFUYjHU8LWnb8yNVWKQ7mNuG8J6C0NU=

GET
H2 200 prebid.js Show response
tags.denakop.com/ 323 KB
101 KB 125ms
44ms Script
application/javascript 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.denakop.com/prebid.js
Requested by: Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/diariodocentrodomundo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca6f07ec1368dbc869318144688deac0eca76f09553a468c942c2d9a227ca4f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:34 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 03 Oct 2023 13:24:20 GMT
server: cloudflare
age: 2224
cf-polished: origSize=330936
etag: W/"651c1604-50cb8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, must-revalidate, max-age=3600
timing-allow-origin: *
cf-ray: 8194ff775bca1e20-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 403 /
www.diariodocentrodomundo.com.br/web-stories/os-oito-maiores-doadores-das-eleicoes-2022/ Frame 7A53 0
0 37ms
33ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diariodocentrodomundo.com.br/web-stories/os-oito-maiores-doadores-das-eleicoes-2022/

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/amp-story-player-v0.js?ver=v0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 8194ff772e9f367f-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Fri, 20 Oct 2023 23:21:34 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MpQw1BwB7JcgGvOtt%2BtjXiGPGI02rKsX2ZdJl%2BuiLTEfHBpc6LXe34p1m9KirPEYB59S0hKgKi612NAXAdNMN%2FeM%2FEAwJ4qPgjEj3uL6UQQGVuzqq02Y7oKsd5YE1bZYoFNx4Lo7xprpB0IWuYfyfSLCttZk8aMmZfxhE9wrpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 web Show response
onesignal.com/api/v1/sync/0150d19a-6edc-47ef-8a9e-748418205bcb/ 3 KB
2 KB 88ms
79ms Script
text/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/0150d19a-6edc-47ef-8a9e-748418205bcb/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4bbfd08bfee535925b22f07083828c3e7f2713dd217723ccf245855c816cae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:34 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 39532472-c58a-420f-ba63-82f783500192
x-runtime: 0.030555
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"a4bbfd08bfee535925b22f07083828c3"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 8194ff773b0e9186-FRA
access-control-allow-headers: SDK-Version
expires: Sat, 21 Oct 2023 00:21:34 GMT

GET article
news.google.com/swg/_/api/v1/publication/CAowx6PTAQ/ 0
0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 105ms
25ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=301448060382165&ev=PageView&dl=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&rl=&if=false&ts=1697844094663&sw=1600&sh=1200&v=2.9.135&r=stable&ec=0&o=30&fbp=fb.2.1697844094658.43356487&ler=empty&it=1697844094327&coo=false&rqm=GET

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 20 Oct 2023 23:21:34 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
222 B 31ms
30ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1113268360&t=pageview&_s=1&dl=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&ul=en-us&de=UTF-8&dt=Di%C3%A1rio%20do%20Centro%20do%20Mundo%20%7C%20O%20que%20interessa%20e%20nada%20mais&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1878000197&gjid=974487599&cid=9135856.1697844095&tid=UA-33507983-1&_gid=117015083.1697844095&_r=1&gtm=457e3ai0&jsscut=1&z=1365946959

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0GMVBG1EJ0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-175164381-48&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c36ce5a76d55685349b01392b4bd0d6498ae8aa10ab3faa101c12abd6032a57f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81220
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 20 Oct 2023 23:21:34 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
68 B 31ms
30ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1113268360&t=pageview&_s=1&dl=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&ul=en-us&de=UTF-8&dt=Di%C3%A1rio%20do%20Centro%20do%20Mundo%20%7C%20O%20que%20interessa%20e%20nada%20mais&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=2140713703&gjid=1369825657&cid=9135856.1697844095&tid=UA-175164381-48&_gid=117015083.1697844095&_r=1&gtm=457e3ai0&jsscut=1&z=1905468904

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
269 B 89ms
35ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1B73ZLD4M4&gtm=45je3ai0&_p=1113268360&cid=9135856.1697844095&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697844094&sct=1&seg=0&dl=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&dt=Di%C3%A1rio%20do%20Centro%20do%20Mundo%20%7C%20O%20que%20interessa%20e%20nada%20mais&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1B73ZLD4M4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame CF3C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

31ms
31ms

XHR
application/json

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NZPi-h08p14?feature=oembed

Protocol

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f28075f0d2173e6f50b8284df5640d812b4dc54c3df8c8ea7d6dd2e18045212c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 20 Oct 2023 23:21:35 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame CF3C 29 B
495 B 84ms
25ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:10:58 GMT
x-content-type-options: nosniff
age: 637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 23:25:58 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 785 B
421 B 172ms
171ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1995642666070047&correlator=4302985125099126&eid=31078704%2C31078968%2C44780988&output=ldjh&gdfp_req=1&vrg=202310170101&ptt=17&impl=fifs&iu_parts=21622511100%3A54925924%2Cdiariodocentrodomundo_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=1&didk=99964827&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1697844094990&lmt=1697836894&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=9135856.1697844095&ga_sid=1697844095&ga_hid=1113268360&ga_fc=true&dlt=1697844093204&idt=1477&prev_scp=site%3Ddiariodocentrodomundo%26place%3Ddm-sticky%26sm%3Ds&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=1423113870&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a56bcc6c88f8ea1cff6038a12d43cabbd2b2c7110ba65b1c70eaba9810339c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 390
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 108 KB
44 KB 400ms
398ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1995642666070047&correlator=4302985125099126&eid=31078704%2C31078968%2C44780988&output=ldjh&gdfp_req=1&vrg=202310170101&ptt=17&impl=fifs&iu_parts=21622511100%3A54925924%2Cdiariodocentrodomundo_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&ifi=2&didk=2163510028&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1697844095001&lmt=1697836895&adxs=436&adys=570&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&vis=1&psz=1156x7341&msz=1156x0&fws=4&ohw=1156&ga_vid=9135856.1697844095&ga_sid=1697844095&ga_hid=1113268360&ga_fc=true&dlt=1697844093204&idt=1477&prev_scp=site%3Ddiariodocentrodomundo%26place%3Ddmh-h-destaque1%26sm%3Dhs&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=2394117401&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09d6a1f19c12d9d259da56a23d3e4a916e9271fc94dccc76283faff9d41d88ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44721
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 669 B
316 B 1562ms
1560ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1995642666070047&correlator=4302985125099126&eid=31078704%2C31078968%2C44780988&output=ldjh&gdfp_req=1&vrg=202310170101&ptt=17&impl=fifs&iu_parts=21622511100%3A54925924%2Cdiariodocentrodomundo_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&ifi=3&didk=2163510019&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1697844095006&lmt=1697836895&adxs=436&adys=1296&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&vis=1&psz=1156x7341&msz=1156x0&fws=4&ohw=1156&ga_vid=9135856.1697844095&ga_sid=1697844095&ga_hid=1113268360&ga_fc=true&dlt=1697844093204&idt=1477&prev_scp=site%3Ddiariodocentrodomundo%26place%3Ddmh-h-destaque2%26sm%3Dhs&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=2394117402&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57cdbb0a6b271d86d09ed5249d68f79c89d5a6374617d3638bd0cb5805002eb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:36 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 285
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 669 B
314 B 1102ms
1099ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1995642666070047&correlator=4302985125099126&eid=31078704%2C31078968%2C44780988&output=ldjh&gdfp_req=1&vrg=202310170101&ptt=17&impl=fifs&iu_parts=21622511100%3A54925924%2Cdiariodocentrodomundo_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&ifi=4&didk=2163510017&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1697844095010&lmt=1697836895&adxs=436&adys=202&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&vis=1&psz=1600x7730&msz=1600x0&fws=4&ohw=1600&ga_vid=9135856.1697844095&ga_sid=1697844095&ga_hid=1113268360&ga_fc=true&dlt=1697844093204&idt=1477&prev_scp=site%3Ddiariodocentrodomundo%26place%3Ddmh-h-destaque4%26sm%3Dhs&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=2394117404&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fef9838a1003469b20bf86b0afeca5fc05e2cd8d3df0d9a5e9f49031dee655b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:36 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 283
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 669 B
314 B 2381ms
2379ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1995642666070047&correlator=4302985125099126&eid=31078704%2C31078968%2C44780988&output=ldjh&gdfp_req=1&vrg=202310170101&ptt=17&impl=fifs&iu_parts=21622511100%3A54925924%2Cdiariodocentrodomundo_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&ifi=5&didk=2163510016&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1697844095016&lmt=1697836895&adxs=633&adys=2044&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&vis=1&psz=786x1530&msz=786x0&fws=4&ohw=786&ga_vid=9135856.1697844095&ga_sid=1697844095&ga_hid=1113268360&ga_fc=true&dlt=1697844093204&idt=1477&prev_scp=site%3Ddiariodocentrodomundo%26place%3Ddmh-h-destaque5%26sm%3Dhs&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=2394117405&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2706e6221a4318c1f6619b2f12a91ef0ef1a1e35ed4fc80c712bad4150dd65af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:37 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 283
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
12 KB 837ms
835ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1995642666070047&correlator=4302985125099126&eid=31078704%2C31078968%2C44780988&output=ldjh&gdfp_req=1&vrg=202310170101&ptt=17&impl=fifs&iu_parts=21622511100%3A54925924%2Cdiariodocentrodomundo_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&ifi=6&didk=2163510023&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1697844095020&lmt=1697836895&adxs=436&adys=2906&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&vis=1&psz=1156x7341&msz=1156x0&fws=4&ohw=1156&ga_vid=9135856.1697844095&ga_sid=1697844095&ga_hid=1113268360&ga_fc=true&dlt=1697844093204&idt=1477&prev_scp=site%3Ddiariodocentrodomundo%26place%3Ddmh-h-destaque6%26sm%3Dhs&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=2394117406&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8b5ccd1cb8a249619c226134717f26917e1128581168f53c85444e91d58c628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12317
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 526ms
524ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1995642666070047&correlator=4302985125099126&eid=31078704%2C31078968%2C44780988&output=ldjh&gdfp_req=1&vrg=202310170101&ptt=17&impl=fifs&iu_parts=21622511100%3A54925924%2Cdiariodocentrodomundo_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=7&didk=2163510022&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1697844095024&lmt=1697836895&adxs=315&adys=6677&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&vis=1&psz=1180x465&msz=1180x0&fws=4&ohw=1180&ga_vid=9135856.1697844095&ga_sid=1697844095&ga_hid=1113268360&ga_fc=true&dlt=1697844093204&idt=1477&prev_scp=site%3Ddiariodocentrodomundo%26place%3Ddmh-h-destaque7&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=2869542278&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c09fbb1f1381cc674ed6b74acd5105650e48a7a1fea516ba565dcd0da2d6c0e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11350
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 670 B
316 B 1001ms
999ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1995642666070047&correlator=4302985125099126&eid=31078704%2C31078968%2C44780988&output=ldjh&gdfp_req=1&vrg=202310170101&ptt=17&impl=fifs&iu_parts=21622511100%3A54925924%2Cdiariodocentrodomundo_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x300%7C320x250%7C320x100%7C320x50%7C336x280&ifi=8&didk=3118911255&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1697844095027&lmt=1697836895&adxs=1043&adys=4354&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&vis=1&psz=393x32&msz=369x0&fws=4&ohw=369&ga_vid=9135856.1697844095&ga_sid=1697844095&ga_hid=1113268360&ga_fc=true&dlt=1697844093204&idt=1477&prev_scp=site%3Ddiariodocentrodomundo%26place%3Ddmh-v-sidebar1%26sm%3Dv&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=3554615778&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5216a322dfa08421ebd4f0babbc897fec99c1f7986160d186ea1a5f05a54524f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:36 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 285
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 90 KB
42 KB 1518ms
1517ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1995642666070047&correlator=4302985125099126&eid=31078704%2C31078968%2C44780988&output=ldjh&gdfp_req=1&vrg=202310170101&ptt=17&impl=fifs&iu_parts=21622511100%3A54925924%2Cdiariodocentrodomundo_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x300%7C320x250%7C320x100%7C320x50%7C336x280&ifi=9&didk=3118911252&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1697844095029&lmt=1697836895&adxs=1043&adys=4869&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&vis=1&psz=393x66&msz=369x0&fws=4&ohw=369&ga_vid=9135856.1697844095&ga_sid=1697844095&ga_hid=1113268360&ga_fc=true&dlt=1697844093204&idt=1477&prev_scp=site%3Ddiariodocentrodomundo%26place%3Ddmh-v-sidebar2%26sm%3Dv&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=3554615781&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79a0921b50081da5c22158e4db8951b89ad58f15376361ee088a8b7e320bda45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:36 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42710
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 670 B
319 B 1836ms
1835ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1995642666070047&correlator=4302985125099126&eid=31078704%2C31078968%2C44780988&output=ldjh&gdfp_req=1&vrg=202310170101&ptt=17&impl=fifs&iu_parts=21622511100%3A54925924%2Cdiariodocentrodomundo_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x300%7C320x250%7C320x100%7C320x50%7C336x280&ifi=10&didk=3118911253&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1697844095032&lmt=1697836895&adxs=1043&adys=5350&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=7&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&vis=1&psz=393x66&msz=369x0&fws=4&ohw=369&ga_vid=9135856.1697844095&ga_sid=1697844095&ga_hid=1113268360&ga_fc=true&dlt=1697844093204&idt=1477&prev_scp=site%3Ddiariodocentrodomundo%26place%3Ddmh-v-sidebar3%26sm%3Dv&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=3554615780&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

407a46751cc60c55c068435c9799b842708c649ab9be7f6927ee908f6da44f93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:36 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 670 B
319 B 2510ms
2509ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1995642666070047&correlator=4302985125099126&eid=31078704%2C31078968%2C44780988&output=ldjh&gdfp_req=1&vrg=202310170101&ptt=17&impl=fifs&iu_parts=21622511100%3A54925924%2Cdiariodocentrodomundo_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x300%7C320x250%7C320x100%7C320x50%7C336x280&ifi=11&didk=3118911259&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1697844095034&lmt=1697836895&adxs=1043&adys=6709&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=8&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&vis=1&psz=393x32&msz=369x0&fws=4&ohw=369&ga_vid=9135856.1697844095&ga_sid=1697844095&ga_hid=1113268360&ga_fc=true&dlt=1697844093204&idt=1477&prev_scp=site%3Ddiariodocentrodomundo%26place%3Ddmh-v-sidebar5%26sm%3Dv&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=3554615782&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddc9471391b336ab6faac513afe0050a5c7fed6df3f0d493aaae1ec3703f1ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:37 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 107 KB
44 KB 2207ms
2206ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1995642666070047&correlator=4302985125099126&eid=31078704%2C31078968%2C44780988&output=ldjh&gdfp_req=1&vrg=202310170101&ptt=17&impl=fifs&iu_parts=21622511100%3A54925924%2Cdiariodocentrodomundo_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&ifi=12&didk=995144103&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1697844095038&lmt=1697836895&adxs=1292&adys=850&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&vis=1&psz=300x-1&msz=300x-1&fws=512&ohw=0&ga_vid=9135856.1697844095&ga_sid=1697844095&ga_hid=1113268360&ga_fc=true&dlt=1697844093204&idt=1477&prev_scp=site%3Ddiariodocentrodomundo%26place%3Dslider-display&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=1564916552&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5235b988a6645ae51438321d31116c73a5cf77ac55872fec21b8a010b2bce676

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:37 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44567
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
630 B 1698ms
1697ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1995642666070047&correlator=4302985125099126&eid=31078704%2C31078968%2C44780988&output=ldjh&gdfp_req=1&vrg=202310170101&ptt=17&impl=fifs&iu_parts=21622511100%3A54925924%2Cdiariodocentrodomundo_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=13&didk=2128088992&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1697844095041&lmt=1697836895&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=9135856.1697844095&ga_sid=1697844095&ga_hid=1113268360&ga_fc=true&dlt=1697844093204&idt=1477&prev_scp=site%3Ddiariodocentrodomundo%26place%3Dinterstitial&cust_params=Version%3D1.02%26Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&adks=2830558046&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52389d001078a8434fb5aef3beb0c7d15e903689e9a03c3ff35eae852cb42fc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:36 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 599
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CB2D 6 KB
3 KB 126ms
35ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 23:21:35 GMT
expires: Sat, 19 Oct 2024 23:21:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/ 39 KB
13 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl_page_level_ads.js?cb=31078968

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be54ae5622032190074e9e9cec319c271b61e167e748f5a4f4a304f2ef076276

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 10:37:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45839
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13711
x-xss-protection: 0
server: cafe
etag: 773289337334620219
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 19 Oct 2024 10:37:36 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
364 B 102ms
34ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-33507983-1&cid=9135856.1697844095&jid=1878000197&gjid=974487599&_gid=117015083.1697844095&_u=YEBAAUAAAAAAACAAI~&z=758151921

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 20 Oct 2023 23:21:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 91ms
31ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 20 Oct 2023 23:21:35 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CF3C 69 KB
32 KB 39ms
38ms XHR
application/json+protobuf 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9d1b649bacba7f53095d874438328c45a0d568142cd42715f2aeb0c4cedb41c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 20 Oct 2023 23:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32155
x-xss-protection: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame CF3C 0
19 B 31ms
31ms XHR
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?cpn=rjSfHW0FS4YUwR3B&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C230596%2C84737%2C19570%2C6118%2C9541%2C1089%2C5877%2C394%2C3200%2C26436294%2C4054%2C1253%2C677%2C5180%2C9369%2C820%2C737%2C2040%2C564%2C6665%2C859&cl=573668619&seq=1&event=streamingstats&docid=NZPi-h08p14&qclc=ChByalNmSFcwRlM0WVV3UjNCEAE&embargoed=0&cbr=Chrome&cbrver=118.0.5993.88&c=WEB_EMBEDDED_PLAYER&cver=1.20231015.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth::0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/NZPi-h08p14?feature=oembed
X-YouTube-Client-Version: 1.20231015.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtIZVp4bHlaVFcxOCj-lsypBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals: dt=1697844094878&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1156%2C650&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:35 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame CF3C 376 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74e77fe8f0569d056bff926b617a05cd49096105b204974f7f3e3e29a4387004

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK fpc Show response
at.teads.tv/ 0
360 B 157ms
60ms Fetch
text/plain 23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_16210&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=471b531&
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Oct 2023 23:21:35 GMT
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://controle.diariodocentrodomundo.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Fri, 20 Oct 2023 23:21:35 GMT

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 579 KB
132 KB 29ms
28ms Script
text/javascript 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/138813/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a609604e115bdb416bb719acef9d33a6aae34f2b84773ea21b77b77bc412e17e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:35 GMT
content-encoding: br
last-modified: Thu, 19 Oct 2023 09:07:20 GMT
x-amz-request-id: WEGGCYJ46W71606V
etag: "eebcd2bbcd067fef674e6dd96965075a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: 6
accept-ranges: bytes
content-length: 135009
x-amz-id-2: +0ZrLvRgBurIRk+wrofS9/7PGEoLMQ1EDzRkG8IaZ1iEM281JxUIBePMH57G1IvLVpO5/v0mehc=
expires: Fri, 20 Oct 2023 23:51:35 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 108ms
30ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-33507983-1&cid=9135856.1697844095&jid=1878000197&_u=YEBAAUAAAAAAACAAI~&z=1378339209

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 110ms
32ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-33507983-1&cid=9135856.1697844095&jid=1878000197&_u=YEBAAUAAAAAAACAAI~&z=1378339209

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 B
597 B 122ms
39ms Fetch
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:35 GMT
an-x-request-uuid: 2d24f493-9c53-49a2-8e8a-da9812c45cba
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.132; 217.114.215.132; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
324 B 159ms
77ms Fetch 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 20 Oct 2023 23:21:35 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 8194ff7c2b03bb8c-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
385 B 109ms
30ms Fetch
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 410 B
1 KB 159ms
41ms Fetch
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=447704&zone_id=2589306&size_id=2&alt_size_ids=55&rp_schain=1.0,1!denakop.com,10741,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&tg_i.domain=controle.diariodocentrodomundo.com.br&tg_i.page=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&tk_flint=pbjs_lite_v8.17.0&l_pb_bid_id=87e8081747641e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6807103025964343
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c7f24581886a29315322852f5c1209364bd0487420c70b789401aa40305402df

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Oct 2023 23:21:35 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://controle.diariodocentrodomundo.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 410
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
579 B 326ms
118ms Fetch
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:35 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
200 B 395ms
162ms Fetch 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
date: Fri, 20 Oct 2023 23:21:35 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 B
599 B 109ms
36ms Fetch
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:35 GMT
an-x-request-uuid: 306770d8-9957-403c-953d-09918bf90477
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.132; 217.114.215.132; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 31ms
31ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 20 Oct 2023 23:21:35 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CF3C 90 B
134 B 41ms
39ms XHR
application/json+protobuf 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

952602edcfc95b77e6ee3aeacba2189bbae39d09673c7cc52bca2bdd70697828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 20 Oct 2023 23:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 31ms
31ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0GMVBG1EJ0&gtm=45je3ai0&_p=1113268360&cid=9135856.1697844095&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1697844095&sct=1&seg=0&dl=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&dt=Di%C3%A1rio%20do%20Centro%20do%20Mundo%20%7C%20O%20que%20interessa%20e%20nada%20mais&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0GMVBG1EJ0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wigo-no-slot Show response
sync.teads.tv/ Frame CC6D 325 B
477 B 138ms
49ms Document
text/html 23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/wigo-no-slot
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 325
content-type: text/html; charset=UTF-8
date: Fri, 20 Oct 2023 23:21:35 GMT
expires: Fri, 20 Oct 2023 23:21:35 GMT
pragma: no-cache
server: pekko-http/1.0.0

GET
H2 200 track
t.teads.tv/ 23 B
104 B 217ms
66ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=42175519-1b6e-42c0-a108-69a4c7a6068f&pageId=138813&pid=152303&debug_metadata=aALShi0UDt&fv=1272&ts=1697844095524&f=1&referer=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:35 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
134 B 217ms
67ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=noSlot-selector&env=js-web&auctid=42175519-1b6e-42c0-a108-69a4c7a6068f&pageId=138813&pid=152303&fv=1272&ts=1697844095532&f=1&referer=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Fri, 20 Oct 2023 23:21:35 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 container.html Show response
367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 49C7 6 KB
3 KB 29ms
23ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 23:21:35 GMT
expires: Sat, 19 Oct 2024 23:21:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D5B2 6 KB
3 KB 24ms
22ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 23:21:35 GMT
expires: Sat, 19 Oct 2024 23:21:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F52F 624 B
246 B 38ms
36ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNW_zX8Zygg-Lr1FrUWP0gYmZXfpHoMZ13cyfAtaJDiGOjIipvjl2Eg5mUvNHhHBvBKb6xnXdCJhGcOxwgX9caDXkZfGgcAsoeUBFM8tfzmIV4f8Z_5PVnRSf5-3AB6WmYRibzRlCO9MMYX-Z3-rdfbERKe0YWEuMSjsScH2gHCJwXl8xi8

Requested by

Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 23:21:35 GMT
expires: Fri, 20 Oct 2023 23:21:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 49C7 111 KB
39 KB 106ms
22ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
Origin: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 16:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Oct 2023 16:21:57 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame 49C7 7 KB
3 KB 107ms
26ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 03:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72373
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 03:15:22 GMT

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 49C7 23 KB
9 KB 97ms
22ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 03:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72373
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 03:15:22 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 49C7 41 KB
14 KB 103ms
28ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 18:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191932
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 18:02:43 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 49C7 3 KB
1 KB 102ms
27ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js

Requested by

Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 16:56:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 16:56:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 49C7 20 KB
9 KB 96ms
21ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8427
x-xss-protection: 0
server: cafe
etag: 8504628880869859743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 00:02:34 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 49C7 42 B
107 B 130ms
57ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dn0JyTWWdpnNJaCU0T3Fs3PCzmVCGeTaRAOJMsZcZ3itZ349APnUG1VaknN1vHAXW32UCJsfNZ_sie2Ah2fTLMsyQ7y2JDfLAZvkz1iOuSo5A4pxA

Requested by

Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 49C7 187 KB
59 KB 108ms
34ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Oct 2023 23:21:35 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 31BB 624 B
242 B 43ms
38ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNUNqpHQ2ZDKWYRqi86ub0c9V5qafVinv8XRUxKa5-14VgV1mbUW_KA0_3rRBY3qMZPZL7XnMr_lckD_XFYL0QHqUAkOb3bwXv2D9teJGAOGofOyqw-WED0C3rxRu1oRphyOep1fi4N_qc0ZLMesdcOzYDgJWDXQrrmHEbJXre1NIzQyzO4

Requested by

Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 23:21:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D5B2 89 KB
31 KB 70ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 23:21:35 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D5B2 42 B
173 B 89ms
55ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AlqYlpTcM9eTgZjpzrukw9we7QXEB5bcRGm7VCL5ytWgeAzPOsDtpaOrEO_45VW19jlB5l-eOfK-cSlBH7PyDWhwGINfnbiPqM4FAwtSBJzwLrrMY

Requested by

Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D5B2 0
58 B 90ms
57ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=291390578648600767&x=1&ct=77

Requested by

Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame D5B2 3 KB
1 KB 80ms
47ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js

Requested by

Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 16:56:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 16:56:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame D5B2 20 KB
8 KB 58ms
24ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8427
x-xss-protection: 0
server: cafe
etag: 8504628880869859743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 00:02:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D5B2 187 KB
59 KB 108ms
74ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Oct 2023 23:21:35 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame F52F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2ioYmuK5vzPZAFGq2ebG8&google_cver=1

43 B
341 B

57ms
55ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2ioYmuK5vzPZAFGq2ebG8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNW_zX8Zygg-Lr1FrUWP0gYmZXfpHoMZ13cyfAtaJDiGOjIipvjl2Eg5mUvNHhHBvBKb6xnXdCJhGcOxwgX9caDXkZfGgcAsoeUBFM8tfzmIV4f8Z_5PVnRSf5-3AB6WmYRibzRlCO9MMYX-Z3-rdfbERKe0YWEuMSjsScH2gHCJwXl8xi8
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=es0SF6XlqbxbARDE%2FvuuBs%2FZHFCqgQc%2FzLBcBJP9LyFEVFNeUv7S%2Fpj9nbL1G2VqvFB9YRRbMxOq1A0wGEDqMwDaxh05h3HppJpOujIef%2Fz3ybR2bVmmrAYrAhc92XDGwoTbrvzPHilEZw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8194ff7f4f8f2c2a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2ioYmuK5vzPZAFGq2ebG8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F52F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTMLf903l4bfY5Ld9GQndgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2ioYmuK5vzPZAFGq2ebG8&google_cver=1

43 B
771 B

63ms
56ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2ioYmuK5vzPZAFGq2ebG8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNW_zX8Zygg-Lr1FrUWP0gYmZXfpHoMZ13cyfAtaJDiGOjIipvjl2Eg5mUvNHhHBvBKb6xnXdCJhGcOxwgX9caDXkZfGgcAsoeUBFM8tfzmIV4f8Z_5PVnRSf5-3AB6WmYRibzRlCO9MMYX-Z3-rdfbERKe0YWEuMSjsScH2gHCJwXl8xi8
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRQlkcE5yijuTw36zk72YzTZvR%2FoDmlo%2BHeUyykDX1vWf1mJnqR%2FhD1%2Bfw7idL4iMluM7F1jN5ZGD9m3VfkrSg4WtejN8d%2FMSEVBHuVSfQ6gLqRy4eqkvDaUrHMVruQkcnuuY6iwvZRf4A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8194ff80283c4db6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2ioYmuK5vzPZAFGq2ebG8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame F52F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEG0_fT3d74cJBHb8D2_fUkQ&google_cver=1

43 B
841 B

66ms
65ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEG0_fT3d74cJBHb8D2_fUkQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNW_zX8Zygg-Lr1FrUWP0gYmZXfpHoMZ13cyfAtaJDiGOjIipvjl2Eg5mUvNHhHBvBKb6xnXdCJhGcOxwgX9caDXkZfGgcAsoeUBFM8tfzmIV4f8Z_5PVnRSf5-3AB6WmYRibzRlCO9MMYX-Z3-rdfbERKe0YWEuMSjsScH2gHCJwXl8xi8

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:35 GMT
an-x-request-uuid: 76e18e38-c30f-43a6-b027-cc2bd6a32473
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.215.132; 217.114.215.132; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEG0_fT3d74cJBHb8D2_fUkQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F52F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgxOTUyMzU2Njk3MTI3NjA0MQ%3D%3D

170 B
232 B

73ms
51ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgxOTUyMzU2Njk3MTI3NjA0MQ%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:35 GMT
an-x-request-uuid: b5f244a4-e2bf-40dd-82c7-6eecbb032347
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgxOTUyMzU2Njk3MTI3NjA0MQ%3D%3D
x-proxy-origin: 217.114.215.132; 217.114.215.132; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 31BB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2ioYmuK5vzPZAFGq2ebG8&google_cver=1

43 B
325 B

59ms
58ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2ioYmuK5vzPZAFGq2ebG8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNUNqpHQ2ZDKWYRqi86ub0c9V5qafVinv8XRUxKa5-14VgV1mbUW_KA0_3rRBY3qMZPZL7XnMr_lckD_XFYL0QHqUAkOb3bwXv2D9teJGAOGofOyqw-WED0C3rxRu1oRphyOep1fi4N_qc0ZLMesdcOzYDgJWDXQrrmHEbJXre1NIzQyzO4
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kpitz%2Bfsrju2F4ea%2Fua6ush1%2FcZ8t27pQSCcPmP3%2FpGZgOaWCsa3UnZ2v6qW1TMGOqbR93cocxPXng27HGRjM9c7XP5YPdNwm5zQv1hG4FFkNumw0blppQYr7td7VxSRUi64uswMTxGurQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8194ff7f4f902c2a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2ioYmuK5vzPZAFGq2ebG8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 31BB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTMLf903l4bfY5Ld9GQndgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2ioYmuK5vzPZAFGq2ebG8&google_cver=1

43 B
735 B

71ms
64ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2ioYmuK5vzPZAFGq2ebG8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNUNqpHQ2ZDKWYRqi86ub0c9V5qafVinv8XRUxKa5-14VgV1mbUW_KA0_3rRBY3qMZPZL7XnMr_lckD_XFYL0QHqUAkOb3bwXv2D9teJGAOGofOyqw-WED0C3rxRu1oRphyOep1fi4N_qc0ZLMesdcOzYDgJWDXQrrmHEbJXre1NIzQyzO4
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uV7SOMmoO0Ux9QH7rkZlOeWJb%2BBinmzMQ7%2B6wKs6mYyI%2FAxGou9WjTiW1V3eUJrgab1VenTlFr1QJtRwdVEg6ML8ZX28PBgB%2BNUzJk7iPOf4eYeYF7J3TpNSV8mlZnq5ofnE7MHsM%2FTLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8194ff80283e4db6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2ioYmuK5vzPZAFGq2ebG8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 31BB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEG0_fT3d74cJBHb8D2_fUkQ&google_cver=1

43 B
841 B

50ms
48ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEG0_fT3d74cJBHb8D2_fUkQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNUNqpHQ2ZDKWYRqi86ub0c9V5qafVinv8XRUxKa5-14VgV1mbUW_KA0_3rRBY3qMZPZL7XnMr_lckD_XFYL0QHqUAkOb3bwXv2D9teJGAOGofOyqw-WED0C3rxRu1oRphyOep1fi4N_qc0ZLMesdcOzYDgJWDXQrrmHEbJXre1NIzQyzO4

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:35 GMT
an-x-request-uuid: f6809117-b6ac-4d5b-b45b-2f4dce80fedb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.215.132; 217.114.215.132; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEG0_fT3d74cJBHb8D2_fUkQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 31BB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgxOTUyMzU2Njk3MTI3NjA0MQ%3D%3D

170 B
243 B

61ms
50ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgxOTUyMzU2Njk3MTI3NjA0MQ%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:35 GMT
an-x-request-uuid: 5e93710e-fed6-47e7-9029-728835048689
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODgxOTUyMzU2Njk3MTI3NjA0MQ%3D%3D
x-proxy-origin: 217.114.215.132; 217.114.215.132; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 49C7 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08178dec32780008ceff46cadfc784e17fc7d07570a9f5e7c4f334aa29e66570

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame EF97 22 KB
8 KB 25ms
24ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 83940
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 00:02:35 GMT
expires: Sat, 19 Oct 2024 00:02:35 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D5B2 0
56 B 64ms
63ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1014988785280&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D5B2 0
56 B 63ms
60ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1014988785280&version=m202309260101&ct=77&x=1&cor=291390578648600770

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D5B2 16 KB
12 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C29erh7GBiJ2T6-STf3vLvGXrP7j5eTJMwyPglnDZiB0Use3_P3e2e0DKxO7kSA7iqzqnh0qa0fuUGd1z0ss4mG6Zy7n1UNItfobzMejp4WyL5UlHsH7ONKcV17-QXTz4mzwvE-YjYy3q6bdu_Mc3S9hhHifjMLhDBc5ss91viPpk38cA&cry=1&dbm_d=AKAmf-CrYVTJvWHMuRr7RRBZSSUwGpmPEY2SC2jGzXI2L7k_TRuktFcSTpDy9r2u8lkm2HX_kM2HYaqFseiwmrC8lUEk-8ftxNAqmKFJE6RGlqraQZmSg28BWNLgykIU0USdx3KFfkHiLW8KfuMlzZaAqgvLZYawevPaWmkJlGDSRwH5WVesz18tGDCoBJ1xZ03EJbQ0P8e77OpqF70LG8KQxFuccuQ-KRsJpdPuJQfnr3bkzEEvRI-y893QTcmCZ0RwIe_izS86dUdm53BogqGLJ3HG_XNKZHUGQJkeQR4k3rHdD0d-0Vgq3xe59cMp0_J6OgV4rXnmxppvsPbsvKNJCT-kRMJbMX4fFnD339jUgq1AO7UJ_MSGdZO8zcv31O1Q3F4h5eJpN2uOuKEs8RILB3YPqYX4R4ZvHMTZNscUDISpU7sI3s9gucXIgJNENC-CsxOGycG-tPA26okzzGr6ODOw_sW0aZc0yFWoLv6tXVj2nW3yE-1Z9kk6LMmEGovGfS_vmWHdPQFtEcEXUHZhy6bdvFIB5zYYb5K2QRnjYTSkd73x5SjQLUOUpqi9FOh5XyQj3ACiffPHC5h0fMfiZtk-WCePdldooYjXwaTyAeq30TnzJ74j6rO-Cc5yVkNNOstCkkuumxSJ_MMUIt06BY6NimxhAi943WoRMe2gtIUTF21eMhj9l2Vna5He_wwVIrZRysF89slzD6pQh9TJueWEwT4Kwp23p3iDFgPbi1k8VBZk45QnqHV4oepZ6KJtJnGI2rEDUxR5Z_q1UbQiWSdai4bIb5WtXUCgV08AA8nrihSSUZh0XdhGLIei2YQoEiaaGpSy-yOojFz7keaMdiftAsJx6P5rGhWVupbhlEh83Hw0B0TJ8qN2474e_7ExNBhRMTdn_aszkbNDUe4_txwQhull6V3Qrv3cP-1ZmaPsQUtpP5PUFsv-ZzdFaAdyMcztXycwygG6f_5ym_7vbMRVyxlIVNYv9x2sgP7eZ22iYy8c7eb_qJlTdtP7xy2n7m8X2wxx8m22Y3WcGDGcsEEh3BfXvOpBnTlCxEIUoMSMjy3KCLDSGE4egkvnI9FfeqgGvlDsIVymGCd9mrF-YcdeM2rPhodaZ29MivHg4hE9diadageYgh-wWjtrVDhXqTVfdxaYCaOQV23Qvxo0ste0dJOIh28qrZsK9tmtQ_UNDEd008eYXLI442459JU_uN9ecUDx-05i453RONF_E3v16HptbvSxmTjSabZceg7szIlQfJgvGdCrEQ0Q1ltyCBQ1dSvoQ-JEkSTeiWFbJo_mYB9i3dK4D-1CcCH1SRzaE9mJQgNcyKU7ipDX9TPvXm5C8AbGoGHXhXhQvdclRkMtLl7X737JO2VaB5ddDQmJoDSIt8dzfiCwMwZx35jTJqNw-AeWsvK2Irc_JaiO3Kc2ThQjPJcWHy---MHSZAH0Vcz3FJYiemLPV9_IU3_c3sWqRA6ZpN_fHMejls6an0rtePyQ4TYbPIgd3jTyy1PKrZLDBPHo9M42TB7qilqcAJ0k7crUQ4NkodHjjEy5w-YV_BRlS-CCVoogC8gCencBlMoxHO82UkfNXUbrTpH8xiolDmx5eCqLhLGQYJibs6hgcZRzWBm88XJ16HmGSuPNUpT8Yu4zttfLJZ0o3yd47Kk8KPLGx7MFvdKTXGY0atTytgiqpWHuxnkFpf0DuiYvymDePZ-zOAcChw_9Ej8CIXuvxYkrCdZBO9neDKRQPaLzP48dCHTwhp8rbcaEWaekVoi2OYM6GxaiGq21xlIRmwJ8a2Le-IwTfIoyh_81YtW6t6zBpslmbHRRPWAQC-s8XKnYAjt7L-JrUW4rqc8p8EbERxJeaNd0LH_aOxtmXGl01zvPjgNISz7Ou7L4NVxFtRtQEkhSYq9RhIN8U46ZrJ4o_7hWbiQT7owTcaDmUh1tJKsXDQxNvG1gKaIno2eP0mwKpz5eqAtOgDwmq6rrSWAxQpP3TXiT2I-r7FYyfMUe8KNEArNtrFP75xG-UmUhGsLA-y_6aN1X5lnHiyq5ZlSUZBwuLdQ-5-xb6fN0rRb5fHoyh13W2g1zX2e0OB8SufQvO0ye_R_dw6ci8YUp_26V-0Ju92o-i_gPliuWVcifki3Ue0miyxAjAkjRthw5L0PDEWZd_GIv2Wa2aHW-UMJ8XZW3jvdj9a4KqOVNl6MoDGlo6On2P1rQftA8zIbxvcYGBaq73ZFbBF3DTPTb-y8RTSoENDm3BnQDEKbwR_s-Djl84LuzxTFiIypdK1bupEsTpKDhTGi6KU9Tc2zE7Vff58INnDW2LRFm6knvzMXuW4CvaB29lrEkYx5TusZtYcNeuiafgbbiKRMZ2qFZbChXFgOjJiIUYJfUkad7FIqF1nEGoNCRAz85pD_nR30-PmhS9gka3Yqk0klOv8I-ihlwoY3TgHPlXHdjrPyuXLCd3udNzfqB-8AzVkIx2xqC4G8Uec6KihGnUPknKVKv8B7qJ_2XnugxiA1AdlukLAyQBr_fbvxTRE-wUoPeiaLsDDCq_cHyEg5pp0ISrKMhbt0tPrxrklMKm0mHMFsro-Ai7qiba-2UfX4p_w8XKfss1bAY82hSn_Ep-lLmm7IFLUbePaEgoTfofUslwhMlFuFTGgm3_bm_B5nVbscgEAUx0qhAjTuZoMYgNZY1iNrQDB2a8B5ymo8R7zFkUbt4MEDBNOAqifh9k1XWp0HXtBq9HMR_QuElHZ53Zg-EvrkGzn-gvwqD_RvrrGAHuyWm3HaI9seWjq64SGu-R5ZBl3I7xaekKWyd4hUdz31xvXEF-iXpK3zyMfkJmytYb2xTGmaZzXVxzNsjZcqaitsrs6ZE1-Ht3L-P28TOyAr9JB44fQSMTqthdjrzKqd7Zfab_F6KjSGQ-iCqtqfHbKa0BlXhE7ceT_staktSLNFnq375ywtg74Qc90IF6XVDznyIoXOeZTjDLDnoumbN8EKaogmjbQJe-NwZJk_UKVj6w4nvRkrNXdsZhS6AaZoTvWlYAcU1zcboQp4Qofz_o4_KV6eaS2HXAvyMscEJouEjqpGRRCybNGAWZgOsNnlzDXeSNS04QDWDioRRr1MQ6V1QF6VbGAMXEcMqjvSPjsDiupf7YBLvzcacDRi-N0iwD-b4tCPzD9ezRrPgf76OCkyX39RrJRBALCyWzcKcjwJeJB_w9wT5uSxxF68Rz48y1TtYw58D3nPDIiXL3g_yoUqXh1-Ja032tSz8WmFrn1u8HJdkN69c_fx50cZvIhzqeV0rDbA0GdwgJdazEs32d7ZE9vWLOH6c_FXj7lvXJ4rH-KuI5DpDXN8vO3Po8gERuJRoCTkdvZexg5hA2of2C6qvrDozeZDbLVI43rEGQPCZx4D2c9ppnlkMTjtS6abbxLtweT7pVsRtYDMX8PY1v4ke5Jh8DGEKvpaeR9ubtfdC-MSLmLlJ6gczK6a13womilI9nGs_42jDWQiVt5oW5RDcc3blAbJUoFznk2KaXiNhEb5nyKAWf9Gj6xzmT1OhoWYQrP_c7y7cVew0xPoFi4s8cKxvYFJgrptHuDeHZMBGPHprZeN2VVH67sK1dLNMwqh5U6EpbRNWzZCo5UPY0OGiCC9E-lXw6zYQ9vB1HnNsKXahvR_lyan7eJXjs-cxdP6k19nA-tVbjTs2hARZe2tOLe0rJ7wnuId8by8WJEjz6q59wRLAC3YJ3pWSjMowWmZcKg8QZ68wLwFQZA4UnxNTaoNTLkd_QG0Am7CbPEC1jQNeJatNxbHWbuPvh2u-4NwPnU5g4hAXKFmIUriexCp5E7XD_f1jPX0fAXguSxFX2qDwhW71peKuYKWmv1ROTok2d0EuO4vU6xxBpvoouCkBx1dmbmfOywVngb3kSaOIrQ5yEmUyIJ1B6YVF6doHle3LTguI-5mA400BZY6QMUlPfni2xrOmyoc09eSBVZUNpzG2ewkhMg9zccaxX7ifG-r6e0yLRS4J-DmSc7Wd4M97Y9i8coBRQs9jT44BHrO3axHcQm0yZfDj41T5kDIvd59bghOA53CAQwqTx22G0wZUpHF9sxNCnP0sVa4mJGsk3UBm2eRB8ubKzHMBY_xg7YqqPPYhh_RZv1r3kXlIwasoVjhBuAkJZTn1nfZ0Depwt6mz_Va57q0Kt3KsavDX-pQT-oKb3bFcgcirIt65r9Ysg7e93oNtsIONUUCO5CqbQRhK6BoRhwSWPYqYeZXsN0DR5T3wQmyStxdlSI6OYvXCCdxympaedL3y9pKphHoWU8lIUNFjdYT3qErcfJeg9Mjctcc-L0AFwSMsQKcCO6nRoI0Lt615nRZsadxOVeQOOQZBcIFczPfP_slPnUH5E7EhdLMB0qTgJw&cid=CAQSTADICaaNprOdktcOGjqltSMCgj6TGK4dVYy4CCRGFx_6OKmVVmSmE1JtqjkSnmyOk8vwn5EoMJ9iRaykk94kpf5MNad0zXenLZ8WmPMYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&ds=l&xdt=1&iif=1&cor=291390578648600770&adk=2086295851&idt=91&cac=0&dtd=23

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef298acaf2b380e09625c3bae9c59200a838fc3d75a144a422b271e2c48bef36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12393
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/685625985474656849/ Frame 6BD0 28 KB
5 KB 86ms
30ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/685625985474656849/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83580e8f0861084db39e70791515e4df9870cfa209281a8ae9349480c5e0a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 355165
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5445
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 20:42:10 GMT
expires: Tue, 15 Oct 2024 20:42:10 GMT
last-modified: Fri, 22 Sep 2023 12:31:45 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 49C7 0
0 190ms
89ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssNDAPRGQcO1pD6W5ZApSHGCnIZDeIofZi8OPf6IHyqSxeC1bT-ZrjH1ae6K6sye8pqM_A0ZyE_cA9E5-EwbaP4-F_S6ZvTYngVTgd-qF2g6Xf_AjJ0_7Im0R1ot2MLe7Nsohl7fTn6FgvhR2syabhjCNkCP7kLagmtkqjR0Qwe7HrtkaGi5ycd_If96OLf3BNmcBkxNkUO6gaM3kraVeiJiwMOTM3qMGU_EzZYuvQjnk-HmRhLoxZW4vghQzweov3twcn6EzuKhuNDMW9uN-YctV346kk9tWe8OXqWJ6cn6cdSOj_B4F4q3_dUPMyPVAPlYKq6vcujF4owDBDWZLrUEw3YlTDw7R13gM7t2i8o_RbQf2TqSFZpg6GbSoyO_mb8DPrgvxiRxCwQAEMtmUCyavWoDgO3o_4o50mYmu8FkhqsqPhE7f2ihICYYbzT0VAJtXC4lb0aYUzt1w8uok_KT0rA6Pa6p5SsN07Bo3pukwPXJRH0-HnHSZO1EyCcZKjJV0dVxRkgUd6OvU2x4UMZu_LeuUUxCOzyvLY50S31FANxJOZVGQNhKivJcFnHhth-jNFqfTMMnbzCHUtQG9-vll7Bpo0g49aCWDAugTRWyCGB8AWRIS8zxLo2jH-OL2Wq0rygykqRJp0cw2o4BXK186YIkXbP_ywLsNhuKoswhShLWapSXqRq4mNfqPOpO10nvXSflqJERZDxV_JL69DoQIJ-vdTUtyPB_k9jjH9STBjKbfWTK30RBiSogsaBszobRrS9xphqUmzG0WZzDlsBIBVsc3cYciDKpZF7_oWGsQ5EtmXcFt2vDZJbWN8kgYsl6hkixJqYEmv0a0ghpdo7j13SHbmEK0YeAGA30EEOD21SxwVfIb7rqtcFgWmKlscfZkfMV7rVoJYgb_ZsAoMx1LfU2k7wYtPpni54AEnWxOBFXDaF_v2A8RACcOXGlgGtMMmZamiN34luwYtt8nsK2FX9RYRhNySmZsKi6RvFxKPltIrkcFIrMZBZ_TGZSY0GpGfZpjVtpi3-KN-BFfkTb5d6Fk6-mcXOPlQx8xA_xp2GViOureGSdH307CETV3AmR1JAuS2F9e2XjN4VBzVaQk1ELEUeSdB5xetVA5NJqjjaQQAK5T4lugSDWQ4CShkHCttElENWH_zhuxl5Khu8tauL3MD_QlIWFpBk59pQlKGyUQ4wsveR9Wl-sIt-OWgO87BTgJUQVk8DeIp_bnrxVqyTjUq9IkEKhcHXPv6lOqvchQVtXnFuXxucssjk9BkS-6wIKeIOPfNckGOeZ71_o1rwUFn78Zrx-PmRZM1dTC41HwGfnZBWPpF_4jiWjleMLL65uyp-yYAIEOQfYlLcGjQAtVsS_Nhf7vrVbs-xvyam0tK0WEIc1qZerri5YW1YaGPaCB7F2b0yV7hUYnfYjZHnIOzRr6qARD7xkMvWOYuqFaD7i9poubW1BdBvG0_fNPLoIIGa2jGY6DtMYSjjva7h0AqrKDYcGpaBSJ3gR2CN8UoMyHV9LQ&sai=AMfl-YRmVnNsOIyuorvFzUJ_qnVqz8nXIvZyVyW77zd2qVbUX3Q9cGb6Brdh_61uBU-4WdasQYGyuW_IL53DSERDvHjOzBFJgdzBRX2pVOZzFysceFrwfkHDBLw0pXTRWq0hYl2XxJAaCccsoBTmaNv1dMurOurAtHkcZ11d4--DnMs_c5xiGF3qyF6F0vRz2_jAUi_w6TsuAjcfQOBeW7T21uNiH1qrS3wq7xonNSPTSTZjL0mbwNhzPJ8CbW8a_T3cXr3PnURtJwv36KH0TIwEkJedsdr3jlmnfaRMlHtKWB3G1Q_PxLWimqdO1nWstCoALJkIgdb6gqvWaouQ4i399gGxslMAuYjEqLNBEyzGsNu9qSrAe-FxEejjfLUyNPb29n-6WVMOsQy2DQojnHNIo06o9MIfm6x3MdGbEIU2vE4ioZrabAs8zdbbWvPgl2Nhmav9gq77zwQVTVL_UmMDddCIQ-P6Y6WEXpU2TWRM5_Isy_Y&sig=Cg0ArKJSzHiohvS7_gxdEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=178&cbvp=1&cstd=174&cisv=r20231017.43225&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 20 Oct 2023 23:21:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 0717242f3acd4935e3ae22056ad67479.js Show response
s0.2mdn.net/sadbundle/685625985474656849/ Frame 6BD0 132 KB
37 KB 34ms
34ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/685625985474656849/0717242f3acd4935e3ae22056ad67479.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/685625985474656849/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a9baaa810bce026c3eebe92d3e06dd30ce107f8acbd02edc127433f03f619d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/685625985474656849/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 02:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162202
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38353
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 02:18:13 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D5B2 41 KB
13 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C29erh7GBiJ2T6-STf3vLvGXrP7j5eTJMwyPglnDZiB0Use3_P3e2e0DKxO7kSA7iqzqnh0qa0fuUGd1z0ss4mG6Zy7n1UNItfobzMejp4WyL5UlHsH7ONKcV17-QXTz4mzwvE-YjYy3q6bdu_Mc3S9hhHifjMLhDBc5ss91viPpk38cA&cry=1&dbm_d=AKAmf-CrYVTJvWHMuRr7RRBZSSUwGpmPEY2SC2jGzXI2L7k_TRuktFcSTpDy9r2u8lkm2HX_kM2HYaqFseiwmrC8lUEk-8ftxNAqmKFJE6RGlqraQZmSg28BWNLgykIU0USdx3KFfkHiLW8KfuMlzZaAqgvLZYawevPaWmkJlGDSRwH5WVesz18tGDCoBJ1xZ03EJbQ0P8e77OpqF70LG8KQxFuccuQ-KRsJpdPuJQfnr3bkzEEvRI-y893QTcmCZ0RwIe_izS86dUdm53BogqGLJ3HG_XNKZHUGQJkeQR4k3rHdD0d-0Vgq3xe59cMp0_J6OgV4rXnmxppvsPbsvKNJCT-kRMJbMX4fFnD339jUgq1AO7UJ_MSGdZO8zcv31O1Q3F4h5eJpN2uOuKEs8RILB3YPqYX4R4ZvHMTZNscUDISpU7sI3s9gucXIgJNENC-CsxOGycG-tPA26okzzGr6ODOw_sW0aZc0yFWoLv6tXVj2nW3yE-1Z9kk6LMmEGovGfS_vmWHdPQFtEcEXUHZhy6bdvFIB5zYYb5K2QRnjYTSkd73x5SjQLUOUpqi9FOh5XyQj3ACiffPHC5h0fMfiZtk-WCePdldooYjXwaTyAeq30TnzJ74j6rO-Cc5yVkNNOstCkkuumxSJ_MMUIt06BY6NimxhAi943WoRMe2gtIUTF21eMhj9l2Vna5He_wwVIrZRysF89slzD6pQh9TJueWEwT4Kwp23p3iDFgPbi1k8VBZk45QnqHV4oepZ6KJtJnGI2rEDUxR5Z_q1UbQiWSdai4bIb5WtXUCgV08AA8nrihSSUZh0XdhGLIei2YQoEiaaGpSy-yOojFz7keaMdiftAsJx6P5rGhWVupbhlEh83Hw0B0TJ8qN2474e_7ExNBhRMTdn_aszkbNDUe4_txwQhull6V3Qrv3cP-1ZmaPsQUtpP5PUFsv-ZzdFaAdyMcztXycwygG6f_5ym_7vbMRVyxlIVNYv9x2sgP7eZ22iYy8c7eb_qJlTdtP7xy2n7m8X2wxx8m22Y3WcGDGcsEEh3BfXvOpBnTlCxEIUoMSMjy3KCLDSGE4egkvnI9FfeqgGvlDsIVymGCd9mrF-YcdeM2rPhodaZ29MivHg4hE9diadageYgh-wWjtrVDhXqTVfdxaYCaOQV23Qvxo0ste0dJOIh28qrZsK9tmtQ_UNDEd008eYXLI442459JU_uN9ecUDx-05i453RONF_E3v16HptbvSxmTjSabZceg7szIlQfJgvGdCrEQ0Q1ltyCBQ1dSvoQ-JEkSTeiWFbJo_mYB9i3dK4D-1CcCH1SRzaE9mJQgNcyKU7ipDX9TPvXm5C8AbGoGHXhXhQvdclRkMtLl7X737JO2VaB5ddDQmJoDSIt8dzfiCwMwZx35jTJqNw-AeWsvK2Irc_JaiO3Kc2ThQjPJcWHy---MHSZAH0Vcz3FJYiemLPV9_IU3_c3sWqRA6ZpN_fHMejls6an0rtePyQ4TYbPIgd3jTyy1PKrZLDBPHo9M42TB7qilqcAJ0k7crUQ4NkodHjjEy5w-YV_BRlS-CCVoogC8gCencBlMoxHO82UkfNXUbrTpH8xiolDmx5eCqLhLGQYJibs6hgcZRzWBm88XJ16HmGSuPNUpT8Yu4zttfLJZ0o3yd47Kk8KPLGx7MFvdKTXGY0atTytgiqpWHuxnkFpf0DuiYvymDePZ-zOAcChw_9Ej8CIXuvxYkrCdZBO9neDKRQPaLzP48dCHTwhp8rbcaEWaekVoi2OYM6GxaiGq21xlIRmwJ8a2Le-IwTfIoyh_81YtW6t6zBpslmbHRRPWAQC-s8XKnYAjt7L-JrUW4rqc8p8EbERxJeaNd0LH_aOxtmXGl01zvPjgNISz7Ou7L4NVxFtRtQEkhSYq9RhIN8U46ZrJ4o_7hWbiQT7owTcaDmUh1tJKsXDQxNvG1gKaIno2eP0mwKpz5eqAtOgDwmq6rrSWAxQpP3TXiT2I-r7FYyfMUe8KNEArNtrFP75xG-UmUhGsLA-y_6aN1X5lnHiyq5ZlSUZBwuLdQ-5-xb6fN0rRb5fHoyh13W2g1zX2e0OB8SufQvO0ye_R_dw6ci8YUp_26V-0Ju92o-i_gPliuWVcifki3Ue0miyxAjAkjRthw5L0PDEWZd_GIv2Wa2aHW-UMJ8XZW3jvdj9a4KqOVNl6MoDGlo6On2P1rQftA8zIbxvcYGBaq73ZFbBF3DTPTb-y8RTSoENDm3BnQDEKbwR_s-Djl84LuzxTFiIypdK1bupEsTpKDhTGi6KU9Tc2zE7Vff58INnDW2LRFm6knvzMXuW4CvaB29lrEkYx5TusZtYcNeuiafgbbiKRMZ2qFZbChXFgOjJiIUYJfUkad7FIqF1nEGoNCRAz85pD_nR30-PmhS9gka3Yqk0klOv8I-ihlwoY3TgHPlXHdjrPyuXLCd3udNzfqB-8AzVkIx2xqC4G8Uec6KihGnUPknKVKv8B7qJ_2XnugxiA1AdlukLAyQBr_fbvxTRE-wUoPeiaLsDDCq_cHyEg5pp0ISrKMhbt0tPrxrklMKm0mHMFsro-Ai7qiba-2UfX4p_w8XKfss1bAY82hSn_Ep-lLmm7IFLUbePaEgoTfofUslwhMlFuFTGgm3_bm_B5nVbscgEAUx0qhAjTuZoMYgNZY1iNrQDB2a8B5ymo8R7zFkUbt4MEDBNOAqifh9k1XWp0HXtBq9HMR_QuElHZ53Zg-EvrkGzn-gvwqD_RvrrGAHuyWm3HaI9seWjq64SGu-R5ZBl3I7xaekKWyd4hUdz31xvXEF-iXpK3zyMfkJmytYb2xTGmaZzXVxzNsjZcqaitsrs6ZE1-Ht3L-P28TOyAr9JB44fQSMTqthdjrzKqd7Zfab_F6KjSGQ-iCqtqfHbKa0BlXhE7ceT_staktSLNFnq375ywtg74Qc90IF6XVDznyIoXOeZTjDLDnoumbN8EKaogmjbQJe-NwZJk_UKVj6w4nvRkrNXdsZhS6AaZoTvWlYAcU1zcboQp4Qofz_o4_KV6eaS2HXAvyMscEJouEjqpGRRCybNGAWZgOsNnlzDXeSNS04QDWDioRRr1MQ6V1QF6VbGAMXEcMqjvSPjsDiupf7YBLvzcacDRi-N0iwD-b4tCPzD9ezRrPgf76OCkyX39RrJRBALCyWzcKcjwJeJB_w9wT5uSxxF68Rz48y1TtYw58D3nPDIiXL3g_yoUqXh1-Ja032tSz8WmFrn1u8HJdkN69c_fx50cZvIhzqeV0rDbA0GdwgJdazEs32d7ZE9vWLOH6c_FXj7lvXJ4rH-KuI5DpDXN8vO3Po8gERuJRoCTkdvZexg5hA2of2C6qvrDozeZDbLVI43rEGQPCZx4D2c9ppnlkMTjtS6abbxLtweT7pVsRtYDMX8PY1v4ke5Jh8DGEKvpaeR9ubtfdC-MSLmLlJ6gczK6a13womilI9nGs_42jDWQiVt5oW5RDcc3blAbJUoFznk2KaXiNhEb5nyKAWf9Gj6xzmT1OhoWYQrP_c7y7cVew0xPoFi4s8cKxvYFJgrptHuDeHZMBGPHprZeN2VVH67sK1dLNMwqh5U6EpbRNWzZCo5UPY0OGiCC9E-lXw6zYQ9vB1HnNsKXahvR_lyan7eJXjs-cxdP6k19nA-tVbjTs2hARZe2tOLe0rJ7wnuId8by8WJEjz6q59wRLAC3YJ3pWSjMowWmZcKg8QZ68wLwFQZA4UnxNTaoNTLkd_QG0Am7CbPEC1jQNeJatNxbHWbuPvh2u-4NwPnU5g4hAXKFmIUriexCp5E7XD_f1jPX0fAXguSxFX2qDwhW71peKuYKWmv1ROTok2d0EuO4vU6xxBpvoouCkBx1dmbmfOywVngb3kSaOIrQ5yEmUyIJ1B6YVF6doHle3LTguI-5mA400BZY6QMUlPfni2xrOmyoc09eSBVZUNpzG2ewkhMg9zccaxX7ifG-r6e0yLRS4J-DmSc7Wd4M97Y9i8coBRQs9jT44BHrO3axHcQm0yZfDj41T5kDIvd59bghOA53CAQwqTx22G0wZUpHF9sxNCnP0sVa4mJGsk3UBm2eRB8ubKzHMBY_xg7YqqPPYhh_RZv1r3kXlIwasoVjhBuAkJZTn1nfZ0Depwt6mz_Va57q0Kt3KsavDX-pQT-oKb3bFcgcirIt65r9Ysg7e93oNtsIONUUCO5CqbQRhK6BoRhwSWPYqYeZXsN0DR5T3wQmyStxdlSI6OYvXCCdxympaedL3y9pKphHoWU8lIUNFjdYT3qErcfJeg9Mjctcc-L0AFwSMsQKcCO6nRoI0Lt615nRZsadxOVeQOOQZBcIFczPfP_slPnUH5E7EhdLMB0qTgJw&cid=CAQSTADICaaNprOdktcOGjqltSMCgj6TGK4dVYy4CCRGFx_6OKmVVmSmE1JtqjkSnmyOk8vwn5EoMJ9iRaykk94kpf5MNad0zXenLZ8WmPMYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&ds=l&xdt=1&iif=1&cor=291390578648600770&adk=2086295851&idt=91&cac=0&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 18:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191932
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 18:02:43 GMT

GET
H3 200 haGPP_0CJBcyoIC77JmqOENAYvSBlehBq1K2FQ7lO6s.js Show response
pagead2.googlesyndication.com/bg/ Frame EF97 37 KB
14 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/haGPP_0CJBcyoIC77JmqOENAYvSBlehBq1K2FQ7lO6s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85a18f3ffd02241732a080bbec99aa38434062f48195e841ab52b6150ee53bab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 03:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14722
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Oct 2024 03:15:22 GMT

GET
H/1.1 200
OK vjdy8w6hewcq Show response
hal9000.redintelligence.net/zone/ Frame D5B2 12 KB
4 KB 161ms
51ms Script
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/vjdy8w6hewcq?subid=&gdpr=&gdpr_consent=&rnd=1697844095404487&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQGxCfwszZYfYGInE7gOgzpXADablvaBplZOcp8kP8C4QASDWzrdOYJWSoYKwB8gBCakC0I9ASjzGsT6oAwHIA5sEqgTNAk_Q9Um1bsz7vH6dHWUWDc2EFJn1XDQ181HZi_iTLKqpqMTfz2xbTqHV9-0w9vQ-7OAhXczeK9jgdzFUobJ5c3x-5Nn4UVqxvUEXfGnEaZFqxDb8CLBjNgw0oRFEpzrvkub9Leo9fsz8FLw1YudEMgfBsnISAy5t7ogWbQDJvf-xX8tYpK9KAQ-QYXSXzp_d5GdBIsYXg3pGrHE5OgzAUTgfprnfQXtddYLHB2kYCchWaKMMhp-A-Yi9jIYNRMY0GPXIMbZxxWu17XDe_H-kAVTlKo10nVu2_VaaRE7UurnIlAYYDLnbnG4UJ58hZgTkCtkLOmInW0g0T84GFiiugnvsnhU1gIRA0DoLt4ulM4jJsj32Bvki5CJZ9TErV1jOuoGOAboe-1A24NudPfeCeD9m1LuApdlp0yqSEi7YSFqxZeDxXVzXWqx5cCnUGcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tOTEyMzk1MDE0MDEwODg1NoAKA5gLAcgLAYAMAaIMDCoKCgjktLEC7rWxAqoNAkRF4g0TCLSpr5HihYIDFQmiewodIGcF2LATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNprOdktcOGjqltSMCgj6TGK4dVYy4CCRGFx_6OKmVVmSmE1JtqjkSnmyOk8vwn5EoMJ9iRaykk94kpf5MNad0zXenLZ8WmPMYAQ%26sig%3DAOD64_2mb2iE-6F5ON82C2UNMXSzdus5jw%26client%3Dca-pub-2845463438153782%26dbm_c%3DAKAmf-CwFznSN1WN3mVWHdDm9xxwqRmwLngXB6VDdlOGbQWx_AVqZqamuQiDUiFn3aITfQNoMM3INAz_JyTmznhOk51LBlAJIQaXtDbZCfCuymCgZHMq1gdlq5co-GSF0HJ2vaX9KwhsxFjbVgMKlNx-8QUTEW30uMLfX_aCnW1Wr13WVSh7uGY%26cry%3D1%26dbm_d%3DAKAmf-DOEVfxVBb8Ygej02ECbDDmsQ99Tr8emsQS-7nof_gl6oyMQedl1X2VJzlKreFNozUOQpHbw3niU4A6bSKxelJ89F-98_9wy3ijojwR9dF69GpoH1K29D0OC3yDseyHuJrbOXh3i_RnESfoQnpRtKDy3mE59tvmVHCurad3RzvB_vMUa8rkH00utNmznr9NPSw08DLOllIByhRbRCZvvfNnk68qWCAxFBU6jrhY82iCwqz6k4FCvFAs29Jz1lo6ZY90fVJAr0ARceJ4vI8VzIGpJFB0UYPi6Im_slJpfMrLnZ-QF_p0P3ceDPk80o0LX1ayh2b7_mPHDxVXYG9OnGlBgV-kZpf0vbC7fcOTvLF3i26BVjZLctrmdAq5ccaxmlBF8JhFywOLXOZhrKBfaOYjT1Kad6Vq-iCduARqPKFwT6sQCP3CkBHivlee0TVdXgJrQDO4EyUqMzs94YQ1GthFxIptlkf4HjVn8z8kd_oQxpzeUK__YAvVIxqFxp6FiS5QXACBVDClO4x51WXvWPKHlsUCPKVMPmjK--nsSOzAs5VeiiTHSU6EkH1TZ8hVDqxdKIJW%26adurl%3D
Requested by: Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 9c450f299585c47abe1acfd7a1d6ceddd1614b6670005a5bf45aae1135b3661e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 23:21:36 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4338
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310061803000/ Frame 4190 196 KB
55 KB 35ms
32ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310061803000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e34104800b8b7644a2d64c2816157a532e0be6adf06925aa572afdeab8992fe2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 18 Oct 2023 17:06:52 GMT
age: 195283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56106
x-xss-protection: 0
server: sffe
etag: "6471d1057e0de0bf"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Oct 2024 17:06:52 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310061803000/v0/ Frame 4190 15 KB
5 KB 34ms
31ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310061803000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a7eeeb8d2863980375bd8e690639e5d3826305376ac7aa3988c65778b860852

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 18 Oct 2023 17:06:52 GMT
age: 195283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5216
x-xss-protection: 0
server: sffe
etag: "c5e6042816070d0a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Oct 2024 17:06:52 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310061803000/v0/ Frame 4190 95 KB
28 KB 73ms
67ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310061803000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d21ceb851783799cb96a8875271866118c846e43e44567a2aee4d8a8b3a5ae68

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 18 Oct 2023 17:06:52 GMT
age: 195283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29020
x-xss-protection: 0
server: sffe
etag: "9aef0fcfd5306f20"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Oct 2024 17:06:52 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310061803000/v0/ Frame 4190 5 KB
2 KB 72ms
65ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310061803000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c8432058aae2047bf8e033cf675c25cbc7f476af9d719b0ff19962237b523f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 18 Oct 2023 17:06:52 GMT
age: 195283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1918
x-xss-protection: 0
server: sffe
etag: "d9a3fbf21fc2b678"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Oct 2024 17:06:52 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310061803000/v0/ Frame 4190 40 KB
13 KB 80ms
74ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310061803000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c60c296b3472130b7ace33547b38bc4f2107658891ad3fa6d39b181eab916cc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 18 Oct 2023 17:06:52 GMT
age: 195283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "16aa7f89b2c84c04"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Oct 2024 17:06:52 GMT

GET
DATA 200
OK truncated
/ Frame 4190 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 202b69df205eb7c43dc61c090c6399f7cc300335f362d90744593d98a1e3498a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 16741971402763865138
tpc.googlesyndication.com/simgad/ Frame 4190 27 KB
28 KB 40ms
33ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16741971402763865138?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmxKzFracS7NLY9y8hwi83TLXNyxg

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7bb958205aa3e2395e8ef5443b24f95d27884dbd0603dd6faaf4970e6b4201f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 14:45:44 GMT
x-content-type-options: nosniff
age: 376551
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28143
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 14:32:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Oct 2024 14:45:44 GMT

GET
H3 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4190 3 KB
3 KB 39ms
32ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 20:41:20 GMT
x-content-type-options: nosniff
server: cafe
age: 9615
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2886
x-xss-protection: 0
expires: Sat, 21 Oct 2023 20:41:20 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4190 344 B
368 B 37ms
30ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 06:58:21 GMT
x-content-type-options: nosniff
server: cafe
age: 58994
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 21 Oct 2023 06:58:21 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 229B 22 KB
8 KB 35ms
34ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 83940
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 00:02:35 GMT
expires: Sat, 19 Oct 2024 00:02:35 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/685625985474656849/media/ Frame 6BD0 1 KB
642 B 40ms
34ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/685625985474656849/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/685625985474656849/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/685625985474656849/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 08:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141053
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 08:10:43 GMT

GET
H3 200 d1df1f2fba322c8cbdd32b9e0f7bc627.png
s0.2mdn.net/sadbundle/685625985474656849/media/ Frame 6BD0 10 KB
10 KB 44ms
38ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/685625985474656849/media/d1df1f2fba322c8cbdd32b9e0f7bc627.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/685625985474656849/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c464c8fe534e1979c2656dfc7f5849499c7829f23d55e9f348baa52fa2eaf93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/685625985474656849/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 15:10:28 GMT
x-content-type-options: nosniff
age: 115868
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10127
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 15:10:28 GMT

GET
H3 200 901066d6a068abae473621f270bd1026.jpg
s0.2mdn.net/sadbundle/685625985474656849/media/ Frame 6BD0 5 KB
5 KB 44ms
38ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/685625985474656849/media/901066d6a068abae473621f270bd1026.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/685625985474656849/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

374dc66429a5d3fabb947be8b237a02f525595f5a9c3170e4a755e86a89a2edf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/685625985474656849/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 12:55:07 GMT
x-content-type-options: nosniff
age: 123989
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5142
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 12:55:07 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/685625985474656849/media/ Frame 6BD0 5 KB
3 KB 46ms
40ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/685625985474656849/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/685625985474656849/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/685625985474656849/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177619
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Oct 2024 22:01:17 GMT

GET
H3 200 ibm_plex_sans_500_normal.ttf
s0.2mdn.net/sadbundle/685625985474656849/fonts/ Frame 6BD0 173 KB
80 KB 38ms
37ms Font
font/ttf 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/685625985474656849/fonts/ibm_plex_sans_500_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/685625985474656849/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/685625985474656849/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 02:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160103
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81411
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 02:53:13 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 4190
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

34ms
34ms

Image
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H3
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Redirect headers

date: Fri, 20 Oct 2023 23:21:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 49C7 0
0 80ms
79ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssNDAPRGQcO1pD6W5ZApSHGCnIZDeIofZi8OPf6IHyqSxeC1bT-ZrjH1ae6K6sye8pqM_A0ZyE_cA9E5-EwbaP4-F_S6ZvTYngVTgd-qF2g6Xf_AjJ0_7Im0R1ot2MLe7Nsohl7fTn6FgvhR2syabhjCNkCP7kLagmtkqjR0Qwe7HrtkaGi5ycd_If96OLf3BNmcBkxNkUO6gaM3kraVeiJiwMOTM3qMGU_EzZYuvQjnk-HmRhLoxZW4vghQzweov3twcn6EzuKhuNDMW9uN-YctV346kk9tWe8OXqWJ6cn6cdSOj_B4F4q3_dUPMyPVAPlYKq6vcujF4owDBDWZLrUEw3YlTDw7R13gM7t2i8o_RbQf2TqSFZpg6GbSoyO_mb8DPrgvxiRxCwQAEMtmUCyavWoDgO3o_4o50mYmu8FkhqsqPhE7f2ihICYYbzT0VAJtXC4lb0aYUzt1w8uok_KT0rA6Pa6p5SsN07Bo3pukwPXJRH0-HnHSZO1EyCcZKjJV0dVxRkgUd6OvU2x4UMZu_LeuUUxCOzyvLY50S31FANxJOZVGQNhKivJcFnHhth-jNFqfTMMnbzCHUtQG9-vll7Bpo0g49aCWDAugTRWyCGB8AWRIS8zxLo2jH-OL2Wq0rygykqRJp0cw2o4BXK186YIkXbP_ywLsNhuKoswhShLWapSXqRq4mNfqPOpO10nvXSflqJERZDxV_JL69DoQIJ-vdTUtyPB_k9jjH9STBjKbfWTK30RBiSogsaBszobRrS9xphqUmzG0WZzDlsBIBVsc3cYciDKpZF7_oWGsQ5EtmXcFt2vDZJbWN8kgYsl6hkixJqYEmv0a0ghpdo7j13SHbmEK0YeAGA30EEOD21SxwVfIb7rqtcFgWmKlscfZkfMV7rVoJYgb_ZsAoMx1LfU2k7wYtPpni54AEnWxOBFXDaF_v2A8RACcOXGlgGtMMmZamiN34luwYtt8nsK2FX9RYRhNySmZsKi6RvFxKPltIrkcFIrMZBZ_TGZSY0GpGfZpjVtpi3-KN-BFfkTb5d6Fk6-mcXOPlQx8xA_xp2GViOureGSdH307CETV3AmR1JAuS2F9e2XjN4VBzVaQk1ELEUeSdB5xetVA5NJqjjaQQAK5T4lugSDWQ4CShkHCttElENWH_zhuxl5Khu8tauL3MD_QlIWFpBk59pQlKGyUQ4wsveR9Wl-sIt-OWgO87BTgJUQVk8DeIp_bnrxVqyTjUq9IkEKhcHXPv6lOqvchQVtXnFuXxucssjk9BkS-6wIKeIOPfNckGOeZ71_o1rwUFn78Zrx-PmRZM1dTC41HwGfnZBWPpF_4jiWjleMLL65uyp-yYAIEOQfYlLcGjQAtVsS_Nhf7vrVbs-xvyam0tK0WEIc1qZerri5YW1YaGPaCB7F2b0yV7hUYnfYjZHnIOzRr6qARD7xkMvWOYuqFaD7i9poubW1BdBvG0_fNPLoIIGa2jGY6DtMYSjjva7h0AqrKDYcGpaBSJ3gR2CN8UoMyHV9LQ&sai=AMfl-YRmVnNsOIyuorvFzUJ_qnVqz8nXIvZyVyW77zd2qVbUX3Q9cGb6Brdh_61uBU-4WdasQYGyuW_IL53DSERDvHjOzBFJgdzBRX2pVOZzFysceFrwfkHDBLw0pXTRWq0hYl2XxJAaCccsoBTmaNv1dMurOurAtHkcZ11d4--DnMs_c5xiGF3qyF6F0vRz2_jAUi_w6TsuAjcfQOBeW7T21uNiH1qrS3wq7xonNSPTSTZjL0mbwNhzPJ8CbW8a_T3cXr3PnURtJwv36KH0TIwEkJedsdr3jlmnfaRMlHtKWB3G1Q_PxLWimqdO1nWstCoALJkIgdb6gqvWaouQ4i399gGxslMAuYjEqLNBEyzGsNu9qSrAe-FxEejjfLUyNPb29n-6WVMOsQy2DQojnHNIo06o9MIfm6x3MdGbEIU2vE4ioZrabAs8zdbbWvPgl2Nhmav9gq77zwQVTVL_UmMDddCIQ-P6Y6WEXpU2TWRM5_Isy_Y&sig=Cg0ArKJSzHiohvS7_gxdEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=486&vt=11&dtpt=308&dett=3&cstd=174&cisv=r20231017.43225&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/685625985474656849/media/ Frame 6BD0 1 KB
642 B 27ms
25ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/685625985474656849/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/685625985474656849/0717242f3acd4935e3ae22056ad67479.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/685625985474656849/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 08:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141053
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 08:10:43 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/685625985474656849/media/ Frame 6BD0 5 KB
3 KB 31ms
28ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/685625985474656849/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/685625985474656849/0717242f3acd4935e3ae22056ad67479.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/685625985474656849/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177619
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Oct 2024 22:01:17 GMT

GET
H3 200 94b8e4ecff73b8a16c70e2331be84df9.png
s0.2mdn.net/sadbundle/685625985474656849/media/ Frame 6BD0 4 KB
4 KB 37ms
36ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/685625985474656849/media/94b8e4ecff73b8a16c70e2331be84df9.png

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

015b7e58f0c92c52619b207ea31059ade01dd99e1329e98cb2695fa1f324dbb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/685625985474656849/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 05:07:17 GMT
x-content-type-options: nosniff
age: 152059
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3688
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 05:07:17 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 422 B
837 B 44ms
41ms Fetch
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=447704&zone_id=2589306&size_id=15&alt_size_ids=16%2C43%2C48%2C117%2C159&rp_schain=1.0,1!denakop.com,10741,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&tg_i.domain=controle.diariodocentrodomundo.com.br&tg_i.page=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&tk_flint=pbjs_lite_v8.17.0&l_pb_bid_id=160fac11ce549bf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.18081858143806628
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 945781cb81e583f87424ba0f9e947942b36c1b70ec5ca0cdbf133d7ab0f60ed4

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Oct 2023 23:21:36 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://controle.diariodocentrodomundo.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 422
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
59 B 58ms
53ms Fetch 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 20 Oct 2023 23:21:36 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 8194ff811ed4bb8c-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 B
712 B 41ms
38ms Fetch
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:36 GMT
an-x-request-uuid: 17bdb886-ec58-4cd4-9cb1-5deda662ae0a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.132; 217.114.215.132; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
579 B 148ms
145ms Fetch
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:36 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
199 B 120ms
118ms Fetch 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
date: Fri, 20 Oct 2023 23:21:36 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 B
712 B 108ms
107ms Fetch
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:36 GMT
an-x-request-uuid: 5e0bfed0-68a5-4bbe-87b9-44a7d776ca7a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.132; 217.114.215.132; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
384 B 32ms
31ms Fetch
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H3 200 haGPP_0CJBcyoIC77JmqOENAYvSBlehBq1K2FQ7lO6s.js Show response
pagead2.googlesyndication.com/bg/ Frame 229B 37 KB
14 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/haGPP_0CJBcyoIC77JmqOENAYvSBlehBq1K2FQ7lO6s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85a18f3ffd02241732a080bbec99aa38434062f48195e841ab52b6150ee53bab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 03:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14722
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Oct 2024 03:15:22 GMT

GET
H/1.1

200
OK

request.php Show response
hal900011.redintelligence.net/ Frame D5B2
Redirect Chain

https://hal900011.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=fbdd289bbf&subid=&uid=d9384111d84de849&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900011.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=fbdd289bbf&subid=&uid=d9384111d84de849&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

5 KB
2 KB

158ms
96ms

Script
application/x-javascript

138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=fbdd289bbf&subid=&uid=d9384111d84de849&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQGxCfwszZYfYGInE7gOgzpXADablvaBplZOcp8kP8C4QASDWzrdOYJWSoYKwB8gBCakC0I9ASjzGsT6oAwHIA5sEqgTNAk_Q9Um1bsz7vH6dHWUWDc2EFJn1XDQ181HZi_iTLKqpqMTfz2xbTqHV9-0w9vQ-7OAhXczeK9jgdzFUobJ5c3x-5Nn4UVqxvUEXfGnEaZFqxDb8CLBjNgw0oRFEpzrvkub9Leo9fsz8FLw1YudEMgfBsnISAy5t7ogWbQDJvf-xX8tYpK9KAQ-QYXSXzp_d5GdBIsYXg3pGrHE5OgzAUTgfprnfQXtddYLHB2kYCchWaKMMhp-A-Yi9jIYNRMY0GPXIMbZxxWu17XDe_H-kAVTlKo10nVu2_VaaRE7UurnIlAYYDLnbnG4UJ58hZgTkCtkLOmInW0g0T84GFiiugnvsnhU1gIRA0DoLt4ulM4jJsj32Bvki5CJZ9TErV1jOuoGOAboe-1A24NudPfeCeD9m1LuApdlp0yqSEi7YSFqxZeDxXVzXWqx5cCnUGcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tOTEyMzk1MDE0MDEwODg1NoAKA5gLAcgLAYAMAaIMDCoKCgjktLEC7rWxAqoNAkRF4g0TCLSpr5HihYIDFQmiewodIGcF2LATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNprOdktcOGjqltSMCgj6TGK4dVYy4CCRGFx_6OKmVVmSmE1JtqjkSnmyOk8vwn5EoMJ9iRaykk94kpf5MNad0zXenLZ8WmPMYAQ%26sig%3DAOD64_2mb2iE-6F5ON82C2UNMXSzdus5jw%26client%3Dca-pub-2845463438153782%26dbm_c%3DAKAmf-CwFznSN1WN3mVWHdDm9xxwqRmwLngXB6VDdlOGbQWx_AVqZqamuQiDUiFn3aITfQNoMM3INAz_JyTmznhOk51LBlAJIQaXtDbZCfCuymCgZHMq1gdlq5co-GSF0HJ2vaX9KwhsxFjbVgMKlNx-8QUTEW30uMLfX_aCnW1Wr13WVSh7uGY%26cry%3D1%26dbm_d%3DAKAmf-DOEVfxVBb8Ygej02ECbDDmsQ99Tr8emsQS-7nof_gl6oyMQedl1X2VJzlKreFNozUOQpHbw3niU4A6bSKxelJ89F-98_9wy3ijojwR9dF69GpoH1K29D0OC3yDseyHuJrbOXh3i_RnESfoQnpRtKDy3mE59tvmVHCurad3RzvB_vMUa8rkH00utNmznr9NPSw08DLOllIByhRbRCZvvfNnk68qWCAxFBU6jrhY82iCwqz6k4FCvFAs29Jz1lo6ZY90fVJAr0ARceJ4vI8VzIGpJFB0UYPi6Im_slJpfMrLnZ-QF_p0P3ceDPk80o0LX1ayh2b7_mPHDxVXYG9OnGlBgV-kZpf0vbC7fcOTvLF3i26BVjZLctrmdAq5ccaxmlBF8JhFywOLXOZhrKBfaOYjT1Kad6Vq-iCduARqPKFwT6sQCP3CkBHivlee0TVdXgJrQDO4EyUqMzs94YQ1GthFxIptlkf4HjVn8z8kd_oQxpzeUK__YAvVIxqFxp6FiS5QXACBVDClO4x51WXvWPKHlsUCPKVMPmjK--nsSOzAs5VeiiTHSU6EkH1TZ8hVDqxdKIJW%26adurl%3D&documentReferer=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br&random=7685693624757&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 9a827819f3bcf60c50acfc3f10a8fd45bd029dd9c6d1ed876ee18b414f78e281

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Oct 2023 23:21:36 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 16421100004313004444990012484011
Connection: close
Content-Length: 1411
Expires: Sat, 21 Oct 2023 00:21:36 +0200

Redirect headers

Pragma: no-cache
Date: Fri, 20 Oct 2023 23:21:36 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=fbdd289bbf&subid=&uid=d9384111d84de849&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQGxCfwszZYfYGInE7gOgzpXADablvaBplZOcp8kP8C4QASDWzrdOYJWSoYKwB8gBCakC0I9ASjzGsT6oAwHIA5sEqgTNAk_Q9Um1bsz7vH6dHWUWDc2EFJn1XDQ181HZi_iTLKqpqMTfz2xbTqHV9-0w9vQ-7OAhXczeK9jgdzFUobJ5c3x-5Nn4UVqxvUEXfGnEaZFqxDb8CLBjNgw0oRFEpzrvkub9Leo9fsz8FLw1YudEMgfBsnISAy5t7ogWbQDJvf-xX8tYpK9KAQ-QYXSXzp_d5GdBIsYXg3pGrHE5OgzAUTgfprnfQXtddYLHB2kYCchWaKMMhp-A-Yi9jIYNRMY0GPXIMbZxxWu17XDe_H-kAVTlKo10nVu2_VaaRE7UurnIlAYYDLnbnG4UJ58hZgTkCtkLOmInW0g0T84GFiiugnvsnhU1gIRA0DoLt4ulM4jJsj32Bvki5CJZ9TErV1jOuoGOAboe-1A24NudPfeCeD9m1LuApdlp0yqSEi7YSFqxZeDxXVzXWqx5cCnUGcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tOTEyMzk1MDE0MDEwODg1NoAKA5gLAcgLAYAMAaIMDCoKCgjktLEC7rWxAqoNAkRF4g0TCLSpr5HihYIDFQmiewodIGcF2LATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNprOdktcOGjqltSMCgj6TGK4dVYy4CCRGFx_6OKmVVmSmE1JtqjkSnmyOk8vwn5EoMJ9iRaykk94kpf5MNad0zXenLZ8WmPMYAQ%26sig%3DAOD64_2mb2iE-6F5ON82C2UNMXSzdus5jw%26client%3Dca-pub-2845463438153782%26dbm_c%3DAKAmf-CwFznSN1WN3mVWHdDm9xxwqRmwLngXB6VDdlOGbQWx_AVqZqamuQiDUiFn3aITfQNoMM3INAz_JyTmznhOk51LBlAJIQaXtDbZCfCuymCgZHMq1gdlq5co-GSF0HJ2vaX9KwhsxFjbVgMKlNx-8QUTEW30uMLfX_aCnW1Wr13WVSh7uGY%26cry%3D1%26dbm_d%3DAKAmf-DOEVfxVBb8Ygej02ECbDDmsQ99Tr8emsQS-7nof_gl6oyMQedl1X2VJzlKreFNozUOQpHbw3niU4A6bSKxelJ89F-98_9wy3ijojwR9dF69GpoH1K29D0OC3yDseyHuJrbOXh3i_RnESfoQnpRtKDy3mE59tvmVHCurad3RzvB_vMUa8rkH00utNmznr9NPSw08DLOllIByhRbRCZvvfNnk68qWCAxFBU6jrhY82iCwqz6k4FCvFAs29Jz1lo6ZY90fVJAr0ARceJ4vI8VzIGpJFB0UYPi6Im_slJpfMrLnZ-QF_p0P3ceDPk80o0LX1ayh2b7_mPHDxVXYG9OnGlBgV-kZpf0vbC7fcOTvLF3i26BVjZLctrmdAq5ccaxmlBF8JhFywOLXOZhrKBfaOYjT1Kad6Vq-iCduARqPKFwT6sQCP3CkBHivlee0TVdXgJrQDO4EyUqMzs94YQ1GthFxIptlkf4HjVn8z8kd_oQxpzeUK__YAvVIxqFxp6FiS5QXACBVDClO4x51WXvWPKHlsUCPKVMPmjK--nsSOzAs5VeiiTHSU6EkH1TZ8hVDqxdKIJW%26adurl%3D&documentReferer=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br&random=7685693624757&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sat, 21 Oct 2023 00:21:36 +0200

GET
H3 200 d1df1f2fba322c8cbdd32b9e0f7bc627.png
s0.2mdn.net/sadbundle/685625985474656849/media/ Frame 6BD0 10 KB
10 KB 26ms
25ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/685625985474656849/media/d1df1f2fba322c8cbdd32b9e0f7bc627.png

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c464c8fe534e1979c2656dfc7f5849499c7829f23d55e9f348baa52fa2eaf93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/685625985474656849/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 15:10:28 GMT
x-content-type-options: nosniff
age: 115868
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10127
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 15:10:28 GMT

GET
H3 200 901066d6a068abae473621f270bd1026.jpg
s0.2mdn.net/sadbundle/685625985474656849/media/ Frame 6BD0 5 KB
5 KB 28ms
27ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/685625985474656849/media/901066d6a068abae473621f270bd1026.jpg

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

374dc66429a5d3fabb947be8b237a02f525595f5a9c3170e4a755e86a89a2edf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/685625985474656849/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 12:55:07 GMT
x-content-type-options: nosniff
age: 123989
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5142
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 12:55:07 GMT

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
199 B 125ms
117ms Fetch 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
date: Fri, 20 Oct 2023 23:21:36 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 409 B
824 B 47ms
42ms Fetch
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=447704&zone_id=2589306&size_id=2&alt_size_ids=1&rp_schain=1.0,1!denakop.com,10741,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&tg_i.domain=controle.diariodocentrodomundo.com.br&tg_i.page=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&tk_flint=pbjs_lite_v8.17.0&l_pb_bid_id=320abc4d4a7346b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.31195102225968685
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f5568566ea8d42fda194dcbeeca3422ed1fc55691e1d34667536016c41fa2019

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Oct 2023 23:21:36 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://controle.diariodocentrodomundo.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 409
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
384 B 38ms
31ms Fetch
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 59ms
52ms Fetch 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 20 Oct 2023 23:21:36 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 8194ff818f2ebb8c-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 B
712 B 45ms
39ms Fetch
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:36 GMT
an-x-request-uuid: 1adb8a42-e8fb-49fa-b9a4-ccdd947f99ac
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.132; 217.114.215.132; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
584 B 196ms
115ms Fetch
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:36 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 B
713 B 49ms
45ms Fetch
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:36 GMT
an-x-request-uuid: 7b0d37b7-260b-4f70-98bd-cdd7fa4f634b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.132; 217.114.215.132; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4190 0
0 79ms
71ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CKCc1fwszZebmIZCegAe2x77gAbunxrtuzdHqsPARZBABIN6htU5glQKgAebKgJ0oyAECqQLQj0BKPMaxPuACAKgDAcgDCKoE4wJP0Ee6c_NcnOk39iNLs0JmPjFcASwRmnmOni6BhexZVbpEJu-Zc9ydhx2mnA3lzSEyitI507GNO3kOfLpj6j9mMYwOY1p8yeNw-k9nsTWh6IZJi4DeauIl8amCu8VcFvH_TFqMRs_yNgN5cyZhyloybgjnp1bNZx2rJFYiXhG7zUDQmj056xqWCddGNqel8950zEr3AvWKrZGWrc_pmfZARRyE-WfWq_vyV_zDXAGfKCOlwqkjCYTVaRpVwbPBoZ1RSDhvDgDUfcuCm3XYIMtrFDGmOmRbr8DVyDfMY42aqF9H1a83AiqHwi28sEOeaT3mJuHVUtK2jZbGjuUOA-6KXUquUSwXKw-R4W2PikFELUIdjxaP5_1i1KSQRFU06UuCidVGEtLmzl0LxRnoSGrfIHJ5os_OiPfG07GyyVEeoZ2DYA7HpxRUj1t_M_fP055Cexk9WeBD-pgfa6hTR7rVa2FhwASD67HYuwTgBAGIBbqoiPJIkgUECAQYAZIFBAgFGASgBgKAB-aC0fwCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQ9FbSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoByAsBogwMKgoKCOS0sQLutbEC4g0TCLitr5HihYIDFRAP4AodtqMPHNgTDdAVAYAXAbIXHgocCAASFHB1Yi01ODIyMjQzNjEwODgwNTgzGM_UaQ&sigh=fOesV0ZRrJo&uach_m=[]&cid=CAQSTADICaaN4ctS3kNGNKT6P2cD8UdOSSbLLCRDhLdE2NasRFOTRxwxXUEJzGeHaTu7q_dEYLOjJ3X8Jr8dauXgj73v0cKQDk17XfTsqs0YAQ&cbvp=2
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EF97 0
20 B 64ms
64ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxVL-fwszZZXLDJGq1PIPzqSssAQAAAAAOAHgBAI&bg=!gYKlgs3NAAY5nEQaGZw7ADQBe5WfOLMHE8wpSomzjk1SmAOjzp_ag_cS0_f_YfstjWi979gyOeg3n5ZFFIDzDBAJPyIYAgAAAYhSAAAAA2gBB5kDGWHdVaM7St58WaT-KwwUwtDmXNE2Ut1MXoKukHKCPnrknf3ApMA_C0KSaiL4NAi-zuAVkQEuSNNUvKcSRmbqFnxwlM0oziS1GmejzQ9oAnq2rs_QvA5R893WImvE4bi10rQdoDZxyCGvHkXjCNyv2g5m9y9a7EmCk0pTtYq1NsKwwsWlCDDV5iqL5a1E9st1xCqIlNBnhFzxgoMGhTQq61o7RJq66YdnLvGQTxLRqKF8vQEuT0E7Ymoj5c_mpsygYkkB32mH9W7abCzZeWFbMCQcg5gIQ3VXbPgG6Niad29B6Hmoch8geef3kvN3IoLHvAVg5Vs4nRtqlGNSz25EFGmWnctftsEPWR6tZnzaUBqsIfGlCimglFerBuZ7hccWLfogOl58EOehL8jCCS_YaJ7dq12Q6dSIrq7tgBXu2FRA2uo6R-i_fO2k98xkfABEXKgMmDxbu3csLDqUQ4kU9p637GntSnas5Qqsps1cVFdfxs8wGYROLWxi3xtb400o6VhhReL-sHSVD6jXO-ToSXkh0F1zeqBadwbJ71T4Rctemynl7pHrTS8Z6TPJj9yBKPvlIMSiWrcswuvE2zhguVw47HQLT8A8YaD5LfuiKCZ1x2wEtuBYR3OmZfPPyzxVGTqBIkEpFMa7sNBWZe2gATDaSnYDtf0_XbSXJFO04HAMSzrS_tVzTQBVwyQnV7dV5l4wqFNLWwemaz1AjZXcEplqfCPLpNhFYLFaTM-Rkri1WSLI-ORZeODyv2PI2HGfaQUS4nmNyTx14N8lKacvSssfQHgRxAyM70AhhBLdoCekR4pM6AqhAFT6yO6FzyQprKogJlsx5RaEG6KlFdTgUEWOmKLA5o0QLu-EVSbVMAP8Ab88Nb5xJ6g6WqvyGWOgAYzjDsVCDKfwLpcvng0RlPXndlL8_82DGsZRbk4D3RSTmWTeu77SswsTg-MtlbnQZ5i9JJ-hBfyPouuGOswf3ILDwPl3pAzsyO86eB4px8J6OCx27tCCqJSTmxMRYriinemGJrSWeMgVcCKdAzz9ZELoFf3NYTbKp_I

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame 7822 0
616 B 155ms
64ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=16421100004313004444990012484011&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=fbdd289bbf&subid=&uid=d9384111d84de849&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQGxCfwszZYfYGInE7gOgzpXADablvaBplZOcp8kP8C4QASDWzrdOYJWSoYKwB8gBCakC0I9ASjzGsT6oAwHIA5sEqgTNAk_Q9Um1bsz7vH6dHWUWDc2EFJn1XDQ181HZi_iTLKqpqMTfz2xbTqHV9-0w9vQ-7OAhXczeK9jgdzFUobJ5c3x-5Nn4UVqxvUEXfGnEaZFqxDb8CLBjNgw0oRFEpzrvkub9Leo9fsz8FLw1YudEMgfBsnISAy5t7ogWbQDJvf-xX8tYpK9KAQ-QYXSXzp_d5GdBIsYXg3pGrHE5OgzAUTgfprnfQXtddYLHB2kYCchWaKMMhp-A-Yi9jIYNRMY0GPXIMbZxxWu17XDe_H-kAVTlKo10nVu2_VaaRE7UurnIlAYYDLnbnG4UJ58hZgTkCtkLOmInW0g0T84GFiiugnvsnhU1gIRA0DoLt4ulM4jJsj32Bvki5CJZ9TErV1jOuoGOAboe-1A24NudPfeCeD9m1LuApdlp0yqSEi7YSFqxZeDxXVzXWqx5cCnUGcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tOTEyMzk1MDE0MDEwODg1NoAKA5gLAcgLAYAMAaIMDCoKCgjktLEC7rWxAqoNAkRF4g0TCLSpr5HihYIDFQmiewodIGcF2LATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNprOdktcOGjqltSMCgj6TGK4dVYy4CCRGFx_6OKmVVmSmE1JtqjkSnmyOk8vwn5EoMJ9iRaykk94kpf5MNad0zXenLZ8WmPMYAQ%26sig%3DAOD64_2mb2iE-6F5ON82C2UNMXSzdus5jw%26client%3Dca-pub-2845463438153782%26dbm_c%3DAKAmf-CwFznSN1WN3mVWHdDm9xxwqRmwLngXB6VDdlOGbQWx_AVqZqamuQiDUiFn3aITfQNoMM3INAz_JyTmznhOk51LBlAJIQaXtDbZCfCuymCgZHMq1gdlq5co-GSF0HJ2vaX9KwhsxFjbVgMKlNx-8QUTEW30uMLfX_aCnW1Wr13WVSh7uGY%26cry%3D1%26dbm_d%3DAKAmf-DOEVfxVBb8Ygej02ECbDDmsQ99Tr8emsQS-7nof_gl6oyMQedl1X2VJzlKreFNozUOQpHbw3niU4A6bSKxelJ89F-98_9wy3ijojwR9dF69GpoH1K29D0OC3yDseyHuJrbOXh3i_RnESfoQnpRtKDy3mE59tvmVHCurad3RzvB_vMUa8rkH00utNmznr9NPSw08DLOllIByhRbRCZvvfNnk68qWCAxFBU6jrhY82iCwqz6k4FCvFAs29Jz1lo6ZY90fVJAr0ARceJ4vI8VzIGpJFB0UYPi6Im_slJpfMrLnZ-QF_p0P3ceDPk80o0LX1ayh2b7_mPHDxVXYG9OnGlBgV-kZpf0vbC7fcOTvLF3i26BVjZLctrmdAq5ccaxmlBF8JhFywOLXOZhrKBfaOYjT1Kad6Vq-iCduARqPKFwT6sQCP3CkBHivlee0TVdXgJrQDO4EyUqMzs94YQ1GthFxIptlkf4HjVn8z8kd_oQxpzeUK__YAvVIxqFxp6FiS5QXACBVDClO4x51WXvWPKHlsUCPKVMPmjK--nsSOzAs5VeiiTHSU6EkH1TZ8hVDqxdKIJW%26adurl%3D&documentReferer=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br&random=7685693624757&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"SourceEventId":"17200521800103984","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Fri, 20 Oct 2023 23:21:36 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40028
x-iplb-request-id: D972D784:BA70_91EFC182:01BB_65330B80_30818F9:19772

GET
H/1.1 200
OK 89f7480c0afa0150827cf163f8728151 Show response
pv.medialead.de/trck/epv/ Frame 3842 0
616 B 154ms
63ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=16421100004313004444990012484011&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"SourceEventId":"25200521800103636","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Fri, 20 Oct 2023 23:21:36 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40027
x-iplb-request-id: D972D784:BA6A_91EFC182:01BB_65330B80_3048AF1:1193E

GET
H2 200 / Show response
adv.office-partner.de/ Frame 8FC9 930 B
931 B 171ms
38ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=fbdd289bbf&subid=&uid=d9384111d84de849&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQGxCfwszZYfYGInE7gOgzpXADablvaBplZOcp8kP8C4QASDWzrdOYJWSoYKwB8gBCakC0I9ASjzGsT6oAwHIA5sEqgTNAk_Q9Um1bsz7vH6dHWUWDc2EFJn1XDQ181HZi_iTLKqpqMTfz2xbTqHV9-0w9vQ-7OAhXczeK9jgdzFUobJ5c3x-5Nn4UVqxvUEXfGnEaZFqxDb8CLBjNgw0oRFEpzrvkub9Leo9fsz8FLw1YudEMgfBsnISAy5t7ogWbQDJvf-xX8tYpK9KAQ-QYXSXzp_d5GdBIsYXg3pGrHE5OgzAUTgfprnfQXtddYLHB2kYCchWaKMMhp-A-Yi9jIYNRMY0GPXIMbZxxWu17XDe_H-kAVTlKo10nVu2_VaaRE7UurnIlAYYDLnbnG4UJ58hZgTkCtkLOmInW0g0T84GFiiugnvsnhU1gIRA0DoLt4ulM4jJsj32Bvki5CJZ9TErV1jOuoGOAboe-1A24NudPfeCeD9m1LuApdlp0yqSEi7YSFqxZeDxXVzXWqx5cCnUGcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tOTEyMzk1MDE0MDEwODg1NoAKA5gLAcgLAYAMAaIMDCoKCgjktLEC7rWxAqoNAkRF4g0TCLSpr5HihYIDFQmiewodIGcF2LATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADICaaNprOdktcOGjqltSMCgj6TGK4dVYy4CCRGFx_6OKmVVmSmE1JtqjkSnmyOk8vwn5EoMJ9iRaykk94kpf5MNad0zXenLZ8WmPMYAQ%26sig%3DAOD64_2mb2iE-6F5ON82C2UNMXSzdus5jw%26client%3Dca-pub-2845463438153782%26dbm_c%3DAKAmf-CwFznSN1WN3mVWHdDm9xxwqRmwLngXB6VDdlOGbQWx_AVqZqamuQiDUiFn3aITfQNoMM3INAz_JyTmznhOk51LBlAJIQaXtDbZCfCuymCgZHMq1gdlq5co-GSF0HJ2vaX9KwhsxFjbVgMKlNx-8QUTEW30uMLfX_aCnW1Wr13WVSh7uGY%26cry%3D1%26dbm_d%3DAKAmf-DOEVfxVBb8Ygej02ECbDDmsQ99Tr8emsQS-7nof_gl6oyMQedl1X2VJzlKreFNozUOQpHbw3niU4A6bSKxelJ89F-98_9wy3ijojwR9dF69GpoH1K29D0OC3yDseyHuJrbOXh3i_RnESfoQnpRtKDy3mE59tvmVHCurad3RzvB_vMUa8rkH00utNmznr9NPSw08DLOllIByhRbRCZvvfNnk68qWCAxFBU6jrhY82iCwqz6k4FCvFAs29Jz1lo6ZY90fVJAr0ARceJ4vI8VzIGpJFB0UYPi6Im_slJpfMrLnZ-QF_p0P3ceDPk80o0LX1ayh2b7_mPHDxVXYG9OnGlBgV-kZpf0vbC7fcOTvLF3i26BVjZLctrmdAq5ccaxmlBF8JhFywOLXOZhrKBfaOYjT1Kad6Vq-iCduARqPKFwT6sQCP3CkBHivlee0TVdXgJrQDO4EyUqMzs94YQ1GthFxIptlkf4HjVn8z8kd_oQxpzeUK__YAvVIxqFxp6FiS5QXACBVDClO4x51WXvWPKHlsUCPKVMPmjK--nsSOzAs5VeiiTHSU6EkH1TZ8hVDqxdKIJW%26adurl%3D&documentReferer=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&ancestorOrigins=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br&random=7685693624757&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Fri, 20 Oct 2023 23:21:36 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Fri, 27 Oct 2023 23:21:36 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame D5B2 0
616 B 156ms
65ms Script
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=16421100004313004444990012484011&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:36 GMT
strict-transport-security: max-age=15768000
attribution-reporting-register-source: {"SourceEventId":"17200521800103984","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
server: nginx
host: pv.medialead.de
x-iplb-request-id: D972D784:BA6C_91EFC182:01BB_65330B80_304775F:1193B
x-iplb-instance: 40027
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame D5B2 43 B
632 B 157ms
62ms Image
image/gif 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=16421100004313004444990012484011&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:36 GMT
strict-transport-security: max-age=15768000
attribution-reporting-register-source: {"SourceEventId":"17200521800103984","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
server: nginx
host: pv.medialead.de
x-iplb-request-id: D972D784:BA6E_91EFC182:01BB_65330B80_3048AF2:1193E
x-iplb-instance: 40027
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame D5B2 43 B
702 B 155ms
61ms Image
image/gif 23.212.218.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=16421100004313004444990012484011&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.212.218.19 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-218-19.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Oct 2023 23:21:36 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 229B 0
20 B 116ms
115ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJfaifwszZaqxMd2c9u8P-c6HsAEAAAAAOAHgBAI&bg=!UVKlUh3NAAY5nEQaGZw7ADQBe5WfOGzeIZRKhUJZKQyL_asEk8Lgq-a8UQr1lZoaqOfXfFo5eKTHqSvY1qxkXWZBC429AgAAAM5SAAAAA2gBB5kDJTnbwuj7Z87lrXhb0Wd5NsViZXcVaXtKXbEOcPAZsIUAbRxmx48j7G1FqMUn918JuH3qOiHEl78vYt1h_pEj_wMLHcGVMoBWsk7SjclCPk5vFQd2AiFqFYZpNs0iaLjthQE730pJk0lTRT1d0pDMNp52LThv2AJYNipQKMdUKg61zcbw-RnGX_11P81gfsq98Aq_x1AF9NnphyqeqpLDv_ZFsBzDKh6AM-_dDY0timfAti1hmpQb1EkVuedG4DRLQCy7I1vi78y3mtKvSkIAkFrinN-kd3lvb-afk1gKMG3o8vDJeyq6iUE7y30Jo0jjgElSNyWAK-VVoIs19CRstY09-aSps_b_4cxRf3g2bKnR8PgEeer3nquWo9vVuAWMybtzpqtRTSjH4Lutykmq_Mw_z7cagv8stC-8vMZfQC3MXjrqtgTX5pJBohOswL7kiaGMk-woGiB3aLbBvBnDmUOpen-0VW6-QqIikwqDXVtaA7EwprxX1z61ACNuQMM1dH26LUnCFfiW8hto38uJ8qTE2JVl3BIfWLqEQWmQmFiDLCOfVDaOR4jHtfWKwOmjKFDyWtDzgAljWtgr3PJTNdb3-tckPtmdtmxlfhJrN6t6KCkHruWlywcjMpSaQxnnSR2TGvDQYzdNhQMDsBkga0tsb3QJ93pFBm0o4kVrBOLHjGM0snaaGBIwOphkF1VfUCg0SubT6QH65NmZd0tZnQNvFt7y0Kn6U6ZzPzcNEXl_f8JAT5eWeKuMKm-YwBB-doEkUlo1vUjfnzTtU1Sy_BvE88yoGbUJkgLvHTsVzlrwC_9Oy1qgSUKQGidwr4kPyg1D3GrV0Cijq2kJbTrGGLezQXJyeOBjc9v_xEQeRFQHcnkveAeYcMbqV7G7cL_0gqZpD5BH8pFhTgP65eLKYxXvLWqd_jBYNa2EZiZ3SZEb6yALbJTCqZLrOEGgiFrrwnrwCsKxMhznqwleqoALLzWKBUwwIzA0jNZTlIr0f5lgWyf8NQb1fUOvN7xcQ0isqoJ8QQmDTOxcl2CY3Rww14JrHOSnBrtix-0uYcH1epui-Ci-oWE

Requested by

Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0EA8 6 KB
3 KB 25ms
23ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 23:21:35 GMT
expires: Sat, 19 Oct 2024 23:21:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 B
712 B 41ms
41ms Fetch
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:36 GMT
an-x-request-uuid: 4854c53e-7002-46bd-a100-fb43d02f897d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.132; 217.114.215.132; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 B
711 B 41ms
40ms Fetch
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:36 GMT
an-x-request-uuid: 76041cd9-1914-481b-8acc-06210317940e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.132; 217.114.215.132; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
579 B 118ms
118ms Fetch
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:36 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
199 B 119ms
118ms Fetch 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
date: Fri, 20 Oct 2023 23:21:36 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 52ms
52ms Fetch 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 20 Oct 2023 23:21:36 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 8194ff84097cbb8c-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 409 B
824 B 41ms
41ms Fetch
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=447704&zone_id=2589306&size_id=2&alt_size_ids=1&rp_schain=1.0,1!denakop.com,10741,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&tg_i.domain=controle.diariodocentrodomundo.com.br&tg_i.page=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&tk_flint=pbjs_lite_v8.17.0&l_pb_bid_id=541aa7b06b13dd4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2599919516533722
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 87a699bdbce507d8254a346a608dcb17a7257c04d5e5009303f7d7b6356f403a

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Oct 2023 23:21:36 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://controle.diariodocentrodomundo.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 409
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
384 B 34ms
34ms Fetch
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8856 640 B
265 B 45ms
45ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLWyPMDEIG6ltgEGJWLiOwBMAE&v=APEucNXgTzwE65t6ImEUjmzZwhp4GVzCB4aoEd5ttEkCXiIBqZVhjhy1MhKJlNIFJt2F0QJ6oDNIt6sxu3B7UPCTdRv4x9_tpT2UGdyIxfVWc8ZBhGNyVnAv6ZI-4qw9eh5YuLm5cazwR--E0UqzHI0zFy6a4iSNcHaQgSq_wcEJoPd7Rj79WM8

Requested by

Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 23:21:36 GMT
expires: Fri, 20 Oct 2023 23:21:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 0EA8 23 KB
9 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 03:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72374
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 03:15:22 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame 0EA8 7 KB
3 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 03:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72374
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 03:15:22 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0EA8 0
0 80ms
80ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst7udKHGhGV8FAVMzRwhfiesss6AF9nSmlKpFgBF_igBAUQ_P9r6aGdY9RxcnY0svXuXUWSoC2WhYsHXEleJgh_rkLaDkRVlY178YBWSxU8EV69s0UQEBH4cbQdhK00yIuQrxfCKpfl-JKzAqoQl4H-LhrrBJ3BDFqFs_Ak3ykGiWJjDYU3BWSjYEmDLSmtk65MRv_UlfXKbDLcPyaIH9MDe9zXzBEYGJgEtL2LQCpf0A3S7gzIvy7AJJLELmruuXfHOUM6cAkDfHKu6vrwjrDuu237GrYuoz0lvhoV7NRKIUTGdcSEW8JilaJG53yAIXHgXaPBqePlx4Tza0Z0m1tWpERVW7sElYMjHIyrFJOVb9CKv5EOpdKBYZhB7Wp5LY_gZ8rmX9aLNejWz2-l34LUtiPXzuKaLR8-9gdQB_Op8zW3229jK2-5W3HtcSXLlCrR_LlJ1TzWWNppx1brQ1-LhlEKwQI7L2EU4OT7DXN1RsnxhPCgnbMMj-8QclCAmocXNaPa-KHjFpfYgT9sLZ9w9r7wNn_Hwp_s7xQDQo1-ixq7nGhmoB4rWOdMoAhLnXlQRKD5Od3U-n_AWZjaqgt21YvNlv-GMq7_40q5pha4uq08BbzwoNkxgJLNCulEB6jySHaaBZSYNPzRNHOGQcaoVHpBmvsEaA3OjzFGDhL0L7af4QW8wDD-yg4V_uWQNCxb7LDEM_pHEuVwZOlaEsHUVmRrpr5WUHxHa6f8hXWsdpdbwzeCtaSZX7YvP7JjAjY2ALvGe0-xmybdLGD46R8s8K1Wv4cMI2LjUXyu3tSf63vV_qU4z9TSUjTGn9MQeREc8J-QzhPxfAu-xVz3CVxm0EZskZzpfyb1cBvrCLNx7o2esYPz6mzpb5b3I5NASikndew0bsXgi-hOD1MDuxVGhHJBOg7Di-Ybri_UiWAyN4YT2LPpz2U-Jfk5yFHs3SGquPUb1UcDzEZ7UHSu8vOqSTBqKtIGt_B4f5mUaoc6SLcJt4fwIZXP1so7D7lmols3-BDBkqiCJJpCVskcCij33CJMMkYyN6G5rDVDItaK0qsCIDLgncan_2dx2PW3DJZ3THeqF640byUSu0BUnUU361iIiSergf_gatgTrENiM13DFH7IQGgNCfpwXcoNsrhqcnuvT8F4TZGhYO3JiOQ5whF49i4f3H_k8brXJJkrQ25FgysL7DqF9ISByyG1-mSdfzNlXnHkpJwCCGNV7U1np9BixgC_Xws68rj1xvf89_nrMfTN0_JyvLaRmStY3Btz5JOgHCa-A16A8HzuvT5UKa7F1icD0-DN9erlaynXZuK87zJkDisTDbGULWf5bOmjRtYa5fCP6yvWpo5ZUhmlFthHwf2eqHeriqCllzuhObF5oAYjnBXQ0uz4cgiIdxz5HJMJabzupmUP3Mk7uN8mtZb4t-7NOrF7ZT0xppsFZP1haqzodfoRXSdAVhXF_r_RpFpl4yuJJSN2xtTLO4AoCrXpjoMES8ZDI3ohWZIJ-j-RSJ452p06NT54WsvLqQenk5EKuw&sai=AMfl-YS2b1nYM-B4NzBgbRRVvCfPs3_me4B06QV5Y4eh2JdrqTbvxXxMdhxWbyDzHVNZEKhBc7p0cF-qFI92yKwzVcCURPbDYp8cx8AG4jE1cAHGYFHmSrcxjO8nRGE_Z4jVd3-R9ONI-GKgiyJCSaRF63CRA1CRXCjIUqbfjX0jqGhhA4h_v2g8Qyxcpb7QS6N1S-BUbxY7HWE3jyNkm5GyAny9Wf8ULIycYxKzK9fbnFvxAr6XzOe1BWhnZr7mpNketIUPlRJK2u1ZF0KVlulRkI8t1KAFwU0u9JxkDcOtR8nI-wnBvG_19V5VkVzsnkZGUfY_dd4BuT3ZZJohgU1T1lKY4ApVjx_P5MQbuJzh8qbBYKBpbWPwcix42TkXnb82uJ1b9v0_dToIj1GzUP6Lu11RoVFq3PxB0DBh4chWuZW9IsR18JThOvOlzKVP8Arrkp7M3zJ-VsVyIqYXWwuNw5HXbcgUKGbpWDEpzLw-&sig=Cg0ArKJSzLrYYOi4w4DNEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20231017.67635&arae=0&ftch=1&adurl=

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 20 Oct 2023 23:21:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0EA8 41 KB
13 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 18:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191933
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 18:02:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 0EA8 3 KB
1 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js

Requested by

Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 16:56:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 16:56:25 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 0EA8 20 KB
8 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8427
x-xss-protection: 0
server: cafe
etag: 8504628880869859743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 00:02:34 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0EA8 42 B
63 B 68ms
63ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BnOKGYwNQstDvx8RrTzIodBlr4L30et2ruM-RmL_97trcWWq7M-QYbNQrKVd8QzY-RCJyG7lT2Aw3jHDZdD3u8shSxHBcKA5pRJ7ozDGoNYYh9jL4

Requested by

Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0EA8 187 KB
59 KB 51ms
45ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Oct 2023 23:21:36 GMT

GET
H3 200 10996010031255524624
s0.2mdn.net/simgad/ Frame 0EA8 133 KB
133 KB 35ms
31ms Image
image/gif 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/10996010031255524624

Requested by

Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

048d9ddb2fec6b4debb3dcee23fb84252ad4c0a0e0fa443d652ef7879f07f0ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 23:43:52 GMT
x-content-type-options: nosniff
age: 171464
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136316
x-xss-protection: 0
last-modified: Fri, 26 May 2023 08:21:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Oct 2024 23:43:52 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 8FC9 175 KB
63 KB 41ms
37ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c0fb52a345fb6edc28ecf375d99ce417c45f70c7052f4934763933bf4c974eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64324
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 22:18:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 20 Oct 2023 23:21:36 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame D5B2 2 KB
2 KB 238ms
116ms Script
text/html 13.42.246.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=16421100004313004444990012484011&nw=1
Requested by: Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.246.66 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-42-246-66.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 96e9f114b577f1eef812afa6b1dacbef2ed4088ad2ad705305c3ff27987ff0e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:36 GMT
last-modified: Fri, 20 Oct 2023 23:21:36 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 20 Oct 2023 23:22:36 GMT

GET
H2

200

activityi;dc_pre=CP-5mZLihYIDFRwXBgAdyRQPUA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4508107646724.22 Show response
5994599.fls.doubleclick.net/ Frame 58F7
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4508107646724.22?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CP-5mZLihYIDFRwXBgAdyRQPUA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4508107646724.22?

390 B
328 B

55ms
53ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CP-5mZLihYIDFRwXBgAdyRQPUA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4508107646724.22?

Requested by

Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

06ef2830fb689dd07be27aa26233460f37071d0edede6c57191d0b6f6ca0a496

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 219
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 23:21:36 GMT
expires: Fri, 20 Oct 2023 23:21:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 23:21:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CP-5mZLihYIDFRwXBgAdyRQPUA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4508107646724.22?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900011.redintelligence.net/ Frame 36E6 7 KB
3 KB 112ms
37ms Document
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/request_content.php?s=16421100004313004444990012484011&a=412d29f7
Requested by: Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: a1c9908f072a74d69147eac3ee64455290bd6825448785c4c6a669321ca234d6

Request headers

Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2225
Content-Type: text/html; charset=utf-8
Date: Fri, 20 Oct 2023 23:21:36 GMT
Expires: Sat, 21 Oct 2023 00:21:36 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame D5B2 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2d43cac7a53146ce3eaf2626b1d3495079b1a2d40241cd5badf0843d6a10277

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8856
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELiO4B26VrSyX_p4keQ_rjE&google_cver=1

43 B
114 B

58ms
39ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELiO4B26VrSyX_p4keQ_rjE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLWyPMDEIG6ltgEGJWLiOwBMAE&v=APEucNXgTzwE65t6ImEUjmzZwhp4GVzCB4aoEd5ttEkCXiIBqZVhjhy1MhKJlNIFJt2F0QJ6oDNIt6sxu3B7UPCTdRv4x9_tpT2UGdyIxfVWc8ZBhGNyVnAv6ZI-4qw9eh5YuLm5cazwR--E0UqzHI0zFy6a4iSNcHaQgSq_wcEJoPd7Rj79WM8
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:36 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELiO4B26VrSyX_p4keQ_rjE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 8856 43 B
304 B 116ms
38ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLWyPMDEIG6ltgEGJWLiOwBMAE&v=APEucNXgTzwE65t6ImEUjmzZwhp4GVzCB4aoEd5ttEkCXiIBqZVhjhy1MhKJlNIFJt2F0QJ6oDNIt6sxu3B7UPCTdRv4x9_tpT2UGdyIxfVWc8ZBhGNyVnAv6ZI-4qw9eh5YuLm5cazwR--E0UqzHI0zFy6a4iSNcHaQgSq_wcEJoPd7Rj79WM8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:36 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 8856
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEG12jNttYzjs7uX0vB5ZdJM&google_cver=1

23 B
163 B

54ms
54ms

Image
image/gif

23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEG12jNttYzjs7uX0vB5ZdJM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLWyPMDEIG6ltgEGJWLiOwBMAE&v=APEucNXgTzwE65t6ImEUjmzZwhp4GVzCB4aoEd5ttEkCXiIBqZVhjhy1MhKJlNIFJt2F0QJ6oDNIt6sxu3B7UPCTdRv4x9_tpT2UGdyIxfVWc8ZBhGNyVnAv6ZI-4qw9eh5YuLm5cazwR--E0UqzHI0zFy6a4iSNcHaQgSq_wcEJoPd7Rj79WM8
Protocol: H2
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 20 Oct 2023 23:21:36 GMT
pragma: no-cache
date: Fri, 20 Oct 2023 23:21:36 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEG12jNttYzjs7uX0vB5ZdJM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 8856 23 B
163 B 59ms
58ms Image
image/gif 23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLWyPMDEIG6ltgEGJWLiOwBMAE&v=APEucNXgTzwE65t6ImEUjmzZwhp4GVzCB4aoEd5ttEkCXiIBqZVhjhy1MhKJlNIFJt2F0QJ6oDNIt6sxu3B7UPCTdRv4x9_tpT2UGdyIxfVWc8ZBhGNyVnAv6ZI-4qw9eh5YuLm5cazwR--E0UqzHI0zFy6a4iSNcHaQgSq_wcEJoPd7Rj79WM8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Fri, 20 Oct 2023 23:21:36 GMT
pragma: no-cache
date: Fri, 20 Oct 2023 23:21:36 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0EA8 0
0 71ms
69ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst7udKHGhGV8FAVMzRwhfiesss6AF9nSmlKpFgBF_igBAUQ_P9r6aGdY9RxcnY0svXuXUWSoC2WhYsHXEleJgh_rkLaDkRVlY178YBWSxU8EV69s0UQEBH4cbQdhK00yIuQrxfCKpfl-JKzAqoQl4H-LhrrBJ3BDFqFs_Ak3ykGiWJjDYU3BWSjYEmDLSmtk65MRv_UlfXKbDLcPyaIH9MDe9zXzBEYGJgEtL2LQCpf0A3S7gzIvy7AJJLELmruuXfHOUM6cAkDfHKu6vrwjrDuu237GrYuoz0lvhoV7NRKIUTGdcSEW8JilaJG53yAIXHgXaPBqePlx4Tza0Z0m1tWpERVW7sElYMjHIyrFJOVb9CKv5EOpdKBYZhB7Wp5LY_gZ8rmX9aLNejWz2-l34LUtiPXzuKaLR8-9gdQB_Op8zW3229jK2-5W3HtcSXLlCrR_LlJ1TzWWNppx1brQ1-LhlEKwQI7L2EU4OT7DXN1RsnxhPCgnbMMj-8QclCAmocXNaPa-KHjFpfYgT9sLZ9w9r7wNn_Hwp_s7xQDQo1-ixq7nGhmoB4rWOdMoAhLnXlQRKD5Od3U-n_AWZjaqgt21YvNlv-GMq7_40q5pha4uq08BbzwoNkxgJLNCulEB6jySHaaBZSYNPzRNHOGQcaoVHpBmvsEaA3OjzFGDhL0L7af4QW8wDD-yg4V_uWQNCxb7LDEM_pHEuVwZOlaEsHUVmRrpr5WUHxHa6f8hXWsdpdbwzeCtaSZX7YvP7JjAjY2ALvGe0-xmybdLGD46R8s8K1Wv4cMI2LjUXyu3tSf63vV_qU4z9TSUjTGn9MQeREc8J-QzhPxfAu-xVz3CVxm0EZskZzpfyb1cBvrCLNx7o2esYPz6mzpb5b3I5NASikndew0bsXgi-hOD1MDuxVGhHJBOg7Di-Ybri_UiWAyN4YT2LPpz2U-Jfk5yFHs3SGquPUb1UcDzEZ7UHSu8vOqSTBqKtIGt_B4f5mUaoc6SLcJt4fwIZXP1so7D7lmols3-BDBkqiCJJpCVskcCij33CJMMkYyN6G5rDVDItaK0qsCIDLgncan_2dx2PW3DJZ3THeqF640byUSu0BUnUU361iIiSergf_gatgTrENiM13DFH7IQGgNCfpwXcoNsrhqcnuvT8F4TZGhYO3JiOQ5whF49i4f3H_k8brXJJkrQ25FgysL7DqF9ISByyG1-mSdfzNlXnHkpJwCCGNV7U1np9BixgC_Xws68rj1xvf89_nrMfTN0_JyvLaRmStY3Btz5JOgHCa-A16A8HzuvT5UKa7F1icD0-DN9erlaynXZuK87zJkDisTDbGULWf5bOmjRtYa5fCP6yvWpo5ZUhmlFthHwf2eqHeriqCllzuhObF5oAYjnBXQ0uz4cgiIdxz5HJMJabzupmUP3Mk7uN8mtZb4t-7NOrF7ZT0xppsFZP1haqzodfoRXSdAVhXF_r_RpFpl4yuJJSN2xtTLO4AoCrXpjoMES8ZDI3ohWZIJ-j-RSJ452p06NT54WsvLqQenk5EKuw&sai=AMfl-YS2b1nYM-B4NzBgbRRVvCfPs3_me4B06QV5Y4eh2JdrqTbvxXxMdhxWbyDzHVNZEKhBc7p0cF-qFI92yKwzVcCURPbDYp8cx8AG4jE1cAHGYFHmSrcxjO8nRGE_Z4jVd3-R9ONI-GKgiyJCSaRF63CRA1CRXCjIUqbfjX0jqGhhA4h_v2g8Qyxcpb7QS6N1S-BUbxY7HWE3jyNkm5GyAny9Wf8ULIycYxKzK9fbnFvxAr6XzOe1BWhnZr7mpNketIUPlRJK2u1ZF0KVlulRkI8t1KAFwU0u9JxkDcOtR8nI-wnBvG_19V5VkVzsnkZGUfY_dd4BuT3ZZJohgU1T1lKY4ApVjx_P5MQbuJzh8qbBYKBpbWPwcix42TkXnb82uJ1b9v0_dToIj1GzUP6Lu11RoVFq3PxB0DBh4chWuZW9IsR18JThOvOlzKVP8Arrkp7M3zJ-VsVyIqYXWwuNw5HXbcgUKGbpWDEpzLw-&sig=Cg0ArKJSzLrYYOi4w4DNEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=74&vt=11&dtpt=72&dett=2&cstd=1&cisv=r20231017.67635&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0EA8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67786c69cef6b361e5480d29eae387c463c5208fce12203953c23122371c10ce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0CD0 22 KB
8 KB 27ms
26ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 83941
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 00:02:35 GMT
expires: Sat, 19 Oct 2024 00:02:35 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 8FC9 273 KB
91 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d72f2f8c0dbaa53d7cbcef1e314514f8d40fe231ca04a7726cb7c70f1124b0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92869
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 20 Oct 2023 23:21:36 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
384 B 32ms
31ms Fetch
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
199 B 118ms
117ms Fetch 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
date: Fri, 20 Oct 2023 23:21:36 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 138 B
832 B 37ms
37ms Fetch
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

3787388fca17351a123c52a64c158526bedd034f6454740d4051b3f38a2f4e0e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:36 GMT
an-x-request-uuid: 514a7cce-ac8c-4b2c-a5d9-4d45e5905adc
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.132; 217.114.215.132; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 138
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 392 B
807 B 46ms
41ms Fetch
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=447704&zone_id=2589306&size_id=221&rp_schain=1.0,1!denakop.com,10741,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&tg_i.domain=controle.diariodocentrodomundo.com.br&tg_i.page=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&tk_flint=pbjs_lite_v8.17.0&l_pb_bid_id=64c18e172413635&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5906248208410514
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 02dbd52e663d638a7190eba7acd734ea222096dea2939c335edce9e3ce140d72

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Oct 2023 23:21:36 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://controle.diariodocentrodomundo.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 392
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 B
712 B 46ms
42ms Fetch
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:36 GMT
an-x-request-uuid: 71cffc2a-80d7-41df-8453-cae3d43029e0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.132; 217.114.215.132; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
579 B 125ms
122ms Fetch
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:36 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 55ms
51ms Fetch 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 20 Oct 2023 23:21:36 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 8194ff853a76bb8c-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 css
fonts.googleapis.com/ Frame 36E6 5 KB
778 B 36ms
34ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=16421100004313004444990012484011&a=412d29f7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 23:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 21:41:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 23:21:36 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 36E6 64 KB
64 KB 239ms
160ms Image
image/png 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=16421100004313004444990012484011&a=412d29f7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 0ae3e3aaec4b8b1d5e14faa56ffb092cc37e9d5d430f04137e0446c7eca6831c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 23:21:36 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 36E6 40 KB
40 KB 225ms
145ms Image
image/png 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/50502/creativesup/Fyrst-1200x627.jpg
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=16421100004313004444990012484011&a=412d29f7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 3926365716d32636fc97fafc20ab7bc4bb53c3391076ce17fe9367ec0e0ae777

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 23:21:36 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 41145
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 36E6 37 KB
37 KB 285ms
205ms Image
image/png 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=16421100004313004444990012484011&a=412d29f7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 002c29a005b685baa52e5ff0819c59fb3cfa8915f38c648615302bfb09b93b09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 23:21:36 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 37453
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 36E6 57 KB
57 KB 210ms
127ms Image
image/png 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=16421100004313004444990012484011&a=412d29f7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: d89c97bd96db1b12de096bdd804361857a3898ecb7399d8d030a4621861a2e53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 23:21:36 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 57898
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 haGPP_0CJBcyoIC77JmqOENAYvSBlehBq1K2FQ7lO6s.js Show response
pagead2.googlesyndication.com/bg/ Frame 0CD0 37 KB
14 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/haGPP_0CJBcyoIC77JmqOENAYvSBlehBq1K2FQ7lO6s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85a18f3ffd02241732a080bbec99aa38434062f48195e841ab52b6150ee53bab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 03:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14722
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Oct 2024 03:15:22 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 49C7 42 B
64 B 128ms
68ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuIb0pSuLjtfclHCF94DNgMtooPWb5pWMUvqRs3p-4o9-wDHB-mXJt5nWutMQd05tzGl3bK6AcUyaVUcoP7zUu5zC9dHREmljxB5iAq9-by9KXrUSSyU_z_34ofZz98LgcQwfn9u9xweXBo&sai=AMfl-YTsZ36ZgML79KH_mh5X5rGy9-Prfl-auZYohNY5YkgD5BDQfK-GoqUsLMzgoIlsbTdEhsZE3bfRpe571XNxncbvp2lEZLj8JH16QO0EKJSKTqBThWyyu_wwvaP02bJSJ346_UASjIqQ61FvSg&sig=Cg0ArKJSzHl96q6LATUUEAE&cid=CAQSTADICaaN40yYH_3ikYoGVcOkzOs50RS-JZgsdE2wW7uLYfuQamvRgrN-6w0gt1DFlgu38rgztfUgTe_Nq2k9G0iQPVC-sVUDlzpkNkoYAQ&id=lidar2&mcvt=1040&p=569,436,659,1164&mtos=0,1040,1040,1040,1040&tos=0,1040,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=2394117401&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697844095552&rpt=300&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900011.redintelligence.net/ Frame 36E6 0
150 B 125ms
41ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/viewability?s=16421100004313004444990012484011&a=94fb2afa&vb=m
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=16421100004313004444990012484011&a=412d29f7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/request_content.php?s=16421100004313004444990012484011&a=412d29f7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 23:21:37 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 dc_pre=CP-5mZLihYIDFRwXBgAdyRQPUA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4508107646724.22
adservice.google.com/ddm/fls/z/ Frame 58F7 42 B
401 B 134ms
68ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CP-5mZLihYIDFRwXBgAdyRQPUA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4508107646724.22

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CP-5mZLihYIDFRwXBgAdyRQPUA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4508107646724.22?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
384 B 40ms
38ms Fetch
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 B
712 B 48ms
46ms Fetch
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:36 GMT
an-x-request-uuid: 45fc6419-d8da-4c6b-90f2-80faf355fc16
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.132; 217.114.215.132; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
579 B 127ms
126ms Fetch
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:36 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 65ms
64ms Fetch 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 20 Oct 2023 23:21:36 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 8194ff85fb02bb8c-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
199 B 124ms
124ms Fetch 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
date: Fri, 20 Oct 2023 23:21:36 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 B
712 B 47ms
47ms Fetch
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:36 GMT
an-x-request-uuid: c2e67ab6-8b5e-498b-b6f4-2e243c23ff1a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.132; 217.114.215.132; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 422 B
837 B 44ms
44ms Fetch
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=447704&zone_id=2589306&size_id=15&alt_size_ids=16%2C43%2C48%2C117%2C159&rp_schain=1.0,1!denakop.com,10741,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&tg_i.domain=controle.diariodocentrodomundo.com.br&tg_i.page=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&tk_flint=pbjs_lite_v8.17.0&l_pb_bid_id=84701cca1ebed5a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9132670430677305
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3094d7de8a2a2bb99eef715f100745059802df8d1b85cfc15bea8680227ff0f6

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Oct 2023 23:21:36 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://controle.diariodocentrodomundo.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 422
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 36E6 14 KB
15 KB 30ms
29ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900011.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:04:46 GMT
x-content-type-options: nosniff
age: 1010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Oct 2024 23:04:46 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 36E6 15 KB
15 KB 34ms
34ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900011.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 03:41:01 GMT
x-content-type-options: nosniff
age: 70835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Oct 2024 03:41:01 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame CF3C 28 B
54 B 43ms
42ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dd34ec3d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
X-Goog-Request-Time: 1697844096951
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/NZPi-h08p14?feature=oembed
X-YouTube-Client-Version: 1.20231015.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtIZVp4bHlaVFcxOCj-lsypBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals: dt=1697844094671&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1156%2C650&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 20 Oct 2023 23:21:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 20 Oct 2023 23:21:36 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame D5B2 53 KB
18 KB 140ms
37ms Script
application/javascript 18.66.147.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=16421100004313004444990012484011&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-120.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bff213874ce3d0ba3e7b2d018294c6f0145891a59ad5b1d0bf3ef1b65efe3292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 00:46:27 GMT
content-encoding: gzip
via: 1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
last-modified: Tue, 17 Oct 2023 08:55:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 81311
etag: W/"6aec565d06e446dcf33391d1dafb8b7d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Nj6SVffg7lFdQFEws8kZBffLiv2k8awISSvoCs1d1nXAR4YpYBtXHw==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame D5B2 3 KB
3 KB 122ms
33ms Image
image/png 99.86.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1697844396&Signature=m4WfNtsSGmtRDNp7sHs9MvkA7zto1hw7WLr4rWAfZs21x4WCBYKQuvRRDsZooCjYqX684L1cCYt2jYsbvPJ~oTidb06Gj6OKMRPamDf46Ue9NYVea0qOzc3kGaZAblX87ceIiFfmQxcmfQOUvUkzEIc~uumJONU8GqQAUCUCqj33mH-dLJAR3gqtONNk2OKlbocBGnnPOW8aWo9nbO1O2ukaj1s9sTXoFvpOCYaMF-~Hk1eMhmRmjk2Cs74xlYOmNDp7rWAYrb4WDxq~TnuE5Ps3dbmUIFCk-xXYJ90w~52iSAGPRFXitPMDOa-4TFG1D8m21VLJ~WAvCnuTybjVeg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-53.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 20 Oct 2023 02:12:46 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 76132
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: ipxVDNjbRsuFRUowuNH3yq2op3IMQrHAdbQFdKNg5mMo4vILxf0Vjg==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0CD0 0
20 B 63ms
62ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGzjvgAszZdiWCK2X1PIPgpCGwAQAAAAAOAHgBAI&bg=!RkWlRQrNAAY5nEQaGZw7ADQBe5WfOKc-2GoiCJ3U-FGTFn3IxmiV1BX4GmXeHe2fjP5q-BbqRZQbxqsoMi1k6rrpOCgtAgAAAGVSAAAABGgBB5kDKBlS1-25CzdCQa1Z7w6a4uv5UtUh-pkfEJNQ17uoxM2RqVst4ep52E_Gd6DO2k1NjXQ6CA3aa_Ut0MzeugsLE-YpiUOO0h3cRfhCwlC437krlGwSo4C-D_i5RlJGlDlhiCYK6vnG8udW-4bj6-Mfc9j8wvHMHSFavjxC4E0CcuUNWIPWCLjRGAFsQGFZIvZ4xaubXOk7I2ygbnfwDSdZgskHn2lLKaTxdZB7fqdFsBYdHo4o1viKj0-fJeRN9-uISouVa00D-yOJpbAtrjK4Z-EFcDtNTzuizw1KZpZyeH3DdCQwGm7_GvaQcFGuwJEMu0LD8tHUEz6Y01M4suFawAWhLrPHBxBdiQ2l-DBL-2jYZGGJFTbpSeKLMaaRjc-BLDBtK_aTpBFPPi7rsyz0pDni7iRsdZqJZ9Uy_nJadYBtYfUQZYvqa2jvtB_dNvQTFrVQgUATbvu5DQUj0PvUjSqqoghUq8ToM6ijWEFV9F_BfhRP99v2495joSJ1mUm3FDZWF_4U5mCpnlQZGO8RJcTuwMCrFgRwxdAyodLM8YHKs4nzCHdxhRw9rM3z5vnZG1o91WJe8gu2woUlBxO0GFKB7ERqcJP9_r808zBi7k4j0rxEciDCKgdNI60wJJNhyWK9pRfT-SlvBkmeaGrA7XO8nIFGsFbHxiWohPRRyxj_1WHSLFqKFziWcbijlpQRGFFxImsGvIzeJMUYKkdOfcQfGA50-ygLpQg90GYDRBCOgfSRz8MP6WEr7ud0RmXPiLpN3ay903tlIke7nB3zCqGEvzpdARnx6ZpzpdKVJkQcGkIKvbMJufB0-c4tUTgJ9m8nFs5a6nY0PFQkrkZIEUhxqc8VfYIKo2c5NBKpkhldB32Rgt566bT3k7VFu2IWQaBolc4cbr6hIJpsLgc1WI9MGPmHaWRGROmBxIBa3QPyAL9-NC8Isryi0kwvPyNk9LUd94QULU4NhPebSjiHHUQNFrEDYA7T7JOTos4BDxlkmMTYgfkasCHUGRBO04BDgvuU6K3IVhu2TYMWmvyfQqETZINPw4PlMsvPKc3fTS-L1kT0iHoaQAU

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 57ms
33ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 06:11:32 GMT
content-encoding: gzip
age: 61805
x-guploader-uploadid: ABPtcPruo5zs8b5r0JcUdIZtGfJRQvXdN8N0fzJXHyTaTYZOPNt6OcMOXCAPIUQv8g_tnhto33gWE4_7uQBmP8NnetWAJA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6116
last-modified: Thu, 14 Sep 2023 12:59:30 GMT
server: UploadServer
etag: "c39451e5dec2be7fc7d6df76b55be662"
x-goog-hash: crc32c=SdVkEQ==, md5=w5RR5d7Cvn/H1t92tVvmYg==
x-goog-generation: 1694696370171925
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6116
accept-ranges: bytes
expires: Sat, 21 Oct 2023 06:11:32 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 44ms
44ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a9d134193748f7d24ad60dfceb6f760fc994a4d0630b541d14ea2411e20789e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12342
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 Oct 2023 23:21:37 GMT

GET
H2 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 38ms
37ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 10:06:42 GMT
content-encoding: gzip
age: 47695
x-guploader-uploadid: ABPtcPrHb1Cx8G9LR7yP27nVlO1VjGVkPPstceACqteT5HaEAeSlpfJ1ng2OfYWrDxdE19bwqvrufw3Q6npuGfwH12or
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8334
last-modified: Thu, 14 Sep 2023 12:59:30 GMT
server: UploadServer
etag: "20de3c90b2d9541b062276e079f0eaa7"
x-goog-hash: crc32c=yMCztg==, md5=IN48kLLZVBsGInbgefDqpw==
x-goog-generation: 1694696370056280
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8334
accept-ranges: bytes
expires: Sat, 21 Oct 2023 10:06:42 GMT

GET
H3 200 container.html Show response
367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C5ED 6 KB
3 KB 28ms
26ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 23:21:35 GMT
expires: Sat, 19 Oct 2024 23:21:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E12C 13 KB
5 KB 29ms
28ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 22513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 17:06:24 GMT
expires: Sat, 19 Oct 2024 17:06:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C909 829 B
559 B 40ms
39ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3232bd62b151a9a3bc340aaaeb0786340f4acf64acc0403c5f646bea437308fe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dkleaU9CrJYF_so9HoxO6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-dkleaU9CrJYF_so9HoxO6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 23:21:37 GMT
expires: Fri, 20 Oct 2023 23:21:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 u Show response
b.t.tailtarget.com/ 76 B
515 B 269ms
130ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?env=_ttq_tteurekaads
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: a64fb91991a6307daf89f344218507653cd14e4ca2e746e7c92c46f9e5f16bbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:37 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/x-javascript
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 B
711 B 39ms
39ms Fetch
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:37 GMT
an-x-request-uuid: a5b211f0-1496-4c12-9da9-62e88c02f288
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.132; 217.114.215.132; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
199 B 117ms
117ms Fetch 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
date: Fri, 20 Oct 2023 23:21:37 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
384 B 32ms
31ms Fetch
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 B
712 B 40ms
40ms Fetch
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:37 GMT
an-x-request-uuid: 210eee25-96a9-4976-b40f-ecc795f51140
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.132; 217.114.215.132; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
584 B 119ms
119ms Fetch
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:37 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 409 B
824 B 41ms
41ms Fetch
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=447704&zone_id=2589306&size_id=2&alt_size_ids=1&rp_schain=1.0,1!denakop.com,10741,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&tg_i.domain=controle.diariodocentrodomundo.com.br&tg_i.page=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&tk_flint=pbjs_lite_v8.17.0&l_pb_bid_id=96b0e5378881c4c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8365101648754765
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: eec4b94845cc618d4c39bf28caff907e3ae842f7ce0ea3c2e5ad415b2a1d367e

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Oct 2023 23:21:37 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://controle.diariodocentrodomundo.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 409
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
59 B 51ms
51ms Fetch 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 20 Oct 2023 23:21:37 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 8194ff891d72bb8c-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C9BF 466 B
238 B 48ms
46ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYifey5wEwAQ&v=APEucNX7F--bl9S4vqlpLDAGdUJ9zaKoJzf5EkKSYjHFKnr3uztEyH1xA9Nw6aFXCwjvG2Oi62vRPCxGHR8NyUgOvbNUm5lazqs9dktaMG6A_r8zq2mE1UqgiIR1A23GJOE7oPO6z88C17XBRCSOgvZWzkJ3ac66PIxJNtBq5klk3dUgY04poIs

Requested by

Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 23:21:37 GMT
expires: Fri, 20 Oct 2023 23:21:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame C5ED 111 KB
39 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
Origin: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 16:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25180
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Oct 2023 16:21:57 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame C5ED 7 KB
3 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 03:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 03:15:22 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame C5ED 23 KB
9 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 03:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 03:15:22 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame C5ED 41 KB
14 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 172200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 23:31:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame C5ED 3 KB
1 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js

Requested by

Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 16:56:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 16:56:25 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame C5ED 20 KB
8 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83943
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8427
x-xss-protection: 0
server: cafe
etag: 8504628880869859743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 00:02:34 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C5ED 42 B
63 B 61ms
60ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D8wVzETf6snGU5F0tV5iGfJ6MTrBWA_uTiYTfQHxQLb8TwMifT-ER_PQlhY1E7kk3stQWcTF9f65a8HfEqeRGhYI-NJr7dsYdb5siQD633q1kjAMo

Requested by

Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C5ED 187 KB
59 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
URL: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Oct 2023 23:21:37 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C909 0
0 65ms
61ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310170101&jk=1995642666070047&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js Show response
pagead2.googlesyndication.com/bg/ Frame E12C 37 KB
14 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 18:09:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 277923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14703
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Oct 2024 18:09:34 GMT

GET

partner
sync.search.spotxchange.com/ Frame C9BF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEIAEiwiLXTzi2-ZupoR-sCw&google_cver=1

0
0

GET partner
sync.search.spotxchange.com/ Frame C9BF 0
0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58269/ Frame C9BF 0
125 B 129ms
35ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYifey5wEwAQ&v=APEucNX7F--bl9S4vqlpLDAGdUJ9zaKoJzf5EkKSYjHFKnr3uztEyH1xA9Nw6aFXCwjvG2Oi62vRPCxGHR8NyUgOvbNUm5lazqs9dktaMG6A_r8zq2mE1UqgiIR1A23GJOE7oPO6z88C17XBRCSOgvZWzkJ3ac66PIxJNtBq5klk3dUgY04poIs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:37 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame DDD5 38 KB
13 KB 25ms
25ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 152208
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 05:04:49 GMT
expires: Fri, 18 Oct 2024 05:04:49 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10683947489417618049/ Frame 5B23 17 KB
4 KB 28ms
27ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10683947489417618049/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26f4321080cbb76b73cf32a7a07f07d7043703055fd88f86f7153f38bb5e8ab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 84853
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4305
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 23:47:24 GMT
expires: Fri, 18 Oct 2024 23:47:24 GMT
last-modified: Fri, 21 Apr 2023 09:17:25 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C5ED 0
0 79ms
78ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstYSN4gzOh-96hIdG2FbgE2nnn9sEG-F9yTe_yD05U4T0IXbix4iz66LTpjtJLxsxE_hObeeOZ9XRp7CK47QQvUZTdkwa6BmD2Hlph9cb1WxpZtwLAJEXGDe6WwGk1Q0KOjm7zLeDFzWXAruZtP0gad9QvOG5mGNQYInGWvhIJco4R_888-dx6plubcHv3K-WcQFZbYW1e1UVxJ1WgYNTpOxyUiEFzUjM_B_YDtmoSfL3suSpiGHy14dKB_pwkj-OwHJE-evJCPt3QfUo7ZwJYVS9cNXcvROMMEX9EXmacjiwYZ7Gy2CRjVcfOIcacvxYQ2hP78rE_L6yCmsbeeCaDDwFb9pYikp3a3lln6GXq-RGmPf8jS22byUO2ob-ojsjfCU2g5oVM0tK0pTlViigkpxwJ_Vfs_xbiElzIq5LDCAAy038297V9duDhGRhAuLu509gl69sb957QtWIJ9jy7tczycUgezxR4MGCUbkpo7QvzNXmolNnQunoSEYmooIW6KbLvRSG7K7U4w1z8qRKVPLzpTiMdFeDrdCQerirAKyD2vQWBRdtTkcBRSuQqA-BEtTtIcrH8NhxOwhnhHj3vHL7giu7cTtbPorBcsoz-dANX1YFdWLKzxjC2L2QA8WihdXYw-RH5s_5g49BGKoBFY1QxN6o84UOBL2Uv036wTv0o7vB_JINOqwp4U8IYFR36N5YHJbJCA4FRfQw_rDgd-jPmEZmjGbxFihO20vFsdveFwKn-J3sEIXf3afGVCDH9zsfwGwhbE5inukfcZbzD2RS2pfFZ-XkcAS_RmoLf-41WwkD7ROVtyEnqudZyK-ssdTcM6m6QsOprfZ4lyNAkjr7mRgcrSTX2Ttu4sKc7iYxT5XaAy2yyU5p8vdgVhKfFJg628EB-ct7Tk32FMZso0kc4f8JxqAyrskOXbQU7591xx6DHeCcxZrnFmQ5SbDJotJlk8U-ai1AdumcHuU4Aw3RPhvQH6KSAih8GIUYSQs4lriVPOWKT-sNjPEtUVDw9OeACpjKTuHuNWUHyqVB5EJ48NTsDLqh20Cac4x8xQ5CFN2-rjvJUNh2AEM93gdjzEZzinb5OY0fbaBpLF2d-3vPj5wfIyUAcBPKoMXVFzHSvm3UPamp6fv8cwRnOewg-5hJI3KP2hHiFHNs1qToOJvJriSdMYW0z6CkE7Pdu9Aup73i0F0NwaKFjl-V2VSTXslWwA7LeI6xg0f2qQPRkE06Oe_bzhLX_jlJTU_u7SzzVtQEscUtpYCy4cNNTlPXNkXvizi7qaUNV3LmqFYrGuIwK_0xOsioCHOj44bKC2cEgLTjlU1fbXx9ZhtfTNw2XYw--vN3ABvZZ16Mlgz9DPx7himh1xFdMXMPf0g3F3cUHRqkfrr8VKp07OsBm05Z560lNq86q8a1FvyN01iYPVdwT4uVBs4aTuVRdEBZp8574lPzW5T9y7LpveWY6VPw&sai=AMfl-YTsZmt8fqhzoUpenZQBuIv1KjXxMSmdfCnUnJTmBKjYXgGPwocCcNiaHdm4_FeAxZhhNadO2B6Q7H2N2-wqSdWiI06R_Z2TtNBtuoqOAdZBJs4TZg24ihe_VHy3XzxUrOUAMdnZY6tGiGUYu6Gkbs00yPEyb_nKQVy0z4PU4OOe0hE3cQP5wKjlimIMfuvSBur1Mlg6Z3Rzm7qNmrD6tnKtqxP-x-V_5O6Qjh_YZ8v9FkCkeL8FtfF2qHDCOFjjqKYxGlST1FFNZvfO038rkRO332ESZxZDpGL-7t03m455E5xCKyEFOJ-KZ6t7_uXIwl0TuF0fA7Kc1Xjh1efWV8uop5aE3LZ5ggVZwvbCDnm1FAI3IIznsGI7QGrKNj76Jvq2Uq-pRIK2-_JvymFsBHPbOaYXX-xM1taTXPXm3NDYtgvIWvUNN0Ov5XJhGXBoWQlbgAUoTcldNytY5xUN-Ml-12Rg_f-HpwDqbp77&sig=Cg0ArKJSzFgh88TuuPyQEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=67&cbvp=1&cstd=65&cisv=r20231017.55979&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 20 Oct 2023 23:21:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C5ED 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a1b951ecca23d6e0e1a16cc2f98df705c8b8e213a960baf84f78bcd3114f843

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
199 B 117ms
117ms Fetch 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
date: Fri, 20 Oct 2023 23:21:37 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 422 B
837 B 42ms
41ms Fetch
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=447704&zone_id=2589306&size_id=15&alt_size_ids=16%2C43%2C48%2C117%2C159&rp_schain=1.0,1!denakop.com,10741,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&tg_i.domain=controle.diariodocentrodomundo.com.br&tg_i.page=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&tk_flint=pbjs_lite_v8.17.0&l_pb_bid_id=102a233cf66546f8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.16316388999595
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ae6785b144aa75b0dfccba86b3f52f804b4d8c2ba3a01bca28fbc69ca286ec29

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 20 Oct 2023 23:21:37 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://controle.diariodocentrodomundo.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 422
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 B
712 B 40ms
39ms Fetch
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:37 GMT
an-x-request-uuid: 908d04eb-939e-4b7a-9240-de5bc462f147
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.132; 217.114.215.132; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 B
712 B 39ms
38ms Fetch
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:37 GMT
an-x-request-uuid: 41a6f75f-9340-4193-a746-d8b672f8891e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.132; 217.114.215.132; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 51ms
51ms Fetch 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 20 Oct 2023 23:21:37 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 8194ff8a2e46bb8c-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
384 B 33ms
32ms Fetch
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
579 B 120ms
120ms Fetch
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:37 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H3 200 4a9c94527c5bb3ece589f56532583d89.js Show response
s0.2mdn.net/sadbundle/10683947489417618049/ Frame 5B23 103 KB
29 KB 27ms
26ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10683947489417618049/4a9c94527c5bb3ece589f56532583d89.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10683947489417618049/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f97a1208bfbed36adde1345a778e2ddd3b5267b96fcb85abb1e4b3e7d261bbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10683947489417618049/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 00:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167341
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30082
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 09:17:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 00:52:36 GMT

GET
H2 200 b Show response
b.t.tailtarget.com/ 136 B
562 B 135ms
134ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-11382-4&tY=1&tS=1&tU=0100007F810B3365E706502502888015&tX=b.52&tZ=87220100&env=_ttq_tteurekaads
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 0b95d7fc1c40bd2346dd06b10d62a582fc1e3c334135efcc17ae4400ee5b4678

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:37 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 haGPP_0CJBcyoIC77JmqOENAYvSBlehBq1K2FQ7lO6s.js Show response
pagead2.googlesyndication.com/bg/ Frame DDD5 37 KB
14 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/haGPP_0CJBcyoIC77JmqOENAYvSBlehBq1K2FQ7lO6s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85a18f3ffd02241732a080bbec99aa38434062f48195e841ab52b6150ee53bab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 03:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14722
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Oct 2024 03:15:22 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame D5B2 16 B
209 B 102ms
101ms Fetch
application/json 18.169.68.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.169.68.239 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-169-68-239.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 20 Oct 2023 23:21:38 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 190ms
45ms Preflight 18.169.68.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.68.239 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-68-239.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 20 Oct 2023 23:21:38 GMT
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 69ms
61ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=1995642666070047&vrg=202310170101&nw_id=21622511100%5C%2C54925924&nslots=13&eid=31078704%2C31078968%2C44780988%2C676982961&pub_url=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&qid=CP_bnJLihYIDFVTUEQgdY60A6g&iu=%2F21622511100%2C54925924%2Fdiariodocentrodomundo_multisize&e=0&ret=300x250&req=300x600%7C300x250&bm=0&efh=1&stk=1&ifi=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5B23 2 KB
570 B 37ms
36ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:500

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10683947489417618049/4a9c94527c5bb3ece589f56532583d89.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fd3fad3e15262b0e096e7d7cc57efd2e684a679ccacb704d94542ba3d7d93d17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 23:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 21:44:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 23:21:38 GMT

GET
H3 200 67b27dbdf7ad3495a3699b06713aebe9.jpg
s0.2mdn.net/sadbundle/10683947489417618049/media/ Frame 5B23 27 KB
27 KB 29ms
28ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10683947489417618049/media/67b27dbdf7ad3495a3699b06713aebe9.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10683947489417618049/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

730a396aa5c910230ab2615409f4f8d8a18326d0941db61fa71e1335b1bb8240

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10683947489417618049/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 03:39:51 GMT
x-content-type-options: nosniff
age: 157306
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27747
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 09:17:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 03:39:51 GMT

GET
H3 200 ad6a7273eae3b4955a000d50bc91579b.png
s0.2mdn.net/sadbundle/10683947489417618049/media/ Frame 5B23 7 KB
7 KB 27ms
27ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10683947489417618049/media/ad6a7273eae3b4955a000d50bc91579b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10683947489417618049/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3786a9c325ff55f9e24edd960578f8e76a34c3fd67a6763520d81bb28b82329d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10683947489417618049/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:59:14 GMT
x-content-type-options: nosniff
age: 296543
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7637
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 09:17:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Oct 2024 12:59:14 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E12C 0
12 B 24ms
24ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Zp15JQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5B23 16 KB
16 KB 27ms
26ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:20:08 GMT
x-content-type-options: nosniff
age: 104490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 18:20:08 GMT

GET
H2 200 ca Show response
tt-11382-4.seg.t.tailtarget.com/ 83 B
344 B 163ms
135ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-11382-4.seg.t.tailtarget.com/ca?tZ=571766985&env=_ttq_tteurekaads
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: dff06bf0f62966e1d484ed09a347b15e7e1a7fcf789b83b3c791c365c5292ea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:38 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C5ED 0
0 78ms
72ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstYSN4gzOh-96hIdG2FbgE2nnn9sEG-F9yTe_yD05U4T0IXbix4iz66LTpjtJLxsxE_hObeeOZ9XRp7CK47QQvUZTdkwa6BmD2Hlph9cb1WxpZtwLAJEXGDe6WwGk1Q0KOjm7zLeDFzWXAruZtP0gad9QvOG5mGNQYInGWvhIJco4R_888-dx6plubcHv3K-WcQFZbYW1e1UVxJ1WgYNTpOxyUiEFzUjM_B_YDtmoSfL3suSpiGHy14dKB_pwkj-OwHJE-evJCPt3QfUo7ZwJYVS9cNXcvROMMEX9EXmacjiwYZ7Gy2CRjVcfOIcacvxYQ2hP78rE_L6yCmsbeeCaDDwFb9pYikp3a3lln6GXq-RGmPf8jS22byUO2ob-ojsjfCU2g5oVM0tK0pTlViigkpxwJ_Vfs_xbiElzIq5LDCAAy038297V9duDhGRhAuLu509gl69sb957QtWIJ9jy7tczycUgezxR4MGCUbkpo7QvzNXmolNnQunoSEYmooIW6KbLvRSG7K7U4w1z8qRKVPLzpTiMdFeDrdCQerirAKyD2vQWBRdtTkcBRSuQqA-BEtTtIcrH8NhxOwhnhHj3vHL7giu7cTtbPorBcsoz-dANX1YFdWLKzxjC2L2QA8WihdXYw-RH5s_5g49BGKoBFY1QxN6o84UOBL2Uv036wTv0o7vB_JINOqwp4U8IYFR36N5YHJbJCA4FRfQw_rDgd-jPmEZmjGbxFihO20vFsdveFwKn-J3sEIXf3afGVCDH9zsfwGwhbE5inukfcZbzD2RS2pfFZ-XkcAS_RmoLf-41WwkD7ROVtyEnqudZyK-ssdTcM6m6QsOprfZ4lyNAkjr7mRgcrSTX2Ttu4sKc7iYxT5XaAy2yyU5p8vdgVhKfFJg628EB-ct7Tk32FMZso0kc4f8JxqAyrskOXbQU7591xx6DHeCcxZrnFmQ5SbDJotJlk8U-ai1AdumcHuU4Aw3RPhvQH6KSAih8GIUYSQs4lriVPOWKT-sNjPEtUVDw9OeACpjKTuHuNWUHyqVB5EJ48NTsDLqh20Cac4x8xQ5CFN2-rjvJUNh2AEM93gdjzEZzinb5OY0fbaBpLF2d-3vPj5wfIyUAcBPKoMXVFzHSvm3UPamp6fv8cwRnOewg-5hJI3KP2hHiFHNs1qToOJvJriSdMYW0z6CkE7Pdu9Aup73i0F0NwaKFjl-V2VSTXslWwA7LeI6xg0f2qQPRkE06Oe_bzhLX_jlJTU_u7SzzVtQEscUtpYCy4cNNTlPXNkXvizi7qaUNV3LmqFYrGuIwK_0xOsioCHOj44bKC2cEgLTjlU1fbXx9ZhtfTNw2XYw--vN3ABvZZ16Mlgz9DPx7himh1xFdMXMPf0g3F3cUHRqkfrr8VKp07OsBm05Z560lNq86q8a1FvyN01iYPVdwT4uVBs4aTuVRdEBZp8574lPzW5T9y7LpveWY6VPw&sai=AMfl-YTsZmt8fqhzoUpenZQBuIv1KjXxMSmdfCnUnJTmBKjYXgGPwocCcNiaHdm4_FeAxZhhNadO2B6Q7H2N2-wqSdWiI06R_Z2TtNBtuoqOAdZBJs4TZg24ihe_VHy3XzxUrOUAMdnZY6tGiGUYu6Gkbs00yPEyb_nKQVy0z4PU4OOe0hE3cQP5wKjlimIMfuvSBur1Mlg6Z3Rzm7qNmrD6tnKtqxP-x-V_5O6Qjh_YZ8v9FkCkeL8FtfF2qHDCOFjjqKYxGlST1FFNZvfO038rkRO332ESZxZDpGL-7t03m455E5xCKyEFOJ-KZ6t7_uXIwl0TuF0fA7Kc1Xjh1efWV8uop5aE3LZ5ggVZwvbCDnm1FAI3IIznsGI7QGrKNj76Jvq2Uq-pRIK2-_JvymFsBHPbOaYXX-xM1taTXPXm3NDYtgvIWvUNN0Ov5XJhGXBoWQlbgAUoTcldNytY5xUN-Ml-12Rg_f-HpwDqbp77&sig=Cg0ArKJSzFgh88TuuPyQEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=597&vt=11&dtpt=530&dett=3&cstd=65&cisv=r20231017.55979&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: controle.diariodocentrodomundo.com.br
URL: https://controle.diariodocentrodomundo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 669829e44802166195d64df52e724a0abeb85241474ea05d648012e20b64ffa0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 67b27dbdf7ad3495a3699b06713aebe9.jpg
s0.2mdn.net/sadbundle/10683947489417618049/media/ Frame 5B23 27 KB
27 KB 27ms
27ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10683947489417618049/media/67b27dbdf7ad3495a3699b06713aebe9.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

730a396aa5c910230ab2615409f4f8d8a18326d0941db61fa71e1335b1bb8240

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10683947489417618049/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 03:39:51 GMT
x-content-type-options: nosniff
age: 157307
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27747
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 09:17:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 03:39:51 GMT

GET
H3 200 ad6a7273eae3b4955a000d50bc91579b.png
s0.2mdn.net/sadbundle/10683947489417618049/media/ Frame 5B23 7 KB
7 KB 28ms
27ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10683947489417618049/media/ad6a7273eae3b4955a000d50bc91579b.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3786a9c325ff55f9e24edd960578f8e76a34c3fd67a6763520d81bb28b82329d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10683947489417618049/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:59:14 GMT
x-content-type-options: nosniff
age: 296544
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7637
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 09:17:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Oct 2024 12:59:14 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DDD5 0
20 B 64ms
64ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BP_QlgAszZf-bNdSox_AP49qC0A4AAAAAOAHgBAI&bg=!h4SlhMvNAAY5nEQaGZw7ADQBe5WfONy2MgY2quWf6URSfSqJjrnwWk-8eJWdQMAs9B38mZlDJGOqKLguGGvWvL_dAAulAgAAAHlSAAAAA2gBB5kDG3pl2Jg5RQ8GfSpsiH686IFV_Sqy8xwcyW97x4MB018VZPeUKK7sYwn2U4kAE68dTX0F8Pc6Ngqx8skMch-NqmKV37fSxUV_7Awt2QnajSD13BmeZnQGI6Kw3RzUpJ9MN6cnzJCiR05pCwydZC9cEfT6PiIrnJrtnsM0VGZg2RhpkF-f4tGV18qIy-8pF201kw59E62JC7hPJQVKZGEvUR1aKFVRJXMkKm2j85TGdic9BwxtwLGLrClM641kCgQajz7saCxufKpyZ9Yg7eYyNGLTSeQBeo-ybBzcCOaGdfF4lfVAzCG9rfO9zcafvgyEtIsO0sKI43-bmhqxvaS2VYwCJJaUoQBBAjueW8ELq7IrOysX8qgpvazfjkPjAFMvi_EIIZ7BkoppPqogez7eYrhsxZhbqug6xbAYtxcsk05X-zl8fD2ZnIwrcgzvPKUthzip1itLeO47_62ADGTlq8HFACi9djK886yjCMvbNJizo8PWdU7neTlS2cW-vdDhjnl9RgyxnDbXLEbDA5qDEkdr8usQltRwaz8tpmxVgR_CRQb8EWBF6J7CWnl_UOoXxzRa1bQZSPEwmXS0wP_wbFf62qmPDc9-DbBBl4tmBAeUEHP_5zLKlSHAj_Xg5Dpm9VnWWjsxYFmVij1Kg0TRZBdwyMc9HBflrb-G1BER1umI7eEMmI06NEDggr-Ba9KvaHxhQZ_RQokNEEPzcUsFrzoFXgyjPhOYyEoMg9yzZDdoBlHQrHwjJ796K60d7GeZGU4zgCbKH8X9Aa_WqMTv_kaSnHeqn3cEqqcrdRExA-u_hqoSxMh6UTt9TJ4_x3-gtV41zOtAmQ-SFuj58bAdXBYhoeyjqFm3qXRURPR4iYxQGYTVsXMPPv9QPmplgr81peqpNwjGEPCPMm3Hl690hubuPtJVqDWUyCF9_cQNE1GbboQiLcCe1lLYWVmB8ny4JADJh1ySfMFf7aNb11mFF8Y0eVdKEOQUd2PJugKxqpElScCJ9pcC2jTbOnh5A_B3KpZov02jrUUXTfaYdLPIURWyjVFSiau9YFNwVw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D5B2 0
20 B 64ms
62ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1014988785280&version=m202309260101&ct=77&x=1&cor=291390578648600770

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
299 B 165ms
138ms Image
image/gif 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-11382-4&tE=0&tF=&tI=___de_1697844097883_3648182148&tJ=&tU=0100007F810B3365E706502502888015&tX=b.52&tY=1&tZ=781525822
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:38 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 63ms
63ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310170101&jk=1995642666070047&bg=!d3SldDvNAAbDUgby41I7ADQBe5WfODtQwgErEOecdK2ZzklsSrj8OUR6iG83xuTwAFXITAM15JsO62B1phKQra5hBiVrAgAAAb1SAAAABGgBB5kCyai9XSYvJx8wvD8UALpXsaL42tSebAwMP0NQ2NA0yF1n34s0QfH2jW-GgwByn_8uvBqk8DRPHWUvtxipH6X7kDdf3SgqhVoOYvZO2BJ4hJWWEYHrWtGB5Z2DH5q6oLpJz-FhZE_QWCAjP5W9dnrehgbSYjewZHKJvL2K-v0lZWPVCxxhCri1lF32mnABBmgGSBORlozomwvrGtt_wOW6Lp7qdsxakPNCAVPGRqa34uGI5xfVevrlsXPyrQDl1lwmZVRxfnu9vC6AaO4icR2bzk3AbmMuG7p_rQoxvYtlS6tkhCP8my40V_D0V5D5CPcyuj5bOq9v5qsiFvpU2RTc_mG7BA5Zx8e862S0tZJNPHkRrRfd6kVg_wtSXSmGFgnEHgK7BnDF97m56i7gLMjaiprM7U0xBUk1iSUIWA6R5sxyMxfqUEEV1rSlQDcmGz4lcez7P7peGzMod895EsXcX72hVetiMjbdg_rfvMRQhmAHV60dx0TDPmpZVd7fZYs98E9wBWKB1Ffr9w99SbOqrmyZMfo6BV5xBv6DTfZChhiHdY0kLypRJU2okhxamEZca6S4ss9rJfdJ-WWVkOpT7DV1ragRBe0UpdU8qkmPfMIGeHhgF4WgnbsN1g9nZ6C0zh_M2mYs7tUai-wJ4hxsNS-F4SzDfL4jKBLN51_e14eoWgNTJl0d1yDpZiq9ndyXnabuJji2NvbPTwcPG4NRiCYxwRuZbzo_hE06KT0pGtLhQVB4TH9m4KniKnguHCTE64gvYJIM1x_uCJc9CDUt7ZAhlzqMucazDhBbwra9-2NbEBQ2Ccr9f0t4gugEMf1eDBEM2uMwlR_aXy01yw56_-EUg3EG6QHfpXBBKsfawccxkCRrcBow7Vs7t0j1Pwxvwn7OiywFH3wH2yU0Dsk4sDF9hwTgrxH3TNePvMhU6rYfOmnYSR3UCbuZ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://controle.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C5ED 42 B
64 B 69ms
68ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvuZFry8_7Iw2Foyjs8DIZnkVkeFeWM3HZdMdHe4enQDXralkjCnVA7wSzWaz6Jw5dkjQjK1Wx_7_rjsExPTaQWvM3R0CpWvmViDsFxVvofjBER4ZHL76Rl4wIk1DTELvfofMfzr8p2Nc2p&sai=AMfl-YSptljjOR99z56u0fmmtrv1MYRIPsStgDUSO-UNJzEXr0XaIVZw16Av6WWJ2ZDPE7T5T0RypUtRnUlwoOxIi68XeJBVtWNepxKn_LnwZWcPB1iZRt0d7q-B76aC4sLKKOW8XwU6GLMveOnc&sig=Cg0ArKJSzObQCSgJOa37EAE&cid=CAQSSwDICaaNp9wu4SH9OYs1Qy5f6bQNT86Ga_F7D84VYZPXTkp9qhSVsdwGwdLstb7_wmLhr_NhR8Uow3WUAOTRb-Dea61hB3ES164P2RgB&id=lidar2&mcvt=1000&p=850,1292,1100,1592&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1564916552&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697844097272&rpt=319&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
396 B 118ms
39ms Fetch
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&domain=controle.diariodocentrodomundo.com.br&cw=1&lsw=1

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:38 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 183535
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 142ms
42ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcontrole.diariodocentrodomundo.com.br%2F&domain=controle.diariodocentrodomundo.com.br&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://controle.diariodocentrodomundo.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://controle.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 20 Oct 2023 23:21:38 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 228680
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame D08A 52 KB
17 KB 160ms
38ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 20 Oct 2023 23:21:38 GMT
ETag: "623de86a-cf34"
Expires: Sat, 21 Oct 2023 23:21:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
X-Akamai-EW-Subworker: 8096267

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 59E5 52 KB
17 KB 163ms
38ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 20 Oct 2023 23:21:38 GMT
ETag: "623de86a-cf34"
Expires: Sat, 21 Oct 2023 23:21:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
X-Akamai-EW-Subworker: 8096267

GET
H2 204 /
onetag-sys.com/usync/ Frame 2D03 0
0 42ms
40ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1697844095567

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 3F57 281 B
554 B 152ms
38ms Document
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 20 Oct 2023 23:21:38 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 / Show response
csync.smilewanted.com/ Frame 9717 6 KB
2 KB 67ms
58ms Document
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6417c65a57cd68bc0e5e18cf23b47ee22d6c9643d6b2987c6dbed425baebf25b

Request headers

Referer: https://controle.diariodocentrodomundo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8194ff911c16bb8c-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 20 Oct 2023 23:21:38 GMT
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3F57 41 KB
11 KB 48ms
43ms Script
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6a3f79e15d73b4d7196444acd307f5cf2776085feb4e0244734e6b8eaef21dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 23:21:38 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Oct 2023 12:49:57 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=48432
Connection: keep-alive
Content-Length: 11097
Expires: Sat, 21 Oct 2023 12:48:50 GMT

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame 9717 48 KB
12 KB 49ms
40ms Script
application/javascript 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 23:21:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 662414
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 8194ff923d05bb8c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame D08A 0
597 B 39ms
38ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:38 GMT
an-x-request-uuid: 26d4811e-bd82-4ce6-9570-895dad0a0dec
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.215.132; 217.114.215.132; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 59E5 0
597 B 39ms
38ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:38 GMT
an-x-request-uuid: 459d87f1-04d1-4f9a-bb35-a824273eeb28
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.215.132; 217.114.215.132; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 3F57 7 B
380 B 151ms
34ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame E784 0
321 B 49ms
48ms Document
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8194ff929d46bb8c-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 20 Oct 2023 23:21:38 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame 1FB1 0
0 36ms
36ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame A4A9 0
0 420ms
44ms Document
text/plain 216.52.2.48
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Fri, 20 Oct 2023 23:21:39 GMT
X-Sovrn-Pod: ad_ap5ams1

GET
H2

200

/ Show response
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame E6DC
Redirect Chain

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F

95 B
236 B

45ms
44ms

Document
image/png

167.235.114.248
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.114.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.248.114.235.167.clients.your-server.de
Software: nginx / PHP/8.2.4
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: image/png
date: Fri, 20 Oct 2023 23:21:28 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx
x-powered-by: PHP/8.2.4

Redirect headers

content-type: text/html; charset=UTF-8
date: Fri, 20 Oct 2023 23:21:28 GMT
location: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server: nginx
x-powered-by: PHP/8.2.4

GET
H2

200

RX-0441b874-5190-4856-9a1c-f22c1c229b86-003 Show response
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame 5343
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1697844099242
https://ad.turn.com/r/cs?pid=45&rndcb=7579829842
https://sync.1rx.io/usersync/turn/3854831900112456153?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-0441b874-5190-4856-9a1c-f22c1c229b86-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-0441b874-5190-4856-9a1c-f22...
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-0441b874-5190-4856-9a1c-f22c1c229b86-003

0
708 B

59ms
58ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-0441b874-5190-4856-9a1c-f22c1c229b86-003
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8194ff97d971bb8c-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 20 Oct 2023 23:21:39 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-type: text/html
date: Fri, 20 Oct 2023 23:21:39 GMT
etag: RX0441b874519048569a1cf22c1c229b86003
location: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-0441b874-5190-4856-9a1c-f22c1c229b86-003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H2

200

9f3c04dd-ed34-5226-979f-d44df2acdfce Show response
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame FBD4
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=-7060205663746123815
https://csync.smilewanted.com/set_partner_userid_get/betweenx/9f3c04dd-ed34-5226-979f-d44df2acdfce

0
429 B

60ms
60ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/betweenx/9f3c04dd-ed34-5226-979f-d44df2acdfce
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8194ff9758ecbb8c-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 20 Oct 2023 23:21:39 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
location: https://csync.smilewanted.com/set_partner_userid_get/betweenx/9f3c04dd-ed34-5226-979f-d44df2acdfce

GET
H/1.1 204
No Content smwt256.gif
us.ck-ie.com/ Frame E060 0
0 392ms
134ms Document
text/plain 8.2.108.175
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Fri, 20 Oct 2023 23:21:39 GMT
Server: nginx

GET
H2 200 cookie Show response
cm.adform.net/ Frame B1B3 43 B
106 B 150ms
44ms Document
image/gif 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 43
content-type: image/gif
date: Fri, 20 Oct 2023 23:21:39 GMT
server: nginx

GET
H2

200

sync Show response
x.bidswitch.net/ Frame F6D3
Redirect Chain

https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230
https://dis.criteo.com/dis/usersync.aspx?r=73&p=230&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fgdprapplies%3d0%26gdpr%3d%26redir%3dhttps%253A%252F%252Fcsync.smilewanted.co...
https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24{CRITEO_USER_ID}&profile=230&uid=14935f16-5647-41...
https://x.bidswitch.net/sync?ssp=criteo&custom_data=-3zeUV9vZDZQZmZwS1dMOFd4TU81aHBOZ0NsTDVUNlJQVHlBaERPSDVlaEVveE53dFZ3V2JMbjVWaFhRaHhhTkZlSmIxMkUzeTRja0xYclB5NGtTR2taTVE5UTRTYTNsbFo5Z2E5ekJUd0toN...
https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=-3zeUV9vZDZQZmZwS1dMOFd4TU81aHBOZ0NsTDVUNlJQVHlBaERPSDVlaEVveE53dFZ3V2JMbjVWaFhRaHhhTkZlSmIxMkUzeTRja0xYclB5NGtTR2taTVE5UTRTYTNsbFo5Z2E5ekJ...
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=9d242d4d-2bb3-4e7e-b003-36bab045c692&gdpr=&gdpr_consent=&us_privacy=
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=9d242d4d-2bb3-4e7e-b003-36bab045c692&gdpr=&gdpr_consent=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=2c301c4b-5494-4b8f-bd14-9f493f978116&ssp=criteo

43 B
145 B

35ms
35ms

Document
image/gif

3.65.170.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=2c301c4b-5494-4b8f-bd14-9f493f978116&ssp=criteo
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.170.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-170-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif
date: Fri, 20 Oct 2023 23:21:40 GMT

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Fri, 20 Oct 2023 23:21:40 GMT
Location: //x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=2c301c4b-5494-4b8f-bd14-9f493f978116&ssp=criteo

GET
H2

200

c33a802290cbae4028c818a5bdb7b1b Show response
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 9B09
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/freewheel/c33a802290cbae4028c818a5bdb7b1b?gdpr_consent=&gdpr=0

0
411 B

75ms
74ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/freewheel/c33a802290cbae4028c818a5bdb7b1b?gdpr_consent=&gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8194ff968856bb8c-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 20 Oct 2023 23:21:39 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Fri, 20 Oct 2023 23:21:39 GMT
Expires: Fri, 20 Oct 2023 23:21:39 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/freewheel/c33a802290cbae4028c818a5bdb7b1b?gdpr_consent=&gdpr=0
Pragma: no-cache
Server: nginx
x-sticky-vk: 1697844099385067-420

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 0C53 0
0 179ms
47ms Document
text/plain 3.69.215.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.215.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-215-73.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Fri, 20 Oct 2023 23:21:39 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame D08A 0
597 B 55ms
55ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:39 GMT
an-x-request-uuid: 664fb7d0-0696-45b1-8172-111f3a12d4a9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.215.132; 217.114.215.132; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 59E5 0
597 B 57ms
57ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 23:21:39 GMT
an-x-request-uuid: fb03bb02-45a5-4303-ad64-0988e7c996b4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.215.132; 217.114.215.132; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/685625985474656849/media/ Frame 6BD0 5 KB
3 KB 30ms
29ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/685625985474656849/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/685625985474656849/0717242f3acd4935e3ae22056ad67479.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/685625985474656849/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177623
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Oct 2024 22:01:17 GMT

GET
H3 200 94b8e4ecff73b8a16c70e2331be84df9.png
s0.2mdn.net/sadbundle/685625985474656849/media/ Frame 6BD0 4 KB
4 KB 30ms
29ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/685625985474656849/media/94b8e4ecff73b8a16c70e2331be84df9.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

015b7e58f0c92c52619b207ea31059ade01dd99e1329e98cb2695fa1f324dbb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/685625985474656849/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 05:07:17 GMT
x-content-type-options: nosniff
age: 152063
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3688
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 05:07:17 GMT

GET
H3 200 ibm_plex_sans_700_normal.ttf
s0.2mdn.net/sadbundle/685625985474656849/fonts/ Frame 6BD0 172 KB
75 KB 29ms
28ms Font
font/ttf 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/685625985474656849/fonts/ibm_plex_sans_700_normal.ttf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/685625985474656849/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 14:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116503
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76650
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 12:31:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 14:59:57 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/themes/Newsmag/style.css?ver=3.5c

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/tagreuters-com2023binary_lynxmpej8k00d-filedimage-600x400.webp

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2022/03/stuckert-lula-reproducao-600x400.jpg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/renato-mariano-600x400.webp

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/abin-pf-600x400.webp

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/israel1-600x400.webp

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/giorgia_meloni_lascia_andrea_giambruno_jpg_1600x900_crop_q85-600x400.webp

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/exuteama-600x400.jpg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/record_rachel-600x400.jpg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/marilia-gabriela-600x400.webp

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/169772543965313bff41412_1697725439_3x2_lg-600x400.jpg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/golpe-do-tinder-600x400.jpg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/tarcisio-de-freitas-7-600x400.webp

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/amanda-pichada-600x400.png

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/zonshine-e-bolsonaro-600x400.jpg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/dcm-ao-meio-dia-8-600x400.jpg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/essencial_1910-600x400.jpg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/dcm-ao-meio-dia-7-600x400.jpg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/essencial_1810-600x400.jpg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/104734706-ri-rio-de-janeiro-19-09-2023-oito-das-21-metralhadoras-do-exercito-que-foram-furtada-600x400.webp

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/ocinpasnca-600x400.png

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/1697806296653277d80f821_1697806296_3x2_md-600x400.jpg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/45465_1697616623-600x400.jpeg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/shireen-abu-akleh-morte-al-jazeera-600x400.jpg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/screenshot-2023-10-14-at-20-07-56-600x400.png

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/foto_destaque-600x400.jpg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/karoleller001-jpeg-600x400.jpg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/npc_1-600x400.jpg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/08/idoso-18-600x400-1.webp

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/08/o-que-larissa-lewis-poderiam-ensinar-neymar-600x400.jpg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/al-quds-hospital-gaza-20102023153400647-600x400.jpeg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/120623-o-presidente-lula-e-a-presidente-da-comissao-europeia-ursula-von-der-leyen-em-encontro-no-palacio-do-planalto-1686589497247_v2_900x506-jpg-600x400.webp

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/netanyahu-600x400.jpeg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/20231020145446437983a-600x400.jpg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/08/friboi-canada-carnes-premium-600x400.jpg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/07/bndes-600x400.jpg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/mtst-protesto-600x400.jpg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/essencial_1310-600x400.jpg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/ailton-krenak-600x400.jpg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/essencial-2-600x400.jpg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/essencial-dcm-1-600x400.jpg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/rebeca-ouro-600x400.png

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/25424663-600x400.jpg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/assessora-anielle-sao-paulo-flamengo-600x400.webp

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/copadobrasil-600x400.webp

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/05/capa-relatorios-moro-comprovam-participacao-fbi-lava-jato-600x400.jpg

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2022/11/2019-02-11t102037z-1921740306-rc1da6acd270-rtrmadp-3-iran-revolution-anniversary-rally-tasnim-news-agency-reuters-600x400.webp

Domain: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2022/11/richarlison-563580-600x400.webp

Domain: news.google.com
URL: https://news.google.com/swg/_/api/v1/publication/CAowx6PTAQ/article

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEIAEiwiLXTzi2-ZupoR-sCw&google_cver=1

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Verdicts & Comments Add Verdict or Comment

166 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

61 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.controle.diariodocentrodomundo.com.br/	1969-12-31 23:59:59	Name: serverdoID Value: llpmg3essrk8kr06d9a239pj06
.onesignal.com/	1970-01-20 15:37:25	Name: __cf_bm Value: DI_yei675nF5E0bMXmjPSjY9iHFTw1wkZy4bVmBITIA-1697844094-0-AYW6VMb2bzJS2wn74o/e2VnOj6KtUKHJmb3aIHTR7AQKgf1xth8sMs8I2eAKXJmclsuL+x1/vojyycLYIsk4ans=
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: rMGNgCgxDd4
.youtube.com/	1970-01-20 19:56:36	Name: VISITOR_INFO1_LIVE Value: HeZxlyZTW18
.diariodocentrodomundo.com.br/	1970-01-20 17:47:00	Name: _fbp Value: fb.2.1697844094658.43356487
.diariodocentrodomundo.com.br/	1970-01-20 15:38:50	Name: _gid Value: GA1.3.117015083.1697844095
.diariodocentrodomundo.com.br/	1970-01-20 15:37:24	Name: _gat_gtag_UA_33507983_1 Value: 1
.diariodocentrodomundo.com.br/	1970-01-20 15:37:24	Name: _gat_gtag_UA_175164381_48 Value: 1
.diariodocentrodomundo.com.br/	1970-01-21 01:13:24	Name: _ga_1B73ZLD4M4 Value: GS1.1.1697844094.1.0.1697844094.0.0.0
.diariodocentrodomundo.com.br/	1970-01-21 01:13:24	Name: _ga Value: GA1.1.9135856.1697844095
.rubiconproject.com/	1970-01-21 00:23:00	Name: khaos Value: LNZ8JCFZ-W-C9KH
.rubiconproject.com/	1970-01-21 00:23:00	Name: audit Value: 1\|yQuirGeEF6AOT1ighAj6D8zzH/SUMvpGs1wMD2ZZQDIKdoywSGEkcEvS5LapRNFbhWVQ4wfOpuOfnx/63/qfXL1CxbbD0cVyP2KYlAhr2gHYKUE+IBgSZe2C6yAnh5iM1puu6LoX8NQijy0RC4Zd8RuybVyVU0yt
.diariodocentrodomundo.com.br/	1970-01-21 01:13:24	Name: _ga_0GMVBG1EJ0 Value: GS1.1.1697844095.1.0.1697844095.0.0.0
.doubleclick.net/	1970-01-21 00:59:00	Name: IDE Value: AHWqTUle1gXouXpdlPTGrIS4iA4YQoUB0_xsCT0aEjpt7Ps6-vThdZJivH_faBhm
.adnxs.com/	1970-01-20 17:47:00	Name: uuid2 Value: 8819523566971276041
.casalemedia.com/	1970-01-21 00:23:00	Name: CMID Value: ZTMLf903l4bfY5Ld9GQndgAA
.casalemedia.com/	1970-01-20 17:47:00	Name: CMPS Value: 5149
.casalemedia.com/	1970-01-20 17:47:00	Name: CMPRO Value: 5149
.doubleclick.net/	1970-01-20 19:56:36	Name: APC Value: AfxxVi6WOO3kYnvrZWwxIKhqYkmsbczg6TStRKCxdQ1szr-UH-natw
.adnxs.com/	1970-01-20 17:47:00	Name: anj Value: dTM7k!M41.D>6NRF']wIg2IllrBX7R!]tbPl1M>e)ZlrFUfJ+tGXxpS9%zoqINm>z_FugJT*jkpLx46/X^YWEF6+@33If)y3KL9D3I?+>_8-RF
.doubleclick.net/	1970-01-20 15:37:27	Name: DSID Value: NO_DATA
.redintelligence.net/	1970-01-20 17:47:00	Name: 8lcfmzhxc8d6_uid Value: 39910d637880069a
.awin1.com/	1970-01-20 15:47:28	Name: awpv11601 Value: 113440\|1697844096\|6a2273b0-6f9f-11ee-b483-223780762ed7
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357526:3266505
.office-partner.de/	1970-01-21 01:13:24	Name: source Value: {"webgains_webgains":{"timestamp":1697844096799,"clickCookie":false}}
controle.diariodocentrodomundo.com.br/	1970-01-20 15:37:25	Name: tt_c_vmt Value: 1697844097
controle.diariodocentrodomundo.com.br/	1970-01-20 15:37:25	Name: tt_c_c Value: direct
controle.diariodocentrodomundo.com.br/	1970-01-20 15:37:25	Name: tt_c_s Value: direct
controle.diariodocentrodomundo.com.br/	1970-01-20 15:37:25	Name: tt_c_m Value: direct
controle.diariodocentrodomundo.com.br/	1970-01-21 01:13:24	Name: _ttuu.s Value: 1697844097310
.doubleclick.net/	1970-01-20 15:37:24	Name: test_cookie Value: CheckForPermission
.t.tailtarget.com/	1970-01-21 00:23:00	Name: u Value: fwAAAWUzC4ElUAbnFYCIAgB=
.t.tailtarget.com/	1970-01-20 15:40:16	Name: _ssc Value: y
.diariodocentrodomundo.com.br/	1970-01-21 00:59:00	Name: __gads Value: ID=4b219d2b3de9b644:T=1697844095:RT=1697844095:S=ALNI_MZivMqRwoS_SFc-Kvzf1OaaNWqpMw
.diariodocentrodomundo.com.br/	1970-01-21 00:59:00	Name: __gpi Value: UID=00000c9e8b1b0976:T=1697844095:RT=1697844095:S=ALNI_MZhHmr86B4LJMDobdtXH3Z9gFJ4ew
controle.diariodocentrodomundo.com.br/	1970-01-21 00:23:00	Name: tt.u Value: 0100007F810B3365E706502502888015
.t.tailtarget.com/	1970-01-20 16:20:36	Name: ttbprf Value: ___de_1697844097883_3648182148
.t.tailtarget.com/	1970-01-20 15:37:25	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-20 16:20:36	Name: ttnprf Value:
controle.diariodocentrodomundo.com.br/	1970-01-20 15:38:50	Name: tt.nprf Value:
.tt-11382-4.seg.t.tailtarget.com/	1970-01-20 15:37:27	Name: ttca Value: _1697844098
.controle.diariodocentrodomundo.com.br/	1970-01-20 15:37:27	Name: _ttdmp Value: \|LS:
.t.tailtarget.com/	1970-01-20 16:20:36	Name: n Value: 1697844098
.turn.com/	1970-01-20 19:56:36	Name: uid Value: 3854831900112456153
.1rx.io/	1970-01-21 00:23:00	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-0441b874-5190-4856-9a1c-f22c1c229b86-003%22%2C%22nxtrdr%22%3Afalse%7D
.ads.stickyadstv.com/	1970-01-20 16:20:36	Name: UID Value: c33a802290cbae4028c818a5bdb7b1b
.criteo.com/	1970-01-21 00:59:00	Name: uid Value: 14935f16-5647-4149-8abf-2cd0e78e872b
.betweendigital.com/	1970-01-21 00:23:00	Name: dc Value: lux1
.betweendigital.com/	1970-01-21 00:23:00	Name: tuuid Value: 9f3c04dd-ed34-5226-979f-d44df2acdfce
.betweendigital.com/	1970-01-21 00:23:00	Name: ss Value: 1
.betweendigital.com/	1970-01-21 00:23:00	Name: ut Value: ZTMLgwAKh1CZH-yO73Jhox3fO4GLMtgunOi40g==
.targeting.unrulymedia.com/	1970-01-21 00:23:00	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-0441b874-5190-4856-9a1c-f22c1c229b86-003%22%7D
.bidswitch.net/	1970-01-21 00:23:00	Name: tuuid Value: 9d242d4d-2bb3-4e7e-b003-36bab045c692
.bidswitch.net/	1970-01-21 00:23:00	Name: c Value: 1697844099
.bidswitch.net/	1970-01-21 00:23:00	Name: tuuid_lu Value: 1697844099
.smilewanted.com/	1970-01-21 00:23:21	Name: sw_user_params_infos Value: xVm5Mc3B%2BV1BZd8C9owJeLcdTOhs%2Brp3q5C2koxqfj7Kmg3%2FA7M7ZLS97C4QlDlHxu1l3RWnRf0YspF7%2FXzsWLVopILZrGwDlRqKHBfJY6tkLqRFHAyORmJ5oyoWoCqkos6sr9bekvYwO114E4nUypPIeIPWEMC3Zpux2eLZyeM%2FXjDEPQefKPrd8D2XU9CypuPvxvj%2F7ejOKy%2F0IaitO%2FZzLq37OYZVEGB%2Bpw56ut14ueCf%2F0nY8C3dqFMbv2KgT94aDQpMvko1lRVCmaWDcE24I157spkMWeatgPgmaCCxJrWDZUMe6dDZFRRsD27YCqhAjcdbR12LXzXD0FHojAn%2FICUSlSzgwm6lcUyT2Gg%3D
.bidswitch.net/	1970-01-20 15:37:24	Name: custom_data Value: -3zeUV9vZDZQZmZwS1dMOFd4TU81aHBOZ0NsTDVUNlJQVHlBaERPSDVlaEVveE53dFZ3V2JMbjVWaFhRaHhhTkZlSmIxMkUzeTRja0xYclB5NGtTR2taTVE5UTRTYTNsbFo5Z2E5ekJUd0toN0hzNVQlMkZLSXZpJTJGeHpteTJnRkszaUZCY2lFREJKJTJCVmlHc1VNbDdiJTJCcUhSUFQxVlR0ZEZtS2pRMm54Y2lYMllhbDF0MXI3cUs4T1BTYmI5cFZwSWZLdGxRcw
.mfadsrvr.com/	1970-01-21 01:13:24	Name: tuuid Value: 2c301c4b-5494-4b8f-bd14-9f493f978116
.mfadsrvr.com/	1970-01-21 01:13:24	Name: c Value: 1697844100
.mfadsrvr.com/	1970-01-21 01:13:24	Name: tuuid_lu Value: 1697844100
.mfadsrvr.com/	1970-01-21 01:13:24	Name: ssh Value: !bidswitch,1697844100

56 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/themes/Newsmag/style.css?ver=3.5c Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/tagreuters-com2023binary_lynxmpej8k00d-filedimage-600x400.webp Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2022/03/stuckert-lula-reproducao-600x400.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
other	warning	URL: https://controle.diariodocentrodomundo.com.br/(Line 648) Message: Unrecognized feature: 'web-share'.
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/renato-mariano-600x400.webp Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/abin-pf-600x400.webp Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/israel1-600x400.webp Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/giorgia_meloni_lascia_andrea_giambruno_jpg_1600x900_crop_q85-600x400.webp Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/exuteama-600x400.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/record_rachel-600x400.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/marilia-gabriela-600x400.webp Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/169772543965313bff41412_1697725439_3x2_lg-600x400.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/golpe-do-tinder-600x400.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/tarcisio-de-freitas-7-600x400.webp Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/amanda-pichada-600x400.png Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/zonshine-e-bolsonaro-600x400.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/dcm-ao-meio-dia-8-600x400.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/essencial_1910-600x400.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/dcm-ao-meio-dia-7-600x400.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/essencial_1810-600x400.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/104734706-ri-rio-de-janeiro-19-09-2023-oito-das-21-metralhadoras-do-exercito-que-foram-furtada-600x400.webp Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/ocinpasnca-600x400.png Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/1697806296653277d80f821_1697806296_3x2_md-600x400.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/45465_1697616623-600x400.jpeg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/shireen-abu-akleh-morte-al-jazeera-600x400.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/screenshot-2023-10-14-at-20-07-56-600x400.png Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/foto_destaque-600x400.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/karoleller001-jpeg-600x400.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/npc_1-600x400.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/08/idoso-18-600x400-1.webp Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/08/o-que-larissa-lewis-poderiam-ensinar-neymar-600x400.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/al-quds-hospital-gaza-20102023153400647-600x400.jpeg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/120623-o-presidente-lula-e-a-presidente-da-comissao-europeia-ursula-von-der-leyen-em-encontro-no-palacio-do-planalto-1686589497247_v2_900x506-jpg-600x400.webp Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/netanyahu-600x400.jpeg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/20231020145446437983a-600x400.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/08/friboi-canada-carnes-premium-600x400.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/07/bndes-600x400.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/mtst-protesto-600x400.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/essencial_1310-600x400.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/ailton-krenak-600x400.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/essencial-2-600x400.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/essencial-dcm-1-600x400.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/rebeca-ouro-600x400.png Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/10/25424663-600x400.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/assessora-anielle-sao-paulo-flamengo-600x400.webp Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/09/copadobrasil-600x400.webp Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2023/05/capa-relatorios-moro-comprovam-participacao-fbi-lava-jato-600x400.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2022/11/2019-02-11t102037z-1921740306-rc1da6acd270-rtrmadp-3-iran-revolution-anniversary-rally-tasnim-news-agency-reuters-600x400.webp Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.diariodocentrodomundo.com.br/wp-content/uploads/2022/11/richarlison-563580-600x400.webp Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
security	warning	URL: https://cdn.ampproject.org/amp-story-player-v0.js?ver=v0(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cdn.ampproject.org/amp-story-player-v0.js?ver=v0(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript	error	URL: https://controle.diariodocentrodomundo.com.br/ Message: Access to fetch at 'https://news.google.com/swg/_/api/v1/publication/CAowx6PTAQ/article' from origin 'https://controle.diariodocentrodomundo.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://news.google.com/swg/_/api/v1/publication/CAowx6PTAQ/article Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://a.teads.tv/media/format/v3/teads-format.min.js Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEIAEiwiLXTzi2-ZupoR-sCw&google_cver=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

367ab072a004c6a43d8f9664983efbde.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
a.teads.tv
acdn.adnxs.com
ad.turn.com
ads.betweendigital.com
ads.stickyadstv.com
adservice.google.com
adv.office-partner.de
analytics.webgains.io
ap.lijit.com
api.webgains.io
at.teads.tv
b.t.tailtarget.com
cdn.ampproject.org
cdn.onesignal.com
cdn.track.production.webgains.team
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
controle.diariodocentrodomundo.com.br
csync.smilewanted.com
d.tailtarget.com
dis.criteo.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900011.redintelligence.net
ib.adnxs.com
imasdk.googleapis.com
jnn-pa.googleapis.com
match.sharethrough.com
news.google.com
onesignal.com
onetag-sys.com
pagead2.googlesyndication.com
prebid-us.creativecdn.com
prebid.smilewanted.com
prg.smartadserver.com
pv.medialead.de
region1.google-analytics.com
rtb.mfadsrvr.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssp-sync.criteo.com
static.doubleclick.net
static.smilewanted.com
stats.g.doubleclick.net
sync.1rx.io
sync.richaudience.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.tailtarget.com
t.teads.tv
tags.denakop.com
tags.juicebarads.com
tags.t.tailtarget.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
tt-11382-4.seg.t.tailtarget.com
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
www.awin1.com
www.diariodocentrodomundo.com.br
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
x.bidswitch.net
news.google.com
sync.search.spotxchange.com
www.diariodocentrodomundo.com.br
104.18.27.193
13.42.246.66
138.201.63.164
138.201.64.38
142.250.184.198
145.239.193.130
167.235.114.248
172.217.16.194
172.217.18.98
172.67.10.198
178.250.1.9
18.169.68.239
18.192.43.30
18.66.147.120
184.30.16.183
185.184.10.30
185.86.139.59
188.42.191.196
190.89.238.88
190.89.239.238
2.16.238.19
2.18.161.51
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
216.52.2.48
23.212.218.19
23.32.185.35
23.35.229.251
2602:803:c003:200::61
2606:4700::6812:160e
2606:4700::6812:d73b
2a00:1450:4001:800::2001
2a00:1450:4001:800::200e
2a00:1450:4001:803::2001
2a00:1450:4001:80b::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::200e
2a00:1450:4001:827::200a
2a00:1450:4001:828::2006
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2006
2a00:1450:4001:830::2008
2a00:1450:4001:830::200e
2a00:1450:4001:831::200e
2a00:1450:400c:c0c::9a
2a02:2638:3::6
2a02:2638:3::c
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3120::3
2a0b:4d07:102::1
3.65.170.64
3.69.215.73
3.71.149.231
34.102.185.99
35.201.123.184
35.244.159.8
37.157.4.28
37.252.171.149
46.228.174.117
51.89.9.251
69.173.144.138
8.2.108.175
95.101.149.35
99.86.4.53
002c29a005b685baa52e5ff0819c59fb3cfa8915f38c648615302bfb09b93b09
015b7e58f0c92c52619b207ea31059ade01dd99e1329e98cb2695fa1f324dbb4
01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874
02dbd52e663d638a7190eba7acd734ea222096dea2939c335edce9e3ce140d72
048d9ddb2fec6b4debb3dcee23fb84252ad4c0a0e0fa443d652ef7879f07f0ca
06c8432058aae2047bf8e033cf675c25cbc7f476af9d719b0ff19962237b523f
06ef2830fb689dd07be27aa26233460f37071d0edede6c57191d0b6f6ca0a496
08178dec32780008ceff46cadfc784e17fc7d07570a9f5e7c4f334aa29e66570
08756c47213d461baa3b01f42448a76d11f524470c7a34f9018733889bd4f49c
09d6a1f19c12d9d259da56a23d3e4a916e9271fc94dccc76283faff9d41d88ac
0a9baaa810bce026c3eebe92d3e06dd30ce107f8acbd02edc127433f03f619d3
0ae3e3aaec4b8b1d5e14faa56ffb092cc37e9d5d430f04137e0446c7eca6831c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b95d7fc1c40bd2346dd06b10d62a582fc1e3c334135efcc17ae4400ee5b4678
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c464c8fe534e1979c2656dfc7f5849499c7829f23d55e9f348baa52fa2eaf93
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069
12361e37780b64baaf947147ddcb46d7377e0c2f1d17a3751d3b7dfd878bdabf
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1378a98d9f8a65ca651ebf805935ecd6ce3cbc433b9ea4ea9feea97487d42d90
13e66b6fa2fc157f6883f7eca9b1e59c460b3a1fd11e90daa01a3127af161d53
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0
1a1b951ecca23d6e0e1a16cc2f98df705c8b8e213a960baf84f78bcd3114f843
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
202b69df205eb7c43dc61c090c6399f7cc300335f362d90744593d98a1e3498a
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
26218cb3014fd037f084f500adf0a20fd3d8f47fc1c05a3b911d54dbdb869aa7
26f4321080cbb76b73cf32a7a07f07d7043703055fd88f86f7153f38bb5e8ab7
2706e6221a4318c1f6619b2f12a91ef0ef1a1e35ed4fc80c712bad4150dd65af
27d2fa812fb99bf6f044e7c9cb32d5816237ca7866b1aaab76634e7da375ae88
2baed425dd0f5479f5a6b0d55d4d485466c3550b7ce4ee546ac8bdad1ed156cc
2c0fb52a345fb6edc28ecf375d99ce417c45f70c7052f4934763933bf4c974eb
2d72f2f8c0dbaa53d7cbcef1e314514f8d40fe231ca04a7726cb7c70f1124b0d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718
2fcd2d5345742ca74d01b6c75ed42853d2cc9e2beab67d80825c9f4887df8516
3094d7de8a2a2bb99eef715f100745059802df8d1b85cfc15bea8680227ff0f6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3232bd62b151a9a3bc340aaaeb0786340f4acf64acc0403c5f646bea437308fe
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
374dc66429a5d3fabb947be8b237a02f525595f5a9c3170e4a755e86a89a2edf
3786a9c325ff55f9e24edd960578f8e76a34c3fd67a6763520d81bb28b82329d
3787388fca17351a123c52a64c158526bedd034f6454740d4051b3f38a2f4e0e
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3926365716d32636fc97fafc20ab7bc4bb53c3391076ce17fe9367ec0e0ae777
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
407a46751cc60c55c068435c9799b842708c649ab9be7f6927ee908f6da44f93
40b0a6be42af90a7fb8c962e05f445731656fcb9496b5f0ceeeb49606775d38f
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
428669244dc25878dc92d727b1caef42384c54305988196073497ec7b082ec53
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c0740c9a5980492d28922f3ef96c7a0fab1fd229fd02fe6ee7cc36cfa81d8c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d60785fbe6224b14b175bbfdd66dba285ecf8a450e2d9a1caf70a96d81c0dd4
4dc499b26f68e4b89e16f0d8b28f43fc7b7e7fd9b92e067558af0491e41543c4
4dfd6dba6688605c98bc2a7b75895f83f13d0fea3384613001a845cdde222c62
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
521457922129a04fbc4524021ac47021659a1e1931c5dfe1a0e13be5dcaaefba
5216a322dfa08421ebd4f0babbc897fec99c1f7986160d186ea1a5f05a54524f
5235b988a6645ae51438321d31116c73a5cf77ac55872fec21b8a010b2bce676
52389d001078a8434fb5aef3beb0c7d15e903689e9a03c3ff35eae852cb42fc9
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e737d40b9f3f5a5ee5d0e9d12c87dbe40bfbb4577d133afc28d887259ed918
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
57cdbb0a6b271d86d09ed5249d68f79c89d5a6374617d3638bd0cb5805002eb4
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5a9d134193748f7d24ad60dfceb6f760fc994a4d0630b541d14ea2411e20789e
5dca04c94ca9ce00ac27f8035781270aaefe1a48597cf9dc3cc0cd71845b254b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6417c65a57cd68bc0e5e18cf23b47ee22d6c9643d6b2987c6dbed425baebf25b
64756c19bee5e8d01058b314e7d783f74489b1c667f8db67010d05cca73a8bce
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
669829e44802166195d64df52e724a0abeb85241474ea05d648012e20b64ffa0
67786c69cef6b361e5480d29eae387c463c5208fce12203953c23122371c10ce
67b27d97ce1d287bd6b2fa55e6e5ce400e37444754afb6746e0f17a45643d024
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
6a3f79e15d73b4d7196444acd307f5cf2776085feb4e0244734e6b8eaef21dcd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6c60c296b3472130b7ace33547b38bc4f2107658891ad3fa6d39b181eab916cc
6ee5c9e9f3ff16052b3ccd7ba71c89dc87f5364b8135ff8c604bd7be650cad62
6fdd4e9b40aca531e10530f776c3fbb6ef8c74d360d93a75a23cb22153fbecbc
71c7f8038f75b230b714c7ad28ae8ef1b2b1deace85e39b8abdf484a85de8dd4
730a396aa5c910230ab2615409f4f8d8a18326d0941db61fa71e1335b1bb8240
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
74e77fe8f0569d056bff926b617a05cd49096105b204974f7f3e3e29a4387004
79a0921b50081da5c22158e4db8951b89ad58f15376361ee088a8b7e320bda45
7a56bcc6c88f8ea1cff6038a12d43cabbd2b2c7110ba65b1c70eaba9810339c2
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7f1999dd213ea15813d6e27249169c4d54cfec7150e81ed1e1aad85d7b20202f
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
83580e8f0861084db39e70791515e4df9870cfa209281a8ae9349480c5e0a7e5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181
85a18f3ffd02241732a080bbec99aa38434062f48195e841ab52b6150ee53bab
87a699bdbce507d8254a346a608dcb17a7257c04d5e5009303f7d7b6356f403a
91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773
925af85c767a5f924eaa2f39a50ebeac3957791ca9860c4f025d356604c11ff6
934ae5f5f7098e352b9234af02536e15fdf15465695230d5ecdee84a09f36a12
945781cb81e583f87424ba0f9e947942b36c1b70ec5ca0cdbf133d7ab0f60ed4
952602edcfc95b77e6ee3aeacba2189bbae39d09673c7cc52bca2bdd70697828
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96e9f114b577f1eef812afa6b1dacbef2ed4088ad2ad705305c3ff27987ff0e3
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
99027d866818f716d208569108a962ac72200197cae503efe5b6bf002bf4915b
9a7eeeb8d2863980375bd8e690639e5d3826305376ac7aa3988c65778b860852
9a827819f3bcf60c50acfc3f10a8fd45bd029dd9c6d1ed876ee18b414f78e281
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9c450f299585c47abe1acfd7a1d6ceddd1614b6670005a5bf45aae1135b3661e
9d1b649bacba7f53095d874438328c45a0d568142cd42715f2aeb0c4cedb41c6
9f97a1208bfbed36adde1345a778e2ddd3b5267b96fcb85abb1e4b3e7d261bbe
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1c9908f072a74d69147eac3ee64455290bd6825448785c4c6a669321ca234d6
a4bbfd08bfee535925b22f07083828c3e7f2713dd217723ccf245855c816cae5
a609604e115bdb416bb719acef9d33a6aae34f2b84773ea21b77b77bc412e17e
a64fb91991a6307daf89f344218507653cd14e4ca2e746e7c92c46f9e5f16bbb
ac63b4552bdf253714da1c00ea927ea09d4d84cf7687ea1b1cfb3685405774b0
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ae6785b144aa75b0dfccba86b3f52f804b4d8c2ba3a01bca28fbc69ca286ec29
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d43cac7a53146ce3eaf2626b1d3495079b1a2d40241cd5badf0843d6a10277
b5e98a07cf259dab27425ba4955f304c780f9ba143bf6f49299db4e426b91361
be54ae5622032190074e9e9cec319c271b61e167e748f5a4f4a304f2ef076276
bff213874ce3d0ba3e7b2d018294c6f0145891a59ad5b1d0bf3ef1b65efe3292
c09fbb1f1381cc674ed6b74acd5105650e48a7a1fea516ba565dcd0da2d6c0e1
c0cf859681c6d2bc6c8329066a7639ec52932f654e43a161b4a7af96fc7237ae
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c36ce5a76d55685349b01392b4bd0d6498ae8aa10ab3faa101c12abd6032a57f
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c710fc3285d3e2038d27dafe77e59956ecb61a69f18d28c0957eabd9b4abdd88
c7bb958205aa3e2395e8ef5443b24f95d27884dbd0603dd6faaf4970e6b4201f
c7f24581886a29315322852f5c1209364bd0487420c70b789401aa40305402df
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
ca6f07ec1368dbc869318144688deac0eca76f09553a468c942c2d9a227ca4f5
caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d21ceb851783799cb96a8875271866118c846e43e44567a2aee4d8a8b3a5ae68
d2b62fdeda07eb6006a6c2cd6ca5c103f7eabb0d28409ef2d2609f4d5898029f
d42d9e8a5975207cb02aae556e0403d885ec3e05da4ef170c07595c4a500c69d
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8410d6e14af3dedaee1f2e1607413f7e0425e0994f15820235bfffffb0f59b5
d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59
d89c97bd96db1b12de096bdd804361857a3898ecb7399d8d030a4621861a2e53
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
ddc9471391b336ab6faac513afe0050a5c7fed6df3f0d493aaae1ec3703f1ff3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dff06bf0f62966e1d484ed09a347b15e7e1a7fcf789b83b3c791c365c5292ea0
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e34104800b8b7644a2d64c2816157a532e0be6adf06925aa572afdeab8992fe2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
e8b5ccd1cb8a249619c226134717f26917e1128581168f53c85444e91d58c628
e8e5cf0256c8aaa31bc7c44b0a98d9372a3a8891350494b18e1d5fd85dee188b
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
edd9e84c61af433a486d16d1ffa3d0283829039adaeb70256f7f202cf6a7269f
eec4b94845cc618d4c39bf28caff907e3ae842f7ce0ea3c2e5ad415b2a1d367e
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eef2d843b6778b710b40edb636b588fa4ccc8975a29cef25ac3125b96cc778cf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef298acaf2b380e09625c3bae9c59200a838fc3d75a144a422b271e2c48bef36
f14fe12ab7033abf1ec82fbd6c7dedaf36998f5718010b37a99cc26147441651
f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789
f1a299824fc7f40c9ec86c226229c219b24db0a16f151daddc070a1ffbe86d69
f28075f0d2173e6f50b8284df5640d812b4dc54c3df8c8ea7d6dd2e18045212c
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f5568566ea8d42fda194dcbeeca3422ed1fc55691e1d34667536016c41fa2019
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
f9ad420bf51c2930fc2a49d44209d202cb18acb2d8b82853a01023e69eab6885
fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804
fcaabad50df154a36d8d74eb5e73d957e961bab7b962b754ab83ea8fbcd70365
fd3fad3e15262b0e096e7d7cc57efd2e684a679ccacb704d94542ba3d7d93d17
fef9838a1003469b20bf86b0afeca5fc05e2cd8d3df0d9a5e9f49031dee655b9

controle.diariodocentrodomundo.com.br Open in urlscan Pro 190.89.239.238 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

385 Requests

83 %HTTPS

45 %IPv6

50 Domains

82 Subdomains

67 IPs

12 Countries

4704 kBTransfer

13988 kBSize

61 Cookies

83 Outgoing links

Redirected requests

385 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

controle.diariodocentrodomundo.com.br Open in urlscan Pro
190.89.239.238 Public Scan

Screenshot
Live screenshot

Full Image

385
Requests

83 %
HTTPS

45 %
IPv6

50
Domains

82
Subdomains

67
IPs

12
Countries

4704 kB
Transfer

13988 kB
Size

61
Cookies

385 HTTP transactions
9 data transactions