correiodoestado.com.br Open in urlscan Pro
2606:4700:3032::6815:5681 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://correiodoestado.com.br/
Effective URL:
https://correiodoestado.com.br/
Submission: On March 21 via api (March 21st 2024, 3:25:19 am UTC) from US — Scanned from DE

Summary HTTP 174 Redirects Links 62 Behaviour Indicators

Summary

This website contacted 40 IPs in 7 countries across 24 domains to perform 174 HTTP transactions. The main IP is 2606:4700:3032::6815:5681, located in United States and belongs to CLOUDFLARENET, US. The main domain is correiodoestado.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 31st 2023. Valid for: a year.

This is the only time correiodoestado.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::ac43:dc2f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
46	2606:4700:303... 2606:4700:3032::6815:5681	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::681a:ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:20:... 2606:4700:20::681a:ce0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	52.222.250.175 52.222.250.175	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:236... 2600:9000:236e:7a00:5:6af1:95c0:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::6815:325a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
4	54.170.183.180 54.170.183.180	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
36	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
2	57.128.96.95 57.128.96.95	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	13.95.152.229 13.95.152.229	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2	35.187.184.108 35.187.184.108	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	35.244.170.237 35.244.170.237	15169 (GOOGLE) (GOOGLE)
7	184.28.89.220 184.28.89.220	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	132.226.214.62 132.226.214.62	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
8	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.223.116.65 35.223.116.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.68.90.188 34.68.90.188	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	23.32.101.205 23.32.101.205	16625 (AKAMAI-AS) (AKAMAI-AS)
174	40

1 2606:4700:3034::ac43:dc2f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

correiodoestado.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2606:4700:3032::6815:5681 (United States)

ASN13335 (CLOUDFLARENET, US)

correiodoestado.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.correiodoestado.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:ab (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
osp-assets.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ce0 (United States)

ASN13335 (CLOUDFLARENET, US)

widget.horoscopovirtual.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.222.250.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-175.fra60.r.cloudfront.net

d335luupugsy2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:236e:7a00:5:6af1:95c0:21 (United States)

ASN16509 (AMAZON-02, US)

dtokw98w8oklz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:325a (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.170.183.180 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-183-180.eu-west-1.compute.amazonaws.com

ap-adserver.igaming-ap-service.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 57.128.96.95 (France)

ASN16276 (OVH, FR)
PTR: haproxy07.cl11.ovh.mrf.io

events.newsroom.bi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.95.152.229 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.smrk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.187.184.108 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 108.184.187.35.bc.googleusercontent.com

rtb.ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.170.237 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 237.170.244.35.bc.googleusercontent.com

static.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 184.28.89.220 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-89-220.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 132.226.214.62 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.223.116.65 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.116.223.35.bc.googleusercontent.com

pageview-notify.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.68.90.188 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.90.68.34.bc.googleusercontent.com

popups.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.32.101.205 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-101-205.deploy.static.akamaitechnologies.com

travel198849194933.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143 82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 204	863 KB
47	correiodoestado.com.br 1 redirects correiodoestado.com.br cdn.correiodoestado.com.br	1 MB
16	criteo.net static.criteo.net — Cisco Umbrella Rank: 898 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 8336 csm.eu.criteo.net — Cisco Umbrella Rank: 7168	105 KB
8	moatads.com z.moatads.com — Cisco Umbrella Rank: 1013 mb.moatads.com — Cisco Umbrella Rank: 1188 px.moatads.com — Cisco Umbrella Rank: 829	115 KB
6	cloudfront.net d335luupugsy2.cloudfront.net dtokw98w8oklz.cloudfront.net	86 KB
5	moatpixel.com travel198849194933.s.moatpixel.com — Cisco Umbrella Rank: 55835	1 KB
5	travelaudience.com rtb.ads.travelaudience.com — Cisco Umbrella Rank: 101968 ads.travelaudience.com — Cisco Umbrella Rank: 5026 static.travelaudience.com — Cisco Umbrella Rank: 63963	210 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 275 stats.g.doubleclick.net — Cisco Umbrella Rank: 195	167 KB
4	igaming-ap-service.io ap-adserver.igaming-ap-service.io — Cisco Umbrella Rank: 110760	378 B
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 7102 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 14737 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9036	60 KB
3	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 724 region1.analytics.google.com — Cisco Umbrella Rank: 2066 www.google.com — Cisco Umbrella Rank: 5	11 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 251	92 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	230 KB
3	pn.vg cdn.pn.vg — Cisco Umbrella Rank: 172613 osp-assets.pn.vg — Cisco Umbrella Rank: 277219	70 KB
2	rdstation.com.br pageview-notify.rdstation.com.br — Cisco Umbrella Rank: 160861 popups.rdstation.com.br — Cisco Umbrella Rank: 136900	870 B
2	newsroom.bi events.newsroom.bi — Cisco Umbrella Rank: 7661	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 4233	515 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	21 KB
2	gstatic.com fonts.gstatic.com	85 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 716 fonts.googleapis.com — Cisco Umbrella Rank: 110	9 KB
1	smrk.io p.smrk.io — Cisco Umbrella Rank: 254706	566 B
1	mrf.io sdk.mrf.io — Cisco Umbrella Rank: 10073	40 KB
1	horoscopovirtual.com.br widget.horoscopovirtual.com.br	1 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 3990	53 KB
174	24

	Domain	Requested by
36	pagead2.googlesyndication.com	securepubads.g.doubleclick.net dtokw98w8oklz.cloudfront.net correiodoestado.com.br 82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com
26	cdn.correiodoestado.com.br	correiodoestado.com.br
21	correiodoestado.com.br	1 redirects correiodoestado.com.br
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net 82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com tpc.googlesyndication.com
8	imageproxy.eu.criteo.net	ads.eu.criteo.com
7	static.criteo.net	ads.eu.criteo.com
6	px.moatads.com	rtb.ads.travelaudience.com
5	travel198849194933.s.moatpixel.com
5	d335luupugsy2.cloudfront.net	correiodoestado.com.br d335luupugsy2.cloudfront.net
4	ap-adserver.igaming-ap-service.io	dtokw98w8oklz.cloudfront.net
3	82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	connect.facebook.net	correiodoestado.com.br connect.facebook.net
3	www.googletagmanager.com	correiodoestado.com.br www.googleoptimize.com
3	securepubads.g.doubleclick.net	correiodoestado.com.br securepubads.g.doubleclick.net
2	ads.travelaudience.com	rtb.ads.travelaudience.com
2	rtb.ads.travelaudience.com	82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com rtb.ads.travelaudience.com
2	events.newsroom.bi	sdk.mrf.io
2	www.google.de	correiodoestado.com.br
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	cdn.pn.vg	correiodoestado.com.br cdn.pn.vg
1	popups.rdstation.com.br	d335luupugsy2.cloudfront.net
1	pageview-notify.rdstation.com.br	d335luupugsy2.cloudfront.net
1	csm.eu.criteo.net	ads.eu.criteo.com
1	mb.moatads.com	z.moatads.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	rtb.fr3.eu.criteo.com	82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com
1	z.moatads.com	rtb.ads.travelaudience.com
1	static.travelaudience.com	rtb.ads.travelaudience.com
1	ads.eu.criteo.com	82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com
1	p.smrk.io	cdn.pn.vg
1	www.google.com	correiodoestado.com.br
1	osp-assets.pn.vg	cdn.pn.vg
1	region1.analytics.google.com	www.googletagmanager.com
1	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
1	sdk.mrf.io	correiodoestado.com.br
1	dtokw98w8oklz.cloudfront.net	correiodoestado.com.br
1	widget.horoscopovirtual.com.br	correiodoestado.com.br
1	www.googleoptimize.com	correiodoestado.com.br
1	fonts.googleapis.com	correiodoestado.com.br
1	ajax.googleapis.com	correiodoestado.com.br
174	42

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
twitter.com
materiais.correiodoestado.com.br
correiodoestado-ms.web.app
wa.me
ajor.org.br
goo.gl
www.dothcom.net
www.dothnews.com.br

Subject Issuer	Validity	Valid
correiodoestado.com.br Cloudflare Inc ECC CA-3	`2023-12-31` - `2024-12-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
pn.vg GTS CA 1P5	`2024-02-20` - `2024-05-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-29` - `2024-03-28`	3 months	crt.sh
horoscopovirtual.com.br GTS CA 1P5	`2024-03-15` - `2024-06-13`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
sdk.mrf.io E1	`2024-01-28` - `2024-04-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.igaming-ap-service.io Sectigo RSA Domain Validation Secure Server CA	`2024-03-07` - `2025-03-21`	a year	crt.sh
www.google.de GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
ssl03.cert.cl11.k8s.mrf.io R3	`2024-01-29` - `2024-04-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
smrk.io R3	`2024-02-27` - `2024-05-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
rtb.ads.travelaudience.com R3	`2024-02-27` - `2024-05-27`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-06`	3 months	crt.sh
ads.travelaudience.com R3	`2024-03-05` - `2024-06-03`	3 months	crt.sh
static.travelaudience.com R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-10` - `2024-05-05`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-06` - `2024-05-03`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-28` - `2024-05-31`	3 months	crt.sh
*.rdstation.com.br Sectigo RSA Domain Validation Secure Server CA	`2023-08-31` - `2024-06-04`	9 months	crt.sh
popups.rdstation.com.br R3	`2024-02-22` - `2024-05-22`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://correiodoestado.com.br/
Frame ID: 64A96DBAE2A6AEECB55AF2971F66E7DA
Requests: 94 HTTP requests in this frame

Frame: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B07A4B0908F2E21D59FBD24AB77D174D
Requests: 1 HTTP requests in this frame

Frame: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 39F856D462439CF1A61196C33FD5FEEA
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjss04nKKK_PbVgzB3HwEbE0IGEH-a1nK5S6un2DEB-zupUtbInnx6rZQxBBBhA5TzYCDjwAVRO5r1zYgZKp3hrsCyn9UNVoBJr6T9noJq8xdmwazeHGaZhdPjTbD_jSxelTHhyBmPSfdDAsCAe3LV6lYlCRC7-J_HTsHAJTlPrNbfJ18wfSLlyp7YS0w6pgE5amH8yxMgEEzvNpOSBa8LYovUrJYKp-WufLjk9zgD-wbFc6huhfZXPZ-_tLYe4kRytNuusYtsxEAgpe4D3XTPYJ6Xe0KXpSDUzqMetMkUKlxdLC3335Eo95vnOQKp2LlCLkTko4pg_8-ubDTCn1cTICy24yNn4HXE_rzKHl0AgSxfE4lBGNCDQprKcvT&sig=Cg0ArKJSzEtIc6OsfPd5EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 0C5D9DB3E56B3B3D050D728A31F65C69
Requests: 7 HTTP requests in this frame

Frame: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7B5F8F787D6EB49A4BD53A443BB6F176
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjss95-avbyO6yrGzb3KMqOtlo7nwS6A-0jbvU48imWxsDkJdbjTyVK5iSekP9Ap7W2pxeZM3y1d4G3GgrNnsG7LPwgvywAgGj549dBWCvlC_wRZF-b76Kki6y6YlMTUGq5F291lM5l-CYaWD4BPNUUo-6fDEcPxaAtHOr3qat3mc7KRb15WxAuDdPFKUgaALPZjuG4IQTtj89Q2fajBy4kjWF5Gac59KdcBGEQHu0FtxA9-VQUyPpyWGJ2NnSN1VIRmpvmypn-pRY-rKVaGe2o9XJhQ__lfPiw2vRrH9GUQdl9wUPTTXbqmvyVMArQUhO__wWmznt6kXoIwuBKVbSmHvuNY-E8a1SgpgQE4SfCxIUfyOZVaYdSebZyMdsuTTalsHo33AoLwLalFOvaZ7iMUzwwrMgiS9ltXDjz3UVqAB&sig=Cg0ArKJSzKu1yQJWPgONEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 0D8EA9096225A40C432FEDDEE7F12EAF
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsscAHsRc2vXr0jaDI7cgUPGK4OUYRz4YkBKWmT8OlqPXKxpFdSLjubTIjSKOzQjheObte4iw1hbyvjHgiKAn-wVUwbaeLkJIqz0nCeBSVYx2FYt5T5Z2_CFYDDR5stklr4puSPcZrdWVMe8P3QU0-zWNhZCVrPv9AYKTRkZuUVKefxT99fkCYl8hF_9kLris_U7YDpOvD4YxIANe3Iw5taRRkw2t6RKFxtGrNR1RE8qKdRSv39ODliwTBNVG1Vc5um94_2_62b3VZtgtMrjqw23Gl0rYaiPKTRPnIeM2K-J43FJLn-2_z9b7tPeerD2iclISmLmPL31LV4UDxavdWqvbDKQRliEuR6lMYGoqKwZoQW95FCGYFWHdFqGOkvvlTEyj6QblSFbP_OYIRmRTfCFOIQ3EmxqlF2UByKLDygmg5livdReUWIi7N76FL514w&sig=Cg0ArKJSzEBTdwJrJ_55EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: F57367028AB79E0A1D7F15D5D084CAA6
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsubtWPUIb6z-Z5Mwo84--8KdFKS8JVWG1RvUVKFjeeA6OM8czFaK7WS_YhxhffhMm-AceV2vp5MRsPFde2DWj2V5TxcSxMDk3P4_61Sz94kbc4TKz8UpWnhr7eqbMIP9i-Rr5JD5ADmnHUhy5b4d0iUtK3uRv23UaXCN9Tg1FqagB2fCK0qWZrkjGS51yKLQtwlHuJhX9xY8vEi5g5EdWVCzkSjkXpsrLFwQ2O_1FL7YKMOOGyL3M3F0mnfQRpf2Nja6CxSnH-IEkHM7SP5Nj-iS7J209ahQn-dvCI2CBdBpSs4iu1iN9RfIrwWhY_EIwTlnEUIMn2v4c2aW7P3w79RwHuePPpTL68qaqR_00Sy3Fa78ZIEFIEJzW2CdzN6Wc-km9LIeaTR9xgdBYcFjsIdP-qchF_Xv8iLxc4NWg808w0Ki3f-LlfGN2x2NQ&sig=Cg0ArKJSzLSAsYZgF7xzEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 405EDEF6F89A4E234DDCBDF5885F2DE8
Requests: 8 HTTP requests in this frame

Frame: https://rtb.ads.travelaudience.com/rtb?ads=1000411.5.0.70020435.0.0..0.DE.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60015625.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTGDdmaj7ZbqvM4mG_NUP05aEqAXWwOm_dtPipc7RCsCNtwEQASAAYJUCggEXY2EtcHViLTU1NTQ5MDM2MDE2MjM3MTTIAQmpAs2exV2lU7I-4AIAqAMByAMCqgSuAk_QR8D2jxuv7Y_AQvH515m6N9BVc6IYM1Dz3yBwBOQdFCzZ9EJF-XG-N68c-346VpTUw5keSLLAdys2iDvlUMx2Kf2uRPtPV1LdzZodOJGUtR5-ICXvKuH7e6DKrWoIO2A70GLz3UIfRlyXD7bA0mGxRN5wrgKsrF52chqvR6cbikTkzQ95DcSTtgSEGPfUg7gLHoD0Buq7yAmqE7sPoI1IYUJMWQJvsz1HbaXr9zjY4TzeCp9hg6X6ElWdwIL8HJJ67mdFUbMOTP1VSs99FH-8-16lSld7wYlbefPOrwMetBMKJOwPzadpbY9f2JC7k_hQQDHDbGgkVNfEEzMYuI6kfq_4J1HlkgtkFd73v5a4o1lszo07tIUjhMwrDggnjXAZFkaNESyfLdVj0gR14AQBgAbx1Jmr76T7w-QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIKAiR4YBwEAEyB-uLgOC_gA06CACAgICAgJQoSL39wTpY26OUi7SEhQP6CwIIAYAMAeINEwi555SLtISFAxUJA78EHVMLAVXQFQGAFwE%26num%3D1%26sig%3DAOD64_3ng_YKQ-v3QsHAv1YsO9G2Dth2mw%26client%3Dca-pub-5554903601623714%26adurl%3D&googlewinningprice=ZfuomQAM17oEvwMJAAELU-Mpd_m3Gv7AT-gd8w&wpc=EUR&site=correiodoestado.com.br&slotvisibility=1&gcpm=2427357&gpos=1&bidder=bidder-rtb-production-74ddfd7fdb-5nm8t&dv=1&uuid=&suid=&idv=&brq=mDJKP3eIwjuIjdUSMoRdiSzJaO_69jUs7duCQA&ssp_id=0&l=pt&ts=1710991513&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=NH-h0Pp9DjTYN_Jj1Ig7q-xOgLpEW53ZLqxDnieqO1k=
Frame ID: BD6FBB72A65DFC269E127438BA0336C7
Requests: 18 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZfuomQAM2hoEvwMJAAELU_bl_ZjmW6lH765wcQ&u=%7C6blkxjPQaN74TtOfMThcLIyhtmAwYFxHPF17LzPC940%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqDI9CrYEs2a5ZhFQbylTFRJylyMHiQnRW9UMMt-GH83vF3umFfnehlVrp4KkE7DC9I2kiOP39zGMPwWF6e2xczFmSVWg6I2XC8wbq76JAA53sqoNm7bmM50KGQ06jl1opxM1X6XQf4bQNPuB7y_J_dhCOWykCz2-S4Nu6Jp2oUNXHh3t8-WN4B1Haevl1pmAE30PclGbte21U679Da08jU6KzeAIuPiog-1Xtc3ffGaYdUW3rlFAgnx1lbrPyW5zuRvGrplrRBwj8aF8MS8yVWWeoXgYmjpVRQJ2tR_Uf7OedtyGn0XqGG1DCbkBob20PPh0gVFhaA8aL1KlHjeh7p7U6D1z2iUpqVjAGQ7dr9HSonCo469yXqyRn6g4R1Kdx_zp4ToHQKaWcW7lMbHEMMHGH5t3dKkc240pDa4cl55MtNvUg_5W2_nK03dbM3cj_6Ngla1_9UrMI931ZS9-mmeEMkCeu5u0-GIFyYA5E73rfMscb7EUs1AO9zVFrqA6zFiun77Ihg23_XRFckv22qGlIYJDyN4KHjs8XA8VhDIRl-Cy2VyVpFidMF8aJpXo1j4cu654h9BQ5kLrAbYHfRTDdba-MSL_4JVj1hdstkAow&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtHh4maj7ZZq0M4mG_NUP05aEqAXJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTU1NDkwMzYwMTYyMzcxNMgBCakCzZ7FXaVTsj7gAgCoAwHIAwKqBLECT9CGOZZZjngH9yD9leF6L7ujyL_z0nlkzUsNORT6crrNtF6VSUnKdgaFgKw06i-oWauvkTm_59eMWbsC-gv89lEv_6W3JtyVxsQ3zMC2v5tcXfrgtwcg1oo8dIlQS4bKNJD-nopgaPbbdoTXMMkMKrt2xbqe594IBgp4LK_oJXtLTKQS83pAepNU4_MqQf14O14fLurjAhbJLvLg92tzPBqD_Y-3FSYubt00CQkDrvvhNOzXYb6fkfGukoyJ7kftljhcnZkAygvagodnkmDfv00lvLCQxNwBXtmd0TcCVNXHWPIjZmSlrx4fmlfr4iza2EXmHyvJFYEBttfO1abGwvZPMak_8MtBhV-L_Z5YDXRl50AIQUIQz68kT_Fq6pt69c2hRr6_vdRDr9Ep6b5PMf7gBAGABpSdn4jlqdXJtQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggoCJHhgHAQATIH64uA4L-ADToIAICAgICAlChIvf3BOljbo5SLtISFA_oLAggBgAwB4g0TCL3nlIu0hIUDFQkDvwQdUwsBVdAVAYAXAQ%26num%3D1%26sig%3DAOD64_03D_6Q93S9Qu5g78ReopKB7ZgWJA%26client%3Dca-pub-5554903601623714%26adurl%3D
Frame ID: 639EA9C7B74C07FCC97BFAA67CE7F5DC
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2D8229AD21DB27FB0C6A8132076515F2
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Correio do Estado

Page URL History Show full URLs

http://correiodoestado.com.br/ HTTP 301
https://correiodoestado.com.br/ Page URL

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

RD Station (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

d335luupugsy2\.cloudfront\.net/js/loader-scripts/.*-loader\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

174
Requests

100 %
HTTPS

68 %
IPv6

24
Domains

42
Subdomains

40
IPs

7
Countries

3258 kB
Transfer

7553 kB
Size

18
Cookies

62 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/correioestado/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/correiodoestado

Search URL Search Domain Scan URL

URL: https://twitter.com/correio_estado

Search URL Search Domain Scan URL

URL: https://materiais.correiodoestado.com.br/funil-base-pagina-de-vendas/
Title: A S S I N E

Search URL Search Domain Scan URL

URL: https://correiodoestado-ms.web.app/cartaomasterclin/
Title: Clube de Vantagens

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado.com.br%2Fcidades%2Fpolicia%2Fgarras-tem-cinco-dias-uteis-para-entregar-laudo-pericial-da-operacao%2F427876%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://correiodoestado.com.br/cidades/policia/garras-tem-cinco-dias-uteis-para-entregar-laudo-pericial-da-operacao/427876/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20https://correiodoestado.com.br/cidades/policia/garras-tem-cinco-dias-uteis-para-entregar-laudo-pericial-da-operacao/427876/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado.com.br%2Fcidades%2Fondas-de-calor-fazem-dengue-explodir-em-mais-regioes-do-brasil-ms%2F427879%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://correiodoestado.com.br/cidades/ondas-de-calor-fazem-dengue-explodir-em-mais-regioes-do-brasil-ms/427879/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20https://correiodoestado.com.br/cidades/ondas-de-calor-fazem-dengue-explodir-em-mais-regioes-do-brasil-ms/427879/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado.com.br%2Fcidades%2Fcampo-grande-e-a-segunda-das-27-capitais-brasileiras-com-melhor%2F427906%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://correiodoestado.com.br/cidades/campo-grande-e-a-segunda-das-27-capitais-brasileiras-com-melhor/427906/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20https://correiodoestado.com.br/cidades/campo-grande-e-a-segunda-das-27-capitais-brasileiras-com-melhor/427906/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado.com.br%2Fcorreio-b%2Fdo-the-voice-para-o-mundo-cantor-matu-miranda-retorna-para-show-em%2F427845%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://correiodoestado.com.br/correio-b/do-the-voice-para-o-mundo-cantor-matu-miranda-retorna-para-show-em/427845/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20https://correiodoestado.com.br/correio-b/do-the-voice-para-o-mundo-cantor-matu-miranda-retorna-para-show-em/427845/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado.com.br%2Fpolitica%2Fjuiz-nega-pedido-e-mantem-condenacao-de-rafael-tavares-por-crime-de%2F427880%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://correiodoestado.com.br/politica/juiz-nega-pedido-e-mantem-condenacao-de-rafael-tavares-por-crime-de/427880/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20https://correiodoestado.com.br/politica/juiz-nega-pedido-e-mantem-condenacao-de-rafael-tavares-por-crime-de/427880/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://materiais.correiodoestado.com.br/newsletter-opcoes-editorias
Title: ESCOLHA SUA NEWSLETTER

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado.com.br%2Fcidades%2Foutono-tera-estiagem-severa-e-chuvas-60-abaixo-da-media-historica%2F427865%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://correiodoestado.com.br/cidades/outono-tera-estiagem-severa-e-chuvas-60-abaixo-da-media-historica/427865/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20https://correiodoestado.com.br/cidades/outono-tera-estiagem-severa-e-chuvas-60-abaixo-da-media-historica/427865/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado.com.br%2Fcidades%2Fquadrilha-cigarreira-de-casais-e-irmaos-e-alvo-da-policia-e-receita-fe%2F427861%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://correiodoestado.com.br/cidades/quadrilha-cigarreira-de-casais-e-irmaos-e-alvo-da-policia-e-receita-fe/427861/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20https://correiodoestado.com.br/cidades/quadrilha-cigarreira-de-casais-e-irmaos-e-alvo-da-policia-e-receita-fe/427861/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado.com.br%2Fcidades%2Festudo-de-r-10-bilhoes-para-rodovias-deve-comecar-em-abril%2F427859%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://correiodoestado.com.br/cidades/estudo-de-r-10-bilhoes-para-rodovias-deve-comecar-em-abril/427859/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20https://correiodoestado.com.br/cidades/estudo-de-r-10-bilhoes-para-rodovias-deve-comecar-em-abril/427859/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado.com.br%2Fcidades%2Fpolicia%2Fstj-forma-maioria-para-que-robinho-cumpra-pena-por-estupro-no-brasil%2F427898%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://correiodoestado.com.br/cidades/policia/stj-forma-maioria-para-que-robinho-cumpra-pena-por-estupro-no-brasil/427898/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20https://correiodoestado.com.br/cidades/policia/stj-forma-maioria-para-que-robinho-cumpra-pena-por-estupro-no-brasil/427898/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado.com.br%2Fcidades%2Foutono-da-forca-a-estiagem-e-mantem-alerta-de-incendios-florestais-no%2F427869%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://correiodoestado.com.br/cidades/outono-da-forca-a-estiagem-e-mantem-alerta-de-incendios-florestais-no/427869/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20https://correiodoestado.com.br/cidades/outono-da-forca-a-estiagem-e-mantem-alerta-de-incendios-florestais-no/427869/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado.com.br%2Fpolitica%2Fpreso-na-penitenciaria-federal-de-campo-grande-defesa-de-ronnie-lessa%2F427882%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://correiodoestado.com.br/politica/preso-na-penitenciaria-federal-de-campo-grande-defesa-de-ronnie-lessa/427882/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20https://correiodoestado.com.br/politica/preso-na-penitenciaria-federal-de-campo-grande-defesa-de-ronnie-lessa/427882/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado.com.br%2Fopiniao%2Fnao-e-mais-economia-agora-e-ideologia-e-comunicacao%2F427856%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://correiodoestado.com.br/opiniao/nao-e-mais-economia-agora-e-ideologia-e-comunicacao/427856/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20https://correiodoestado.com.br/opiniao/nao-e-mais-economia-agora-e-ideologia-e-comunicacao/427856/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado.com.br%2Fopiniao%2Flula-gosta-tanto-de-pobre-que-esta-produzindo-mais%2F427854%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://correiodoestado.com.br/opiniao/lula-gosta-tanto-de-pobre-que-esta-produzindo-mais/427854/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20https://correiodoestado.com.br/opiniao/lula-gosta-tanto-de-pobre-que-esta-produzindo-mais/427854/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado.com.br%2Fpolitica%2Flula-deve-vir-ao-estado-no-1o-semestre-para-encarar%2F427855%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://correiodoestado.com.br/politica/lula-deve-vir-ao-estado-no-1o-semestre-para-encarar/427855/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20https://correiodoestado.com.br/politica/lula-deve-vir-ao-estado-no-1o-semestre-para-encarar/427855/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado.com.br%2Fpolitica%2Fpre-candidatura-de-camila-jara-pode-ser-a-proxima-a-naufragar-na%2F427812%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://correiodoestado.com.br/politica/pre-candidatura-de-camila-jara-pode-ser-a-proxima-a-naufragar-na/427812/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20https://correiodoestado.com.br/politica/pre-candidatura-de-camila-jara-pode-ser-a-proxima-a-naufragar-na/427812/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado.com.br%2Fpolitica%2Fempresario-campo-grandense-e-condenado-por-atos-golpistas-de-8-de%2F427867%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://correiodoestado.com.br/politica/empresario-campo-grandense-e-condenado-por-atos-golpistas-de-8-de/427867/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20https://correiodoestado.com.br/politica/empresario-campo-grandense-e-condenado-por-atos-golpistas-de-8-de/427867/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcorreiodoestado.com.br%2Fpolitica%2Fcerca-de-6-dos-eleitores-de-ms-estao-com-titulo-de-eleitor-irregular%2F427842%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://correiodoestado.com.br/politica/cerca-de-6-dos-eleitores-de-ms-estao-com-titulo-de-eleitor-irregular/427842/&text=Veja%20no%20Correio%20do%20Estado
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=Veja%20no%20Correio%20do%20Estado%20https://correiodoestado.com.br/politica/cerca-de-6-dos-eleitores-de-ms-estao-com-titulo-de-eleitor-irregular/427842/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://ajor.org.br/

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/Sr9LV6mVVW8xhRww5
Title: Av. Calógeras, 356, Centro

Search URL Search Domain Scan URL

URL: https://wa.me/5567999226705
Title: (67) 9.9922-6705

Search URL Search Domain Scan URL

URL: http://www.dothcom.net/?utm_source=correiodoestado.com.br
Title: dothCom

Search URL Search Domain Scan URL

URL: https://www.dothnews.com.br/?utm_source=correiodoestado.com.br
Title: DOTHNEWS

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://correiodoestado.com.br/ HTTP 301
https://correiodoestado.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

174 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
correiodoestado.com.br/
Redirect Chain

http://correiodoestado.com.br/
https://correiodoestado.com.br/

143 KB
22 KB

149ms
127ms

Document
text/html

2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://correiodoestado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09f045c1839cc92f5adf09c4097f37732447ade45293fc704a003a5b9e949029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 116
alt-svc: h3=":443"; ma=86400
cache-control: max-age=300,private
cf-cache-status: DYNAMIC
cf-ray: 867ad55b9d5337fd-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 21 Mar 2024 03:25:13 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tE6T9W2PrvNH9P1fTYcACOUp3EBFiRvH8bQdY9UDnxtZX6YK6zqP6RpQpHYPnab9fq%2BQQctlalwj2GQ1EtzCQgT0DM0jGzn8NNFdbVjLjN5iOWuVW3ugs96Ody9Ywf%2FrcfTN6ZZtgfeF%2F%2F5pQloaB0enPAja"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-status: 1
x-status-h: 8
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 867ad55b4ccc30c6-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 21 Mar 2024 03:25:12 GMT
Expires: Thu, 21 Mar 2024 04:25:12 GMT
Location: https://correiodoestado.com.br/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KM1Q1sUgUr11CG7QkPwz%2FlsgodyWa%2B1D%2FLrLbkQ2HjQrJehnCra0XQNL6gkb6s3DAjoCScNbf2wXZmz8esoJQI8TszuUjdjJVgfmyNnVES3hTRNy8snba6Qlp%2BgfvQcHmPKXSCtAopYydPLlam5O6tjGjomj"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 55ms
20ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daf0c567ed5499bb5a2062f1fbd9144ad9d23fc46fdeb4cfbf7ff4ca0b266afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28814
x-xss-protection: 0
server: cafe
etag: 913 / 19803 / m202403140101 / config-hash: 4237976954881673385
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 03:25:13 GMT

GET
H2 200 normalize.css
correiodoestado.com.br/application/themes/correiodoestado.com.br/css/ 8 KB
3 KB 114ms
112ms Stylesheet
text/css 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado.com.br/application/themes/correiodoestado.com.br/css/normalize.css
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d336a97efd52a4ef44ef3270e71eac24ba405d4450016f9d3e943256e9e58c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://correiodoestado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
content-encoding: gzip
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-status-h: 200393
x-status: 1
alt-svc: h3=":443"; ma=86400
content-length: 2664
last-modified: Mon, 26 Feb 2024 20:41:29 GMT
server: cloudflare
etag: "1e5c-6124eef2abda2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZYZOCn5DeptSphbm6s1WNWy85A6adnTUQEHEsgZuDBWqJ1XzmmuYfLf4QSuWqYulirglXYnZCkE802T1nkteQkurW3YZ1PeaJQL6IY5uDTUumkkzheZKLBNVt%2BrPt8IKX7oqDscxapx1vwUmOi6gwk%2BLWCtK"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000,private
accept-ranges: bytes
cf-ray: 867ad55c7e0e37fd-FRA
expires: Thu, 06 Mar 2025 11:41:34 GMT

GET
H2 200 webflow.css
correiodoestado.com.br/application/themes/correiodoestado.com.br/css/ 38 KB
9 KB 116ms
114ms Stylesheet
text/css 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado.com.br/application/themes/correiodoestado.com.br/css/webflow.css
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0204dbaa01c6ed0ef25045332bd76eb6f0c2a61bbd4be194fe8bc7881c5c86f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://correiodoestado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
content-encoding: gzip
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-status-h: 200586
x-status: 1
alt-svc: h3=":443"; ma=86400
content-length: 9339
last-modified: Mon, 26 Feb 2024 20:41:29 GMT
server: cloudflare
etag: "9992-6124eef2abda2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=42Qab7%2BtRsfEjVxWKt%2FTdx5SiiRzqiuA%2Fko0EA%2F5zfAbV1xknMNab4hzMq23zoG2iAra5S1teEzB0gKL6VypzU5SuvQTC26feNS%2Fc72Bvd2X69lP3SJpqz2xlwVr2DEZbENBVNpTWd%2FBajTOdly3vppwSmxE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000,private
accept-ranges: bytes
cf-ray: 867ad55c7e1037fd-FRA
expires: Thu, 06 Mar 2025 11:41:34 GMT

GET
H2 200 tema.css
correiodoestado.com.br/application/themes/correiodoestado.com.br/css/ 1 KB
904 B 127ms
126ms Stylesheet
text/css 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado.com.br/application/themes/correiodoestado.com.br/css/tema.css
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d19e9846e8cd55450e56b63402a3c4b42571bc4d882a6c952805e84003dc194

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://correiodoestado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
content-encoding: gzip
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-status-h: 198164
x-status: 1
alt-svc: h3=":443"; ma=86400
content-length: 560
last-modified: Mon, 26 Feb 2024 20:41:29 GMT
server: cloudflare
etag: "581-6124eef2abda2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kpa3nrtRr0UmhOEfXZRCM1TwyG%2BkfTRsFX7reF6Qh%2B9xVn2m4inCgteOH1PFSn1dhSuWmvq4cgSHMz4awV5SfP0nZLvAafoXyBHT%2Bzq8sCJMk0EfTD5rxVna4Gk2G2OAFLA37A7RGzevKzCCezSzwxn7BgMt"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000,private
accept-ranges: bytes
cf-ray: 867ad55c7e1137fd-FRA
expires: Thu, 06 Mar 2025 11:41:34 GMT

GET
H2 200 correioestado_v058.css
correiodoestado.com.br/application/themes/correiodoestado.com.br/css/ 134 KB
22 KB 129ms
128ms Stylesheet
text/css 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado.com.br/application/themes/correiodoestado.com.br/css/correioestado_v058.css
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ad923bba919b50e1b30e12f1692ba43c996b036f75dc1de1c282099b814b5f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://correiodoestado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
content-encoding: gzip
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-status-h: 77209
x-status: 1
alt-svc: h3=":443"; ma=86400
content-length: 22272
last-modified: Fri, 15 Mar 2024 18:26:37 GMT
server: cloudflare
etag: "21967-613b725f9bf8b-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vKsitYwoi%2BfUGAik4zz%2FxuwsEmiWfGXSp%2Fj7ycKe22naFYv61RgYNomCkNIT71SGrj84f52OVDU6s4AskT%2Fcvwdr3hom0IE2xCgeZ4%2FF614gfgFNyGPCXJAqg18h8zjXnIrPsHntpoW4K3ezgoMJoEUZgKVr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000,private
accept-ranges: bytes
cf-ray: 867ad55c7e1437fd-FRA
expires: Sat, 15 Mar 2025 18:27:25 GMT

GET
H2 200 jquery.cookieBar.min.css
correiodoestado.com.br/application/themes/correiodoestado.com.br/js/jquery-cookiebar/ 3 KB
1 KB 125ms
124ms Stylesheet
text/css 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado.com.br/application/themes/correiodoestado.com.br/js/jquery-cookiebar/jquery.cookieBar.min.css?v=058
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd8526cb02722497a376ad1b117ea5bb7fc772a1af4d6609bb7df05437736f5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://correiodoestado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
content-encoding: gzip
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-status-h: 76665
x-status: 1
alt-svc: h3=":443"; ma=86400
content-length: 1027
last-modified: Fri, 15 Mar 2024 18:26:37 GMT
server: cloudflare
etag: "da0-613b725fb174b-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6OIbkQD2%2Bym11HeXntkA%2FvZVV8etgBKle%2BiEDeVbO%2BuL9%2FOIlROWfFlBKv4EMbWyWr1DLrryoU7L6MrP%2F%2FRzfRdIO2fPhthMCNiIoQOGi6ecONNd8Z9htAP0%2B%2BOhywk9DFwrrUJRkLJ33AtUysrhL5XOKtrd"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000,private
accept-ranges: bytes
cf-ray: 867ad55c7e1637fd-FRA
expires: Sat, 15 Mar 2025 18:27:00 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 51ms
6ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 00:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 00:09:35 GMT

GET
H2 200 css2
fonts.googleapis.com/ 87 KB
3 KB 39ms
18ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&family=Playfair+Display:ital,wght@0,400;0,500;0,600;0,700;0,800;0,900;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

11076dd4a86d587f214ac5bb2fe78147db864e0087056274c0d34d7a2f1ffb9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 03:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 03:25:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 03:25:13 GMT

GET
H2 200 jquery-1.6.min.js Show response
correiodoestado.com.br/application/themes/correiodoestado.com.br/js/ 88 KB
31 KB 392ms
392ms Script
application/javascript 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado.com.br/application/themes/correiodoestado.com.br/js/jquery-1.6.min.js
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e58da58b314ccdeefa3c4865b4b8aa3153e890d7904e04483481d8fff2c27eaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://correiodoestado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
content-encoding: gzip
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-status-h: 207925
x-status: 1
alt-svc: h3=":443"; ma=86400
content-length: 31602
last-modified: Mon, 26 Feb 2024 20:41:29 GMT
server: cloudflare
etag: "16196-6124eef2c05c2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B4TWqK5iqOTiZ6onHhZHJxFmVTSDqhNa3eKOPJlf9ksbDDe%2FAFR8%2FJE%2FYOgNiJmaGNh8v470U%2FA37E%2FKfMOvK6KzUpxSZidvB0ZhczKDkW5SHmJ20%2B1%2FjLSNfuSsvPGcDi6LisSt%2BT5aNjk6AouQuuy3aZEw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000,private
accept-ranges: bytes
cf-ray: 867ad55c7e1937fd-FRA
expires: Thu, 06 Mar 2025 11:41:34 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 138 KB
53 KB 66ms
21ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-NQCSX44

Requested by

Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d93f59993d7a296252370769f040cb02f32db6bf65baf28dd20a05eee68cbdf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54180
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Mar 2024 03:25:13 GMT

GET
H2 200 1efd6be9-5844-49c6-9d00-aa480c239998.js Show response
cdn.pn.vg/sites/ 3 KB
2 KB 206ms
20ms Script
text/javascript 2606:4700:20::681a:ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/sites/1efd6be9-5844-49c6-9d00-aa480c239998.js
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5b810879d926326f14210569df5b98b6db32adffed2d7d8fd326c572687337d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P5
age: 814
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 24 Jan 2024 21:40:07 GMT
server: cloudflare
etag: W/"24b6cdd0f25047c12279cfeba106d10d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Sxp0BS%2FXBAPRJtPAqXc5lDpBMBGzGIgsMuvSEjrfLGVbL71kox2jWSULZ05l%2FL3wZo5iYjjCSGClm7tcRevgMQgCNhSeTMW8GaFKOYKc8SLajjasCUyoQT9X%2FqAcOQytqJDLZdHvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 867ad5603a1c1999-FRA
x-amz-cf-id: 374d6-TCLkOwthlfIzIi_X44o3ocAvtBHs-4dUJ9mcaldVXVAiYSQg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 184 KB
67 KB 214ms
28ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-1420794-71

Requested by

Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b4cf99e9e38bbc5c5d7d29133b5d2aa1eeabfdd2c27124aecac9be5346c4d30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68662
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Mar 2024 03:25:13 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
3 KB 193ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

233ac504546f7c61594002539cd7c2951cc0bcba441552fcfdfd6227a45a123a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
Origin: https://correiodoestado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 21 Mar 2024 03:25:13 GMT
content-md5: dG8BPIBKhuSVI39aZ9lz9g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1294, tbw=2790, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: hxYQXsFuD0Bu0UjH4NJo1oD4qxBRljGR4D8D23OYC/S1tmqnSFt37wm/7YvagDHh/Q/HdRFrAo1PWlTRgHRo6w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: f4a6d29152b26007041b4e98e18a865b
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "eb9ae22139e6ebb6456ff21043641e4d"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 21 Mar 2024 03:41:16 GMT

GET
H2 200 horoscopo.js Show response
widget.horoscopovirtual.com.br/js/ 1 KB
1 KB 587ms
401ms Script
application/javascript 2606:4700:20::681a:ce0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.horoscopovirtual.com.br/js/horoscopo.js?background=ffffff&color=134282&border=ffffff&text=134282&font=opensans
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ce0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b903fb9e277701d1aed32bcd887e2484aaa4c17fd0e4ce5e474b32a7618ef66

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Tue, 07 Nov 2023 16:27:53 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1374
etag: W/"654a6589-55e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jmvMsrLpYkk2t0HZenjJk5NEs6LpQELPb6I2Fpqi78VWXHAqQZD4uwIb5PWjJmYKAAsnAjHuC6hpDqVG4lhctvviTgJAa84vIyXdR5Y5btS3%2BGKxVywAon2uC6Cd%2Fih5Zozd9zmHSdxxnmIHfz4gSuw3NmLoT01NYbkMHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 867ad5603ca04d86-FRA
expires: Fri, 21 Mar 2025 03:25:13 GMT

GET
H2 200 icone-clima.png
correiodoestado.com.br/application/themes/correiodoestado.com.br/images/climatempo/ 4 KB
4 KB 122ms
122ms Image
image/png 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://correiodoestado.com.br/application/themes/correiodoestado.com.br/images/climatempo/icone-clima.png
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b1b20d7acf230037c6396205deb88419eb93376d59fac26502d9972bb097f37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://correiodoestado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-status-h: 12463
x-status: 1
alt-svc: h3=":443"; ma=86400
content-length: 3716
last-modified: Mon, 26 Feb 2024 20:41:29 GMT
server: cloudflare
etag: "e84-6124eef2b2b02"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=96fBezLiBoQuXU3gLv3l3REbeMDhOLFfNFkEoE8V5ydmhz%2BaNhkOUrumogKmm9ZBETRosi%2BMmhIIlbxIMCPWbUSYFC36w1Y9EHoq3H0e8xCMHuNHl2zjjHNxnpUkl26Uu58r642c00tfyoEIne0CiGZp9Ufq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000,private
accept-ranges: bytes
cf-ray: 867ad55c7e1a37fd-FRA
expires: Fri, 05 Apr 2024 11:42:24 GMT

GET
H2 200 selo-ajor.png
correiodoestado.com.br/application/themes/correiodoestado.com.br/images/ 16 KB
16 KB 132ms
132ms Image
image/png 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://correiodoestado.com.br/application/themes/correiodoestado.com.br/images/selo-ajor.png
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10fb6beeefc7ab361adddf3cb96aec2f3a4519b4e5170fc574211b6385ac950e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://correiodoestado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-status-h: 84910
x-status: 1
alt-svc: h3=":443"; ma=86400
content-length: 16012
last-modified: Mon, 26 Feb 2024 20:41:29 GMT
server: cloudflare
etag: "3e8c-6124eef2bf622"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NGxpFnETFR2soT4%2Fl4JeaHcyLVuDbd6YmRkIeiVIy4Ysf2mXrmJ8q273F8WQaT4nDgFScFAqLwokZj1wU0lsrYrlOaK1Ii1ks%2F5t50j8PcK17XphmPF6Pk89FBxilw5Gz3RAXatexedi5SmCE%2FIVKNYmp2Fi"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000,private
accept-ranges: bytes
cf-ray: 867ad55c7e1c37fd-FRA
expires: Fri, 05 Apr 2024 11:41:35 GMT

GET
H3 200 email-decode.min.js Show response
correiodoestado.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 19ms
18ms Script
application/javascript 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://correiodoestado.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://correiodoestado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 15 Mar 2024 16:05:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65f471be-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2FR3ErFLTfbO2B05WVybkYEYZ2KLgHCM3ll9s4GcUDqN3Zvc9T0KYNfMP5HvCy%2FClHGzRnzwG0uKM3OLjhg5oUo71vozTyt10pyi5ugSh%2Fr9%2FKImXgcFwr4%2B7XznBFIf80D%2F5Lc8Isr2qPcs7%2ByajW42Vupq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 867ad55d5bee0e68-AMS
expires: Sat, 23 Mar 2024 03:25:13 GMT

GET
H3 200 jquery-migrate-1.4.1.min.js Show response
correiodoestado.com.br/application/themes/correiodoestado.com.br/js/ 10 KB
4 KB 135ms
134ms Script
application/javascript 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado.com.br/application/themes/correiodoestado.com.br/js/jquery-migrate-1.4.1.min.js
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://correiodoestado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
content-encoding: gzip
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-status-h: 203799
x-status: 1
alt-svc: h3=":443"; ma=86400
content-length: 4014
last-modified: Mon, 26 Feb 2024 20:41:29 GMT
server: cloudflare
etag: "2748-6124eef2c05c2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mJIjq4mxzY%2FW8vtzZd7iSS884Ly2NbzyaYh6afsjDSoIPFrrFPi4E0ZwiyVQ5m3xRuKARyRuhLmboC5EPiTUvZOHeQPt%2FqboofPQujFfN1QHZNdpq9vxbmSYpe%2BgURuWUotDqDnM5GeFjVwqvpqzbUXmF%2Fdi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000,private
accept-ranges: bytes
cf-ray: 867ad55d6bf70e68-AMS
expires: Thu, 06 Mar 2025 11:41:35 GMT

GET
H3 200 jquery-3.5.1.min.js Show response
correiodoestado.com.br/application/themes/correiodoestado.com.br/js/ 87 KB
31 KB 136ms
135ms Script
application/javascript 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado.com.br/application/themes/correiodoestado.com.br/js/jquery-3.5.1.min.js
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://correiodoestado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
content-encoding: gzip
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-status-h: 206553
x-status: 1
alt-svc: h3=":443"; ma=86400
content-length: 30910
last-modified: Mon, 26 Feb 2024 20:41:29 GMT
server: cloudflare
etag: "15d84-6124eef2c05c2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZOZex7THfn3a1mLeRMV1m674i5qPURufW7JCyTIa7e5cjp9vcHQ2W6IS4CZZ59lhrock%2FhKdniPMXUXkyAOGLuf1TKXjgu4ioT0be0oYdREd2pPzTVWkZLHDhh0yBDFxJOQEhXIJP%2BhpMmcAVcgPG%2By3y9zI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000,private
accept-ranges: bytes
cf-ray: 867ad55d7c070e68-AMS
expires: Thu, 06 Mar 2025 11:41:35 GMT

GET
H3 200 webflow_v058.js Show response
correiodoestado.com.br/application/themes/correiodoestado.com.br/js/ 320 KB
73 KB 125ms
125ms Script
application/javascript 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado.com.br/application/themes/correiodoestado.com.br/js/webflow_v058.js
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ece2c4a6485e558c6391638609ceb936b3aae63f1ca49d7edc11da093627b066

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://correiodoestado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
content-encoding: gzip
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-status-h: 79639
x-status: 1
alt-svc: h3=":443"; ma=86400
content-length: 74010
last-modified: Fri, 15 Mar 2024 18:26:37 GMT
server: cloudflare
etag: "4fe94-613b725fb368b-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5TZ1q4SZmw%2B3oq2mJ6T61tN3OJCMAMgHSWLsunDAq9FFT1DvkWU17GqBa03qndRmHuoCMJf5bcGd91GHKiU21YMZaIHgecCqL8Gjba4UC06sUTf%2BIXkAzG56j5QX5PBCfqd5BMB0tbjQ4MkwDS7WKAMAIbft"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000,private
accept-ranges: bytes
cf-ray: 867ad55e3c7b0e68-AMS
expires: Sat, 15 Mar 2025 18:27:25 GMT

GET
H3 200 jquery.validate.min.js Show response
correiodoestado.com.br/application/themes/correiodoestado.com.br/js/jquery-validate-1.19.5/ 24 KB
8 KB 128ms
127ms Script
application/javascript 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado.com.br/application/themes/correiodoestado.com.br/js/jquery-validate-1.19.5/jquery.validate.min.js
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://correiodoestado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
content-encoding: gzip
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-status-h: 203907
x-status: 1
alt-svc: h3=":443"; ma=86400
content-length: 7917
last-modified: Mon, 26 Feb 2024 20:41:29 GMT
server: cloudflare
etag: "6019-6124eef2c05c2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Lsvn5oWtWPnT3Q65fi1WUgqNQg4eYuZMA7Ovh%2BdMNNYMfJzcj%2BgNBQ4DurnbI%2F%2BQKeUuLYd59CEfXLzFhB%2BdBWAs5IQS3PiaVcx%2FL42itE9bKRpjLXcXGlu%2BqLsZrtQsYLFVMikAjCoIqyydWZcSHpoXeFe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000,private
accept-ranges: bytes
cf-ray: 867ad55e7ca80e68-AMS
expires: Thu, 06 Mar 2025 11:41:35 GMT

GET
H3 200 messages_pt_BR.min.js Show response
correiodoestado.com.br/application/themes/correiodoestado.com.br/js/jquery-validate-1.19.5/ 5 KB
2 KB 132ms
131ms Script
application/javascript 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado.com.br/application/themes/correiodoestado.com.br/js/jquery-validate-1.19.5/messages_pt_BR.min.js
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd85eddb7d662d5237b7366e9eeaaf4bd5ca2af2bf9a6673e5e165baeb09da1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://correiodoestado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
content-encoding: gzip
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-status-h: 202989
x-status: 1
alt-svc: h3=":443"; ma=86400
content-length: 1386
last-modified: Mon, 26 Feb 2024 20:41:29 GMT
server: cloudflare
etag: "15c9-6124eef2c05c2-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BSTEPV9WAnX9pEcJfxJbUIyS80kyS7x7UR6HWsYLmbuV2BmksAfh8xzyxeX6GxLSBlLtMmK53HTS5u0pwZm6mR3avzcEwrToB9yBPpBkMS%2F2uZkAUb526Zd8v1uzPaQ71ryRw%2BNd9gZvSbzUuggCkalmnaHq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000,private
accept-ranges: bytes
cf-ray: 867ad55f1d220e68-AMS
expires: Thu, 06 Mar 2025 11:41:35 GMT

GET
H3 200 scripts_v058.js Show response
correiodoestado.com.br/application/themes/correiodoestado.com.br/js/ 13 KB
5 KB 132ms
131ms Script
application/javascript 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado.com.br/application/themes/correiodoestado.com.br/js/scripts_v058.js
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb661951d744f303c9c1504f68f78a44bdabbb81fb025f35ea91d2a3f4d82899

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://correiodoestado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
content-encoding: gzip
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-status-h: 78509
x-status: 1
alt-svc: h3=":443"; ma=86400
content-length: 4288
last-modified: Fri, 15 Mar 2024 18:26:37 GMT
server: cloudflare
etag: "3397-613b725fb368b-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F8SWegOkJoKYIDFSSDSVyJRzU1d4CIX82kTXWcwMbmYjznVk%2BxkBhm7LHqan7vCMOR5wxnV%2FlcRZ0PDEtO4FstD3QdfFCHMD95IN0M8SCjacMBp9PDflhKnE26P6WjH90XNMLKN88Qpqw%2B%2BnksfeZtve5oLn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000,private
accept-ranges: bytes
cf-ray: 867ad55f1d240e68-AMS
expires: Sat, 15 Mar 2025 18:27:25 GMT

GET
H3 200 jquery.cookieBar.min.js Show response
correiodoestado.com.br/application/themes/correiodoestado.com.br/js/jquery-cookiebar/ 6 KB
3 KB 133ms
132ms Script
application/javascript 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://correiodoestado.com.br/application/themes/correiodoestado.com.br/js/jquery-cookiebar/jquery.cookieBar.min.js?v=058
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70fbedd25992e0b003c735ef697a034c7aa744d74e447ca878aa67e70c387df3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://correiodoestado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
content-encoding: gzip
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-status-h: 78408
x-status: 1
alt-svc: h3=":443"; ma=86400
content-length: 2570
last-modified: Fri, 15 Mar 2024 18:26:37 GMT
server: cloudflare
etag: "180c-613b725fb174b-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ir86pidSKr6OhKHdjW5jZ%2F6Juz2Nipj7SI3Z0gx1EEQQQfYw1np3kFmhMr7LIL5PSPidQGTRjg3Hm8fPlAoZhMwyh%2F9Z0i0uRSCOFck69YNtXLH805wxXf8ls3d1DC4nIdnGmd4D%2BT0JWfAcFxm8kOF40ekn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000,private
accept-ranges: bytes
cf-ray: 867ad55f1d250e68-AMS
expires: Sat, 15 Mar 2025 18:27:25 GMT

GET
H2 200 07312727-7430-4b77-95d5-8569abc18736-loader.js Show response
d335luupugsy2.cloudfront.net/js/loader-scripts/ 4 KB
2 KB 1020ms
834ms Script
application/javascript 52.222.250.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/07312727-7430-4b77-95d5-8569abc18736-loader.js
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-175.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a6a2d909697b17e2775fc77237ba4526e00320eec078b7ab7212772c44558c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: Gsr5lRtg3R0ZBUm0KWYKW5BpQXxsB7hx
content-encoding: gzip
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
date: Thu, 21 Mar 2024 03:25:15 GMT
last-modified: Tue, 06 Feb 2024 02:04:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
etag: W/"bc704d45a5168d0ec0705378172c488b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: no-cache
x-amz-cf-id: 8c3dKNaDuECS5vLlLnIIMwAh3Em98CvNgVMiOuBlW2dlp7Db7szZ6g==

GET
H2 200 build.js Show response
dtokw98w8oklz.cloudfront.net/ 84 KB
20 KB 196ms
10ms Script
application/javascript 2600:9000:236e:7a00:5:6af1:95c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dtokw98w8oklz.cloudfront.net/build.js

Requested by

Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:236e:7a00:5:6af1:95c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b5b0feddbd1dde0e0793d83bcd62810ee233b6b65d3bd95f733b92ab3b5012c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 02:46:46 GMT
content-encoding: br
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P1
age: 2308
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Mar 2024 07:32:14 GMT
server: AmazonS3
etag: W/"ea4a8672f1a80f5be101014987fd18b3"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
link: <https://ap-adserver.igaming-ap-service.io>; rel="dns-prefetch"; rel="preconnect"
x-amz-cf-id: xxMyHIegbkgrlfFf6IXsXkxm_4vslLvUCQEnGK0N4vDb3kUlE5--Ag==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/ 437 KB
138 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b02035774d9978a0656512051c97ec80f62a4da90137b41e4e998d5cbb7b957

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:14:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47434
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140761
x-xss-protection: 0
server: cafe
etag: 16686147382162094741
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 20 Mar 2025 14:14:39 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 205 B
133 B 30ms
15ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=correiodoestado.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86c6f9e9d2322bfb7517992c4d9e1ecc93e86e01d5088c52b020c4844bfc2579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108
x-xss-protection: 0
expires: Thu, 21 Mar 2024 03:25:13 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 194ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&family=Playfair+Display:ital,wght@0,400;0,500;0,600;0,700;0,800;0,900;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://correiodoestado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 08:10:53 GMT
x-content-type-options: nosniff
age: 155660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 08:10:53 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
3 KB 198ms
13ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

233ac504546f7c61594002539cd7c2951cc0bcba441552fcfdfd6227a45a123a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 21 Mar 2024 03:25:13 GMT
content-md5: dG8BPIBKhuSVI39aZ9lz9g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1294, tbw=2789, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: hxYQXsFuD0Bu0UjH4NJo1oD4qxBRljGR4D8D23OYC/S1tmqnSFt37wm/7YvagDHh/Q/HdRFrAo1PWlTRgHRo6w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: f4a6d29152b26007041b4e98e18a865b
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "eb9ae22139e6ebb6456ff21043641e4d"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 21 Mar 2024 03:41:16 GMT

GET
H2 200 marfeel-sdk.js Show response
sdk.mrf.io/statics/ 149 KB
40 KB 258ms
72ms Script
application/javascript 2606:4700:3033::6815:325a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=4189
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ae8d9d0bbae200bda8aa66fb3ebc20ed24aadd5b88ba93f4ea4138471b7d1cb

Request headers

Referer
Origin: https://correiodoestado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-response-time: 3ms
date: Thu, 21 Mar 2024 03:25:13 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Thu, 21 Mar 2024 03:11:40 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1800
x-envoy-upstream-service-time: 10
accept-ranges: bytes
cf-ray: 867ad5603a7d9232-FRA
alt-svc: h3=":443"; ma=86400
content-length: 41118

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 184 KB
67 KB 206ms
22ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-1420794-71&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-NQCSX44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1290e8e18182f113167f8ee6901091029eb3f18524f30867357fd9dd253dcc6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68643
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Mar 2024 03:25:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 285 KB
96 KB 216ms
31ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BXGB68T2MJ&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-NQCSX44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6583bbe1f321e8396c6a516a1681e1745f5c1396dc4eff3075f05bc1e917a87e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98025
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 03:25:13 GMT

GET
H3 200 bg-ads.png
correiodoestado.com.br/application/themes/correiodoestado.com.br/images/ 166 B
700 B 129ms
128ms Image
image/png 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://correiodoestado.com.br/application/themes/correiodoestado.com.br/images/bg-ads.png
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/application/themes/correiodoestado.com.br/css/correioestado_v058.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73194b21ff88337c0bd88cf4eef1a46246b0be5d83fb2a5544bded3a1d3afee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://correiodoestado.com.br/application/themes/correiodoestado.com.br/css/correioestado_v058.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-status-h: 79883
x-status: 1
alt-svc: h3=":443"; ma=86400
content-length: 166
last-modified: Mon, 26 Feb 2024 20:41:29 GMT
server: cloudflare
etag: "a6-6124eef2b1b62"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dnCW61QD0avX7uFFmIrF%2BRBmzktYQp7q7EJTNI2HRwSQErbMSrRAMOZaRnxbdi3dqL9SRcm0VfWTvmaQNWG7YUR9%2BuEBBAKcHyh%2Fmhk%2B23PoDIIMeHFW6wnN65YsFz4WROsciF3vml7an%2BCyTE4UBIHhv%2Fz5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000,private
accept-ranges: bytes
cf-ray: 867ad55f2d300e68-AMS
expires: Fri, 05 Apr 2024 11:41:35 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4

Request headers

Referer
Origin: https://correiodoestado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v37/ 37 KB
38 KB 188ms
20ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://correiodoestado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 09:09:55 GMT
x-content-type-options: nosniff
age: 152118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38372
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:15:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 09:09:55 GMT

GET
H3 200 logo-big.jpg
correiodoestado.com.br/application/themes/correiodoestado.com.br/images/ 14 KB
15 KB 130ms
130ms Image
image/jpeg 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://correiodoestado.com.br/application/themes/correiodoestado.com.br/images/logo-big.jpg
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d14bd29d89fc74cdc1501fd139867ad735affbfd659f2a50803205e33d1d77e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://correiodoestado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-status-h: 140545
x-status: 1
alt-svc: h3=":443"; ma=86400
content-length: 14337
last-modified: Mon, 26 Feb 2024 20:41:29 GMT
server: cloudflare
etag: "3801-6124eef2bc742"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=svfg%2BU2l5T%2BDBNlf646SQT0JsVCLItQfecrJ4xe0YU5a6NgyeMlMa6ifoWnw8FbLS2EH%2BfN5ofbZKCsEi36bxdmQqeGz%2FtYeWphJACJNMIpqQHurnmXFHMj279PsmYbvrfVOzzv3oY9hvsBnVMS8qkR8jGPt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000,private
accept-ranges: bytes
cf-ray: 867ad55f4d4c0e68-AMS
expires: Fri, 05 Apr 2024 11:41:35 GMT

GET
H2 200 fachada-da-sede-da-garras.jpg
cdn.correiodoestado.com.br/img/c/730/365/dn_arquivo/2024/03/ 63 KB
64 KB 187ms
163ms Image
image/jpeg 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.correiodoestado.com.br/img/c/730/365/dn_arquivo/2024/03/fachada-da-sede-da-garras.jpg
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54a258f8429ddba2de7b8fb7854e5982c77cf03afdb1e968e72f73096e28c496

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: HIT
last-modified: Wed, 20 Mar 2024 19:03:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wDZqwmJxLDWizBVoGW375oEUsuKMd0KfrCkvJ2LHYRNN3ULNut79rb31ryDpQl3uYon2e%2BKN1hkzyhVv8R2kw8OQnxqC2ggCQNPWeZ6xHaCPb%2FCUaeWDPDx0LtliOzuSan1glsWNGRB5xzWUI5v0s90mZJWguXhDQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
content-disposition: inline; filename="fachada-da-sede-da-garras.jpg"
accept-ranges: bytes
cf-ray: 867ad55f693337fd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 65014

GET
H2 200 02-0124-0551-lixo-dengue-go.jpg
cdn.correiodoestado.com.br/img/c/300/170/dn_arquivo/2024/03/ 21 KB
21 KB 132ms
128ms Image
image/jpeg 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.correiodoestado.com.br/img/c/300/170/dn_arquivo/2024/03/02-0124-0551-lixo-dengue-go.jpg
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 925620b961a3140a4fbf38e5a03b68c2abbeb5c6959e9326612f66b421ed0443

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: HIT
last-modified: Wed, 20 Mar 2024 19:44:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oOJMjBPhePLp4XL0OhnItyEqOOfo7p2xH%2FQUxMu%2B%2Fsd59ZiAWD0WQXtWNxoLfOobS6as2RaNVijqvii75LA%2Btq9dtJSx%2FVXY2%2BIaw%2Bg2pdq6wPV%2FttCwKS2Wkh%2FOjg6Wak7AxDxV0l%2B2YhRJxNH6hXBy4YalfKhkIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
content-disposition: inline; filename="02-0124-0551-lixo-dengue-go.jpg"
accept-ranges: bytes
cf-ray: 867ad55f693037fd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 21541

GET
H2 200 pib-cg.webp
cdn.correiodoestado.com.br/img/c/300/170/dn_arquivo/2023/12/ 10 KB
10 KB 118ms
114ms Image
image/webp 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.correiodoestado.com.br/img/c/300/170/dn_arquivo/2023/12/pib-cg.webp
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 905ea416df2028fb675f5a102dcf677a29fdfa8ba9611f89e81d4cc4984ce00f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: HIT
last-modified: Wed, 20 Mar 2024 23:00:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PIU81POHc1TFyYQ7xQSF%2FwW6zeqFN3rpQEUM%2BCsVUqeIrWmpoEJ3h4gRduV%2BL7rPKrmcqrAUMCTLSh2rlDdbbkW5GP5b%2BfrZpcQNMMEFf7AnB7yxZZm9Q%2B6Vp%2BkYtVUeUKXpI6pzxTnXO5yVPSfapeCyPnn%2FeWM8CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="pib-cg.webp"
accept-ranges: bytes
cf-ray: 867ad55f692f37fd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 10100

GET
H3 200 dsc06368.jpg
cdn.correiodoestado.com.br/img/c/300/170/dn_arquivo/2024/03/ 55 KB
55 KB 134ms
130ms Image
image/jpeg 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.correiodoestado.com.br/img/c/300/170/dn_arquivo/2024/03/dsc06368.jpg
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca96e29125d7fd6b599b0bb96ee9c5f460a97722d92916089a4d7476272a5d6d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: HIT
last-modified: Wed, 20 Mar 2024 17:40:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FsglSKhkrWBZwS6LU9EMldUQPJTYohLsWtPs5tC0zjUws8J%2BimCkVb86mlu1cVVdfne%2BqBoF6tZfRsz%2BV1UwTKQO3IFBYN4%2Fwt6vDLEdysYvvKftenk1eJLU1cI8%2FiBMJkxebwP%2F5Ttcc9m3NZdGceKCQteZck1T0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
content-disposition: inline; filename="dsc06368.jpg"
accept-ranges: bytes
cf-ray: 867ad55f9d7f0e68-AMS
alt-svc: h3=":443"; ma=86400
content-length: 56126

GET
H3 200 05-0324-0001-coletiva-rafael-tavares-go.jpg
cdn.correiodoestado.com.br/img/c/300/170/dn_arquivo/2024/03/ 17 KB
17 KB 130ms
126ms Image
image/jpeg 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.correiodoestado.com.br/img/c/300/170/dn_arquivo/2024/03/05-0324-0001-coletiva-rafael-tavares-go.jpg
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab4e6f7d2a6b0198996b74d34881525ec16d6d1d23aa19ea55741cff8cc8530e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: HIT
last-modified: Wed, 20 Mar 2024 20:21:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B2jVQd1aYlui39u6FOlb%2FEJAsrZ1NmioaUII0dJXQ9DOlFdmK0%2FP65KyGz1uWlZJg8DJa9tKEU6hT%2BpGJ16TakgvpqFOpmp%2FYbv8jBSaLEhjTej5SMLfANRjRkT0qjsw9PN64Arc9RxMaRI3KiVlGHux%2BOxeCEwYPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
content-disposition: inline; filename="05-0324-0001-coletiva-rafael-tavares-go.jpg"
accept-ranges: bytes
cf-ray: 867ad55f9d800e68-AMS
alt-svc: h3=":443"; ma=86400
content-length: 16937

GET
H2 200 8603c51d-751d-4b37-89cb-fe2c5ad0fc99-13_2.jpeg
cdn.correiodoestado.com.br/img/c/300/120/dn_arquivo/2023/03/ 9 KB
10 KB 24ms
20ms Image
image/jpeg 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.correiodoestado.com.br/img/c/300/120/dn_arquivo/2023/03/8603c51d-751d-4b37-89cb-fe2c5ad0fc99-13_2.jpeg
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63b8ede97bc962d12bfffc83cf2fb04629ad6d29384d8f468a91fa75b0a87236

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: HIT
last-modified: Thu, 14 Mar 2024 00:37:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 82636
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Avi8OshUae0k6QdJBpyRLqnKu67TeKDk6OVu0WgL%2F0Dw7dIZRpq5lGlOtlWL1HCudHS4nmorDJifbYbxYbGsF2iIo%2B92cJqVzOry3pKUH%2F9I1dY1SfsraiI73PpXC8XEaPNr0PcPaFZ%2FiH%2B6P9wTGV6S9%2FZzA0Xwbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
content-disposition: inline; filename="8603c51d-751d-4b37-89cb-fe2c5ad0fc99-13_2.jpeg"
accept-ranges: bytes
cf-ray: 867ad55f693137fd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9338

GET
H2 200 02-1022-0286-chuva-go_1.jpg
cdn.correiodoestado.com.br/img/c/300/120/dn_arquivo/2022/10/ 12 KB
13 KB 22ms
19ms Image
image/jpeg 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.correiodoestado.com.br/img/c/300/120/dn_arquivo/2022/10/02-1022-0286-chuva-go_1.jpg
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1de34477d7b7a353650a22c1cfa24571f2ccd8487b83c22e9092194877b6f026

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: HIT
last-modified: Wed, 20 Mar 2024 01:15:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 82637
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sX7uu0r9HQCAidJkg30bCOWU%2B9KgpctgmpSLVneeWU8BeHGD687A6gTzwFFoNHzV7vhkt6FgU2peegF3UIWpG13vnqSb5EgDJnl0tRH5OdbBqUYab6L4u%2Brw0rBA4kmLoVGdTRS5T5gY%2Fv2orABXZHEYzeSBTxNxtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
content-disposition: inline; filename="02-1022-0286-chuva-go_1.jpg"
accept-ranges: bytes
cf-ray: 867ad55f693237fd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 12780

GET
H2 200 camila-jara-em-washington-3.jpg
cdn.correiodoestado.com.br/img/c/300/120/dn_arquivo/2024/03/ 8 KB
8 KB 30ms
27ms Image
image/jpeg 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.correiodoestado.com.br/img/c/300/120/dn_arquivo/2024/03/camila-jara-em-washington-3.jpg
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e74797f64d03c5e711604e36b050f6c1ff400dbb9550f8573cc3fe3e085fdc0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: HIT
last-modified: Wed, 20 Mar 2024 01:15:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 82637
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RYr3iAYedm0FLREtKkYo5Ej4OvSpHXLiIMXo0BxmTreEH37Sr7lP1VP1CuxnoHEap8EQJLm4Zadb5OusDDfykbRyyFnIDf2f2EQExG%2B%2Fj4WWAZXS0sSSLcAsyk%2BMgenNN3zwvG74pNk9MDJwTbv3LZoHfIA%2FsveAag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
content-disposition: inline; filename="camila-jara-em-washington-3.jpg"
accept-ranges: bytes
cf-ray: 867ad55f692d37fd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7888

GET
H2 200 feto-canlsificado-600x400.webp
cdn.correiodoestado.com.br/img/c/300/120/dn_arquivo/2024/03/ 5 KB
5 KB 20ms
17ms Image
image/webp 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.correiodoestado.com.br/img/c/300/120/dn_arquivo/2024/03/feto-canlsificado-600x400.webp
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2cc30a09010e49fe57fa6b3bc667fd94d12fbb72b7dc4fc6ee8684535d4713b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: HIT
last-modified: Wed, 20 Mar 2024 07:50:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 68752
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ACqWfY5MfQUuJoxOzMKBQikZVL4SSsU97hiotol7cjYunFoHRVpteYxyKQ1qN2Akn%2FRMStRsOUCSJhDQHp2FBT2TW4RdyAbGbMRN8eY8w9VLM0H4mu6A7weTDyDaH98rVO%2Fyw5LK5NaGoJveFQbx300JKIQfhPIDdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="feto-canlsificado-600x400.webp"
accept-ranges: bytes
cf-ray: 867ad55f692a37fd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5070

GET
H3 200 whatsapp-image-2024-03-19-at-110718-1.jpeg
cdn.correiodoestado.com.br/img/c/300/120/dn_arquivo/2024/03/ 9 KB
9 KB 55ms
51ms Image
image/jpeg 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.correiodoestado.com.br/img/c/300/120/dn_arquivo/2024/03/whatsapp-image-2024-03-19-at-110718-1.jpeg
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 590ad48f4ba01402a518d5b93ac45b5937fb6f2e9338c24371b381232fcc63a2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: HIT
last-modified: Wed, 20 Mar 2024 07:50:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 66427
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sKJ9M95No09Zki37nTx8CA0PWAkqgVa3wOc6V36lOSj46E2FO4Zvnz0IxE5JhyjQw2j80iaFzhE167r5TdMcKV2hato5mixEzS%2Bl3zftqY9hRE8YZxrAvgg0zF3R7XwlRDC47B43qquKFX%2FYHkUiwTXyWC%2FsBENfBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
content-disposition: inline; filename="whatsapp-image-2024-03-19-at-110718-1.jpeg"
accept-ranges: bytes
cf-ray: 867ad55f9d810e68-AMS
alt-svc: h3=":443"; ma=86400
content-length: 8781

GET
H3 200 mega94.jpg
correiodoestado.com.br/application/themes/correiodoestado.com.br/images/ 44 KB
45 KB 143ms
143ms Image
image/jpeg 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://correiodoestado.com.br/application/themes/correiodoestado.com.br/images/mega94.jpg
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9bd7e36e502a1852269ecd4594c7a7bfcf7337869809cec23d1e74c5e903495

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://correiodoestado.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-status-h: 12872
x-status: 1
alt-svc: h3=":443"; ma=86400
content-length: 45554
last-modified: Mon, 26 Feb 2024 20:41:29 GMT
server: cloudflare
etag: "b1f2-6124eef2bc742"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7zFCe3iOJsvCDBq%2FCcsUZ0dSzNQopebKUPBmD%2FaiBPiUfxKYZgDPFO4GCOAKxgqiic37TIX7Y7vah3kZGigtUi0zTIk78kEs1A7SwOjrW65%2FNgjjGi%2B0B8SW7F7p0TJIp4GT2%2B2e%2BUvP00d%2BS4icr5vrxZKt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000,private
accept-ranges: bytes
cf-ray: 867ad55f5d4d0e68-AMS
expires: Fri, 05 Apr 2024 11:42:56 GMT

GET
H3 200 tempo-seco-mv.jpg
cdn.correiodoestado.com.br/img/c/460/620/dn_arquivo/2024/03/ 41 KB
42 KB 129ms
125ms Image
image/jpeg 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.correiodoestado.com.br/img/c/460/620/dn_arquivo/2024/03/tempo-seco-mv.jpg
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cb7e7a08e9beef86a9bcc623216bed9df694c1ff20f4a743d157dfd3f74947c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: HIT
last-modified: Wed, 20 Mar 2024 15:58:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bziaoji%2Fha2r%2BtgoWgz%2FfHXaxYAqFSBhpI%2BR5G2cbcjHphpialvhFAVYYl%2FsXuOzsQGAVNkehqFF%2FKruDOV7br7GXDB8TAvS5%2FhmA0z1Jk%2FUjqm9zUChEu%2BYxmNVAtAdB0EIdFtv3KO1t2WwMSNRC2XwUg%2BGtdCDUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
content-disposition: inline; filename="tempo-seco-mv.jpg"
accept-ranges: bytes
cf-ray: 867ad55f9d820e68-AMS
alt-svc: h3=":443"; ma=86400
content-length: 42473

GET
H3 200 design-sem-nome-87.jpg
cdn.correiodoestado.com.br/img/c/460/230/dn_arquivo/2024/03/ 20 KB
21 KB 31ms
26ms Image
image/jpeg 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.correiodoestado.com.br/img/c/460/230/dn_arquivo/2024/03/design-sem-nome-87.jpg
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1568186ba17aacd78ff41bdbadd5ee696a220f5962b47affdd28f123316c7fb3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: HIT
last-modified: Wed, 20 Mar 2024 14:15:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 18403
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OGQP7hV6d3MURDUR3iFQG4ALYzHoeDoT23gAjmdqvaBg8TYcm0ae7HDdxzgJ1dLLOLst5oaDkGFtE5mB2D0bxnW4c8Gb2Uh0T5IvFTUvt%2BBmjnIdicz8J6LTj7hYCzmn5xgrPxVjF9BYLOt8HkTmtk25EJ3cJrfQIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
content-disposition: inline; filename="design-sem-nome-87.jpg"
accept-ranges: bytes
cf-ray: 867ad55f9d830e68-AMS
alt-svc: h3=":443"; ma=86400
content-length: 20829

GET
H3 200 02-0324-0240-br-262-go.jpg
cdn.correiodoestado.com.br/img/c/460/230/dn_arquivo/2024/03/ 36 KB
36 KB 56ms
51ms Image
image/jpeg 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.correiodoestado.com.br/img/c/460/230/dn_arquivo/2024/03/02-0324-0240-br-262-go.jpg
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1b9a23d1d13dfabb89d12a0c2573cb92758b793118bb9b3327ce645a0900b67

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: HIT
last-modified: Wed, 20 Mar 2024 13:02:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 42402
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fr7nHtKVURlBWIeydSYJZrSWoMscaQJt5sOuSukT03wHrwXKesG3DDtymOz0bmY3u0XMcTgL1FEMwK9BeGo2FCUWqBTqR0dbxiMiZQNdOgvo4UuKFm%2FI2EM8LvzH%2FlvlDkSyngyq4qaBX4x%2FmEfqVgNLSsjD6pVOdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
content-disposition: inline; filename="02-0324-0240-br-262-go.jpg"
accept-ranges: bytes
cf-ray: 867ad55f9d840e68-AMS
alt-svc: h3=":443"; ma=86400
content-length: 36528

GET
H3 200 robinho1.webp
cdn.correiodoestado.com.br/img/c/90/90/dn_arquivo/2024/03/ 1 KB
2 KB 124ms
120ms Image
image/webp 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.correiodoestado.com.br/img/c/90/90/dn_arquivo/2024/03/robinho1.webp
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d395c9161aca1e01d63e152adf3c3c5a46dc902122b969535f1a8c57207e50

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: HIT
last-modified: Wed, 20 Mar 2024 21:55:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U48eXVZCNvn%2BPdZHqfaAV0QTFSxZlinDl6vyJx5neUiTByxhonGOQKmeq09HMPSsG%2Fr1e%2FZxgnqjngrSn7pLm1nw%2BuhtvgSTLN5u%2FjV3KkyVspWwqEhmpCcyUruNvKdPMS5AtzBlKKmjMbi58r0jnbDBexMFIZSwDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="robinho1.webp"
accept-ranges: bytes
cf-ray: 867ad55f9d850e68-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1224

GET
H3 200 pantanal-tempo-foto-bruno-rezende-10-scaled.jpg
cdn.correiodoestado.com.br/img/c/90/90/dn_arquivo/2024/03/ 2 KB
3 KB 58ms
54ms Image
image/jpeg 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.correiodoestado.com.br/img/c/90/90/dn_arquivo/2024/03/pantanal-tempo-foto-bruno-rezende-10-scaled.jpg
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ff1306e27b72a6f2d21146394db565262c8fd9aba12f647d9e2a8d2f2de13ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: HIT
last-modified: Wed, 20 Mar 2024 21:47:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 18890
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2fhDd7Dqa2ZB5cd2G%2B92%2FDcCMbPUawqgWJZ%2FLixsZh0qgxaLGuab90jm3S%2FMX9SQfB993LeMvizdJm7jitWXkn2Pb58nVU4ht1GBRkRWkGMnPOjuLXxRQwUgOZ8ChxAFSwyoSgsgZJM%2FFIdCXk6RJvJK3DN0WvvxLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
content-disposition: inline; filename="pantanal-tempo-foto-bruno-rezende-10-scaled.jpg"
accept-ranges: bytes
cf-ray: 867ad55f9d860e68-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2039

GET
H3 200 ronnie-2.webp
cdn.correiodoestado.com.br/img/c/90/90/dn_arquivo/2024/03/ 2 KB
2 KB 128ms
124ms Image
image/webp 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.correiodoestado.com.br/img/c/90/90/dn_arquivo/2024/03/ronnie-2.webp
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaf8e94ca3f1f5fa27746f07d0a396d273b3d1affcc74e7acc28eba7c19d4304

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: HIT
last-modified: Wed, 20 Mar 2024 21:24:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UMO8qhV%2FUKMYOVQvf3Mt2sUIVkpdGYUHhuJlA0n21oUhUAMBaD16YRjhx2t0tpf%2FEj3Jqpwe2ECiG2i1dFWCFo83WVPBn3QBSCQqXPwLw9b8z07HSyGAjG85iEjMiXbQBjVLNtWdQBmAoFyL2FORyfQrRXbGnejaug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="ronnie-2.webp"
accept-ranges: bytes
cf-ray: 867ad55f9d880e68-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1672

GET
H3 200 michel-constantino.png
cdn.correiodoestado.com.br/img/c/294/150/dn_arquivo/2023/12/ 55 KB
56 KB 32ms
28ms Image
image/png 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.correiodoestado.com.br/img/c/294/150/dn_arquivo/2023/12/michel-constantino.png
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5c86eb1a9da0fc49c3359d1b078629a520d568127869c422a9089af6c747557

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: HIT
last-modified: Wed, 13 Mar 2024 18:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 628411
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MJFqurcQZEeEF1q6I3Wldm0puvbJ2FU4Cr3u9SzU4NnV%2Fsm20DbO5V43plOKspztTXfeWgIuWzAEAzYq5bWdL40SlnJIQJROO1eW2HX0ZzIcJa1Khvc23PWtOE10pTfrB2g9Rf9nKbG3XZoyebdZKQ35x69AFy6zXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
content-disposition: inline; filename="michel-constantino.png"
accept-ranges: bytes
cf-ray: 867ad55f9d890e68-AMS
alt-svc: h3=":443"; ma=86400
content-length: 56652

GET
H3 200 juca-kfouri.png
cdn.correiodoestado.com.br/img/c/294/150/dn_arquivo/2024/02/ 54 KB
55 KB 62ms
58ms Image
image/png 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.correiodoestado.com.br/img/c/294/150/dn_arquivo/2024/02/juca-kfouri.png
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ebfff462b279df4dd98d0749e12c026a3caf744ca103997428e2ca6563b5050

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: HIT
last-modified: Wed, 13 Mar 2024 18:00:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 632979
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3azhy8tg5iZcvQmB8bVu2iSRO4V4kEGhWQtOuc3pPve92Px4xR0IrHFhkMuMtcmZQ3IB1%2BPynV1%2FJg%2B4aXY4URslKLY%2FU5RPBISfteQVbYMckfD2D58a0RpQ%2BXkadSGI5rKzmMK9nGT%2F4QRdCHihxSg%2FPzAJ0yY8jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
content-disposition: inline; filename="juca-kfouri.png"
accept-ranges: bytes
cf-ray: 867ad55f9d8a0e68-AMS
alt-svc: h3=":443"; ma=86400
content-length: 55747

GET
H3 200 juliane-penteado.png
cdn.correiodoestado.com.br/img/c/294/150/dn_arquivo/2023/12/ 59 KB
60 KB 69ms
64ms Image
image/png 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.correiodoestado.com.br/img/c/294/150/dn_arquivo/2023/12/juliane-penteado.png
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c93859a19629d370c76a56632cd266fcecb04550cc3bcf7b4aed19d534117786

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: HIT
last-modified: Wed, 13 Mar 2024 19:23:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 628303
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2FR22VV7FWFN4xK2SF9szlhg6vS%2FVKkXUAOLjsAfAEKjyWBHPvcCUrvdK2O2KlYiOdnDvKvOUfl3Ear%2BBM7wauqo4ToJFZHR5b0FJUbNx%2BZRXkaEQh%2Beah0%2FD6cr8f0QeI61k62kvbdryVBF2oiV4t63DVkDR3bktg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
content-disposition: inline; filename="juliane-penteado.png"
accept-ranges: bytes
cf-ray: 867ad55f9d8b0e68-AMS
alt-svc: h3=":443"; ma=86400
content-length: 60742

GET
H3 200 a-correio-do-estado_6.jpeg
cdn.correiodoestado.com.br/img/c/300/170/dn_arquivo/2024/03/ 7 KB
7 KB 74ms
70ms Image
image/jpeg 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.correiodoestado.com.br/img/c/300/170/dn_arquivo/2024/03/a-correio-do-estado_6.jpeg
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39cf238f9f7b75d929c393d8f56a60c1b9b8da74d20bf06d78a15894bcdad501

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: HIT
last-modified: Wed, 20 Mar 2024 11:45:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 42402
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pI431k7LYDXPNho4h%2FcIgZbXXmfWSqdHhqFyXnRNZUD7G%2Ff3LLVz7Fdrex5QW8BuCY3G4MycbVMY%2FmABXtWot90GTKdtJgB1jXy3LwfSAAIHRA0LfFbzbMHQllwqP%2BWoXQ5s7JoeCkuPFiD%2Bg3OHkjUTKD62iz5HQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
content-disposition: inline; filename="a-correio-do-estado_6.jpeg"
accept-ranges: bytes
cf-ray: 867ad55f9d8c0e68-AMS
alt-svc: h3=":443"; ma=86400
content-length: 6852

GET
H3 200 claudio-humberto_5.jpg
cdn.correiodoestado.com.br/img/c/300/170/dn_arquivo/2024/03/ 6 KB
7 KB 74ms
70ms Image
image/jpeg 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.correiodoestado.com.br/img/c/300/170/dn_arquivo/2024/03/claudio-humberto_5.jpg
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a67f4b480d9a00087e757fd7c1025c577bf3d152532eb4dcc806d5e5235690

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: HIT
last-modified: Wed, 20 Mar 2024 11:33:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 42412
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CHBft4jt6%2ByQdRZ%2FFkVZMW3i1EXJdsAS2bpNdbDfCEKzLLDc4v7i2eIgUKoViYVoNZNgg2VHx4heC7nemycflbWk7Xy%2B9fTpdhvYCMwRsjIOUxIpVwYxYLlDPbnlG6CIk%2BbTSJcZbWVxp9T9Wj51uklJwPVvfdSBpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
content-disposition: inline; filename="claudio-humberto_5.jpg"
accept-ranges: bytes
cf-ray: 867ad55f9d8d0e68-AMS
alt-svc: h3=":443"; ma=86400
content-length: 6342

GET
H3 200 lula-e-vander-loubet.jpg
cdn.correiodoestado.com.br/img/c/730/365/dn_arquivo/2024/03/ 60 KB
61 KB 75ms
71ms Image
image/jpeg 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.correiodoestado.com.br/img/c/730/365/dn_arquivo/2024/03/lula-e-vander-loubet.jpg
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3710634eaa52e63fe0c574d0b8adf1a9d4bf78819793e818394e237dc71faa1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: HIT
last-modified: Wed, 20 Mar 2024 11:40:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 42403
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WeX73E5si6Uxh%2B%2BX2JduSJJobmaYfGqu0HwPr0btutniNWHJHXPsBwWTY8afbbiRw2g2fZxkry4nbm6rcFy44Q81k5%2FVHDbQAOAg4mpADUfUygiEOWKZcbXTrNKJnYUmPmkQgI0G4NozuRrK%2FvAsC1YeVjNXfmkoww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
content-disposition: inline; filename="lula-e-vander-loubet.jpg"
accept-ranges: bytes
cf-ray: 867ad55f9d8e0e68-AMS
alt-svc: h3=":443"; ma=86400
content-length: 61592

GET
H3 200 camila-jara-em-washington-3.jpg
cdn.correiodoestado.com.br/img/c/730/365/dn_arquivo/2024/03/ 42 KB
43 KB 84ms
80ms Image
image/jpeg 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.correiodoestado.com.br/img/c/730/365/dn_arquivo/2024/03/camila-jara-em-washington-3.jpg
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 272f81d199550e922da3f9ebffcb38f62c7ae6eb784503695d05a8cba8d81d8e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Mar 2024 12:01:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 116654
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a2ZXJTpTxw0gcxTNAGOgMeED0b1Pxr9mLGaDKcAjNJvwgdZZ%2FNS6UdYP3W%2FV1BUVfbCwmbIn%2FhiCTv%2Bv6NOP2aq79c5YOH%2BWQtsaiiX6ztgmAo7FwwUNyiXgTAHW9cYFj%2FP%2B818fg3xEReFlypU2F04cWdz2rXxjDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
content-disposition: inline; filename="camila-jara-em-washington-3.jpg"
accept-ranges: bytes
cf-ray: 867ad55f9d8f0e68-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43319

GET
H3 200 05-0324-0001-coletiva-rafael-tavares-go.jpg
cdn.correiodoestado.com.br/img/c/300/180/dn_arquivo/2024/03/ 17 KB
18 KB 130ms
128ms Image
image/jpeg 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.correiodoestado.com.br/img/c/300/180/dn_arquivo/2024/03/05-0324-0001-coletiva-rafael-tavares-go.jpg
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1237454e2f5e6b1f9f3ca7f1dc90cd57486230ce288ffd4f9364fdbf3fc73ca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: HIT
last-modified: Wed, 20 Mar 2024 20:21:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bCsgegHjado%2FgC1Le1FWUR8phk14EdsV5m2tl26F0%2FA7v1040D6hdTEIlomvvoiZT7FznMgZcvkeOqR7nLBYzGrAARhGooYMT1nAtd4IDH6eTXVUAdFa3zp7BaRwWMnT0BuZ3S04vGIAqGruNNZ9eN3zSiTUaUA26A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
content-disposition: inline; filename="05-0324-0001-coletiva-rafael-tavares-go.jpg"
accept-ranges: bytes
cf-ray: 867ad55f9d920e68-AMS
alt-svc: h3=":443"; ma=86400
content-length: 17786

GET
H3 200 imagem-2023-01-17-200901267.png
cdn.correiodoestado.com.br/img/c/300/180/dn_arquivo/2023/01/ 92 KB
92 KB 132ms
131ms Image
image/png 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.correiodoestado.com.br/img/c/300/180/dn_arquivo/2023/01/imagem-2023-01-17-200901267.png
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e997d8eed4381414339f70c7beb72d614e4953c3f97f06cb841816182bd8d1b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: HIT
last-modified: Wed, 20 Mar 2024 17:58:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4LzQcMeO3erwvyKPDC0hyN8uZzCutMJp2l4QzjUH5LruGtfduoZnmdSedYcRuMyrB3SlkuSTkcBUUiRi7%2BB7Jw3VuxMqM6OTBMhnb7wwFlhQRkLdagsswTsHmTu83z52PRsJYhKIROyxnPYppPlEsBvfPDnSRBaYhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
content-disposition: inline; filename="imagem-2023-01-17-200901267.png"
accept-ranges: bytes
cf-ray: 867ad55f9d930e68-AMS
alt-svc: h3=":443"; ma=86400
content-length: 93900

GET
H3 200 04-0515-0016-titulo-de-eleitor.jpg
cdn.correiodoestado.com.br/img/c/300/180/dn_arquivo/2024/03/ 18 KB
18 KB 83ms
82ms Image
image/jpeg 2606:4700:3032::6815:5681
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.correiodoestado.com.br/img/c/300/180/dn_arquivo/2024/03/04-0515-0016-titulo-de-eleitor.jpg
Requested by: Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:5681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84ec375bb0fe47ac5297e206806d12c98d4259a3573291b30aa5a713a4ad96db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Mar 2024 20:52:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 61292
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bCjoKHJiv%2FWg7iR%2FZMCKfFTMoxfhUsGWD6hvK13tFoi3qwrJHCOMRWNaeSqs0%2B%2FdlRQhzfZ1yDbItal%2FRzvaf%2BZJEPWLr3D40NEuHYiAF2P08SiLdKHXrzLAk9jbegRX7zRaqMiiHkF9naFAJMU4LGDx3xdGKARVWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
content-disposition: inline; filename="04-0515-0016-titulo-de-eleitor.jpg"
accept-ranges: bytes
cf-ray: 867ad55f9d940e68-AMS
alt-svc: h3=":443"; ma=86400
content-length: 17966

GET
H2 200 80777562 Show response
fundingchoicesmessages.google.com/i/ 23 KB
10 KB 138ms
36ms Script
application/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/80777562?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e217ca929041462aea2d6e57bf7161d02ce546e0b07ff5eef86a9a55d806377f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KBwDlL6zHrsSLNqvQhECQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-KBwDlL6zHrsSLNqvQhECQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiPnWTWdVAWLN9dNZA4E45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUB8csF51otALMTDMfPiu_VsAgd-t25nAgDX5TF9"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 298 KB
86 KB 16ms
6ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=b18f57741e2db611eade62b6f7849fda

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

30d560cf2957049a53bf04ff25fe18114d6457d1550efd13f5738823b848015d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
Origin: https://correiodoestado.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 21 Mar 2024 03:25:13 GMT
content-md5: Rqk9160K/pzkBYLkJNofmA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87251
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=21, mss=1294, tbw=6372, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug: KLsRkz1lRbDPcVPtzKyw6Y81TkFpWt5fd5WeksVwEjaGbr6wG94BVa+9oPQQ6SZRsHN/MZyNrEcfir9vLcjoWA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: e1bcfa898bee80635dcbd55803abf0cb
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "b278bfe6e3de036483d33fee987bfb57"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 21 Mar 2025 01:41:07 GMT

OPTIONS
H2 200 consent
ap-adserver.igaming-ap-service.io/user/ Frame 0
0 147ms
29ms Preflight 54.170.183.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ap-adserver.igaming-ap-service.io/user/consent

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.170.183.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-170-183-180.eu-west-1.compute.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: PUT
Origin: https://correiodoestado.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Thu, 21 Mar 2024 03:25:13 GMT
server: nginx/1.24.0
strict-transport-security: max-age=15768000
vary: Origin, Access-Control-Request-Headers

PUT
H2 204 consent
ap-adserver.igaming-ap-service.io/user/ 0
0 47ms
46ms Fetch 54.170.183.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ap-adserver.igaming-ap-service.io/user/consent

Requested by

Host: dtokw98w8oklz.cloudfront.net
URL: https://dtokw98w8oklz.cloudfront.net/build.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.170.183.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-170-183-180.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 21 Mar 2024 03:25:13 GMT
strict-transport-security: max-age=15768000
server: nginx/1.22.1
vary: Origin

GET
H2 200 ilabspush.min.js Show response
cdn.pn.vg/push/ 256 KB
67 KB 24ms
24ms Script
application/javascript 2606:4700:20::681a:ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/ilabspush.min.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/sites/1efd6be9-5844-49c6-9d00-aa480c239998.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 510c537007a36e1480396bae494d41bcb5b64d04de7e3915f3c5faee4d000377

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
via: 1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P5
age: 7037
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 15 Mar 2024 20:04:02 GMT
server: cloudflare
etag: W/"36540d0eb17e9054a7a4c60527f7eed0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1uBS%2FpjCo9L2cuItQ%2Fi3qEHIyGIKtiuyiYciNR7eRRJbrtT62bX663fk3C1E%2B%2BTJ3liaszWp3ViiPARvzMQachDGt7ZV2qS%2FgRlzJO4xCz4cgosy5D4TYOf%2BbgpGfedhijVsGxfwhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 867ad560ba881999-FRA
x-amz-cf-id: _r8zMccpi4DF9CkghUQ2PAHA9V88m5h5t7GiQiPiZB3LzwYQSFn3cg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1420794-71&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 21 Mar 2024 01:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5825
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 21 Mar 2024 03:48:08 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
258 B 35ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-BXGB68T2MJ&gtm=45je43k0v891373032za200&_p=1710991513440&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1296022164.1710991514&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710991513&sct=1&seg=0&dl=https%3A%2F%2Fcorreiodoestado.com.br%2F&dt=Correio%20do%20Estado&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=960
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BXGB68T2MJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:25:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://correiodoestado.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
258 B 59ms
19ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BXGB68T2MJ&cid=1296022164.1710991514&gtm=45je43k0v891373032za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BXGB68T2MJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:25:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://correiodoestado.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 38ms
17ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BXGB68T2MJ&cid=1296022164.1710991514&gtm=45je43k0v891373032za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=85382049

Requested by

Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:25:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 323 KB
42 KB 410ms
386ms Fetch
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=331617907180490&correlator=1571472819500459&eid=31081517%2C31081980%2C95327799%2C95327886&output=ldjh&gdfp_req=1&vrg=202403140101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=80777562%2Cnovo-layout-banner-regua-topo-970x250-970x90-300x250%2CCapa_Topo_Lateral_300x250%2Cnovo-layout-banner-regua-cidades-970x250-970x90-300x250%2CCapa_Editoria_Cidades_970x90_970x250%2CBanner-area-de-Enquete%2Ccapa-editoria-politica%2Ccapa-rodape-cotacoes%2CCapa_Popup_300x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=970x250%2C300x250%2C970x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1710991513772&lmt=1710991513&adxs=170%2C1130%2C170%2C1129%2C160%2C170%2C1130%2C0&adys=251%2C371%2C1550%2C1756%2C2846%2C3704%2C4001%2C5158&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C4%7C5%7C6&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcorreiodoestado.com.br%2F&vis=1&psz=1260x90%7C300x250%7C1260x90%7C301x250%7C1280x250%7C300x250%7C300x250%7C1600x5158&msz=1260x90%7C300x250%7C1260x90%7C301x250%7C1280x250%7C300x250%7C300x250%7C1600x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&dlt=1710991513024&idt=483&prev_scp=refresh%3Dtrue%26test%3Devent%7Crefresh%3Dtrue%26test%3Devent%7Crefresh%3Dtrue%26test%3Devent%7Crefresh%3Dtrue%26test%3Devent%7Crefresh%3Dtrue%26test%3Devent%7Crefresh%3Dtrue%26test%3Devent%7Crefresh%3Dtrue%26test%3Devent%7Crefresh%3Dtrue%26test%3Devent&adks=4068051353%2C594300009%2C834477008%2C425584047%2C1352343397%2C839444603%2C2066448455%2C908174677&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5edfdd5c3168f686e026de36429f5d3bb2216ddf2447ce2613b68654f60fcb05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43014
x-xss-protection: 0
google-lineitem-id: 6676041356,-1,6494172694,6494172694,6217517741,-1,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138467865269,-1,138461739360,138466997420,138447793733,-1,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://correiodoestado.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B07A 6 KB
3 KB 91ms
15ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 03:25:13 GMT
expires: Fri, 21 Mar 2025 03:25:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 ingest.php Show response
events.newsroom.bi/ 50 B
858 B 90ms
17ms XHR
application/json 57.128.96.95
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=4189
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.128.96.95 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy07.cl11.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
content-encoding: gzip
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://correiodoestado.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 66

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 34ms
24ms Fetch
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test=bc

Requested by

Host: dtokw98w8oklz.cloudfront.net
URL: https://dtokw98w8oklz.cloudfront.net/build.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d0b33548817a7dcae4beb37258951e85e51c22d4b937c9369b23ad1226aeca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51076
x-xss-protection: 0
server: cafe
etag: 3644963775199610243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 21 Mar 2024 03:25:13 GMT

GET
H2 200 1efd6be9-5844-49c6-9d00-aa480c239998.json Show response
osp-assets.pn.vg/ 784 B
1 KB 58ms
19ms Fetch
application/json 2606:4700:20::681a:ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://osp-assets.pn.vg/1efd6be9-5844-49c6-9d00-aa480c239998.json
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a83935554c811295bf724df7c5737750750bd0c5819a548366ceebf2287976b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 08VF2NDKSCRSY2AP
age: 26891
x-amz-id-2: FOLm3z6CEGHPMtUgVZpeGeInjbacF6KN6T6hDc7Y3SHfM0osrnjibNkSZIq5sG8jYF9ufCJaukhL0BJ92UUV5dw/jpzrkMtKrgrkdOngLt8=
last-modified: Mon, 24 Jan 2022 13:57:53 GMT
server: cloudflare
etag: W/"772a1deaffaa22b8a1c8b6e8d13f0e9d"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, PUT
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vTHYznE%2FWGpStFIOb6rLkw8eYYehlRLLXys9XHDnafEsOTICsfoaREIhJFBdAXloVj61KtqhpiwyQBALGybrUk%2BW8ZPR5XzKvIhlYiBMZMPoeJC7SbptV%2B%2FqUNZzH8YL7Kis6ZkuRgpV3d9PSKk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 867ad5618b460858-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
211 B 16ms
16ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=525555887&t=pageview&_s=1&dl=https%3A%2F%2Fcorreiodoestado.com.br%2F&ul=en-us&de=UTF-8&dt=Correio%20do%20Estado&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1370893285&gjid=525101529&cid=1296022164.1710991514&tid=UA-1420794-71&_gid=161668464.1710991514&_r=1&gtm=457e43k0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=1715111873

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:25:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://correiodoestado.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 38ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test=bc

Requested by

Host: dtokw98w8oklz.cloudfront.net
URL: https://dtokw98w8oklz.cloudfront.net/build.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cdd1051b39adbee974061cfe2294060d42aed1ddf0fd777a957ae14be6e1643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51076
x-xss-protection: 0
server: cafe
etag: 6184805348921127086
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 21 Mar 2024 03:25:13 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 19ms
19ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1420794-71&cid=1296022164.1710991514&jid=1370893285&gjid=525101529&_gid=161668464.1710991514&npa=1&_u=YADAAUAAAAAAACAAI~&z=575223513

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 21 Mar 2024 03:25:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://correiodoestado.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 38ms
17ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1420794-71&cid=1296022164.1710991514&jid=1370893285&npa=1&_u=YADAAUAAAAAAACAAI~&z=406705994

Requested by

Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:25:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 19ms
18ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1420794-71&cid=1296022164.1710991514&jid=1370893285&npa=1&_u=YADAAUAAAAAAACAAI~&z=406705994

Requested by

Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:25:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
p.smrk.io/api/public/geolocation/7z2mkcK41CTmhbHKGRyrzlIum250VTGrpYok/ 412 B
566 B 81ms
25ms Fetch
application/json 13.95.152.229
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.smrk.io/api/public/geolocation/7z2mkcK41CTmhbHKGRyrzlIum250VTGrpYok/
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.95.152.229 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f1c8ccf2c6c00fea2c67436e338a08d5aa7c45720ccf8a9d609859879930d189

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 03:25:13 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Max-Age: 86400
Connection: keep-alive
Access-Control-Allow-Method: GET, OPTIONS

POST
H2 200 ads Show response
ap-adserver.igaming-ap-service.io/ 213 B
378 B 50ms
50ms Fetch
application/json 54.170.183.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ap-adserver.igaming-ap-service.io/ads

Requested by

Host: dtokw98w8oklz.cloudfront.net
URL: https://dtokw98w8oklz.cloudfront.net/build.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.170.183.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-170-183-180.eu-west-1.compute.amazonaws.com

Software

nginx/1.22.1 /

Resource Hash

853d8f1bd85e395bbdfb1b01d17d17f238c3100393afcf1d7430711f5f391525

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
ap-ads-referrer: https://correiodoestado.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 21 Mar 2024 03:25:13 GMT
strict-transport-security: max-age=15768000
server: nginx/1.22.1
content-length: 213
vary: Origin
content-type: application/json; charset=utf-8

OPTIONS
H2 200 ads
ap-adserver.igaming-ap-service.io/ Frame 0
0 29ms
28ms Preflight 54.170.183.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ap-adserver.igaming-ap-service.io/ads

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.170.183.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-170-183-180.eu-west-1.compute.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: ap-ads-referrer,content-type
Access-Control-Request-Method: POST
Origin: https://correiodoestado.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: ap-ads-referrer,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Thu, 21 Mar 2024 03:25:13 GMT
server: nginx/1.24.0
strict-transport-security: max-age=15768000
vary: Origin, Access-Control-Request-Headers

GET
H2 200 container.html Show response
82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 39F8 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 03:25:13 GMT
expires: Fri, 21 Mar 2025 03:25:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 0C5D 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjss04nKKK_PbVgzB3HwEbE0IGEH-a1nK5S6un2DEB-zupUtbInnx6rZQxBBBhA5TzYCDjwAVRO5r1zYgZKp3hrsCyn9UNVoBJr6T9noJq8xdmwazeHGaZhdPjTbD_jSxelTHhyBmPSfdDAsCAe3LV6lYlCRC7-J_HTsHAJTlPrNbfJ18wfSLlyp7YS0w6pgE5amH8yxMgEEzvNpOSBa8LYovUrJYKp-WufLjk9zgD-wbFc6huhfZXPZ-_tLYe4kRytNuusYtsxEAgpe4D3XTPYJ6Xe0KXpSDUzqMetMkUKlxdLC3335Eo95vnOQKp2LlCLkTko4pg_8-ubDTCn1cTICy24yNn4HXE_rzKHl0AgSxfE4lBGNCDQprKcvT&sig=Cg0ArKJSzEtIc6OsfPd5EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/ Frame 0C5D 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 14:20:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 0C5D 3 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 14:27:20 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0C5D 206 KB
62 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:03:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 04:03:19 GMT

GET
H2 200 6483553323240866476
tpc.googlesyndication.com/simgad/ Frame 0C5D 65 KB
66 KB 36ms
10ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6483553323240866476

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7807281cc69741dfe420d922345e84df11205a6b84c657c86b12b619d90cb79c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 02:37:16 GMT
date: Wed, 20 Mar 2024 02:37:16 GMT
x-content-type-options: nosniff
age: 89278
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66595
x-xss-protection: 0
last-modified: Tue, 26 Sep 2023 21:34:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 container.html Show response
82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7B5F 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 03:25:13 GMT
expires: Fri, 21 Mar 2025 03:25:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 0D8E 0
0 42ms
42ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjss95-avbyO6yrGzb3KMqOtlo7nwS6A-0jbvU48imWxsDkJdbjTyVK5iSekP9Ap7W2pxeZM3y1d4G3GgrNnsG7LPwgvywAgGj549dBWCvlC_wRZF-b76Kki6y6YlMTUGq5F291lM5l-CYaWD4BPNUUo-6fDEcPxaAtHOr3qat3mc7KRb15WxAuDdPFKUgaALPZjuG4IQTtj89Q2fajBy4kjWF5Gac59KdcBGEQHu0FtxA9-VQUyPpyWGJ2NnSN1VIRmpvmypn-pRY-rKVaGe2o9XJhQ__lfPiw2vRrH9GUQdl9wUPTTXbqmvyVMArQUhO__wWmznt6kXoIwuBKVbSmHvuNY-E8a1SgpgQE4SfCxIUfyOZVaYdSebZyMdsuTTalsHo33AoLwLalFOvaZ7iMUzwwrMgiS9ltXDjz3UVqAB&sig=Cg0ArKJSzKu1yQJWPgONEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/ Frame 0D8E 23 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 14:20:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 0D8E 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 14:27:20 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0D8E 206 KB
62 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:03:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 04:03:19 GMT

GET
H2 200 16510449423666130660
tpc.googlesyndication.com/simgad/ Frame 0D8E 72 KB
72 KB 35ms
24ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16510449423666130660

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f70d060548859badbadde9c6e3326252c078a7d2cf70405f98d83c2599bc463c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Wed, 19 Mar 2025 08:04:01 GMT
date: Tue, 19 Mar 2024 08:04:01 GMT
x-content-type-options: nosniff
age: 156073
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73488
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 19:16:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame F573 0
0 45ms
43ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsscAHsRc2vXr0jaDI7cgUPGK4OUYRz4YkBKWmT8OlqPXKxpFdSLjubTIjSKOzQjheObte4iw1hbyvjHgiKAn-wVUwbaeLkJIqz0nCeBSVYx2FYt5T5Z2_CFYDDR5stklr4puSPcZrdWVMe8P3QU0-zWNhZCVrPv9AYKTRkZuUVKefxT99fkCYl8hF_9kLris_U7YDpOvD4YxIANe3Iw5taRRkw2t6RKFxtGrNR1RE8qKdRSv39ODliwTBNVG1Vc5um94_2_62b3VZtgtMrjqw23Gl0rYaiPKTRPnIeM2K-J43FJLn-2_z9b7tPeerD2iclISmLmPL31LV4UDxavdWqvbDKQRliEuR6lMYGoqKwZoQW95FCGYFWHdFqGOkvvlTEyj6QblSFbP_OYIRmRTfCFOIQ3EmxqlF2UByKLDygmg5livdReUWIi7N76FL514w&sig=Cg0ArKJSzEBTdwJrJ_55EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/ Frame F573 23 KB
9 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 14:20:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame F573 3 KB
1 KB 16ms
12ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 14:27:20 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F573 206 KB
62 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:03:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 04:03:19 GMT

GET
H2 200 15469062962746576626
tpc.googlesyndication.com/simgad/ Frame F573 34 KB
34 KB 33ms
29ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15469062962746576626

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

565b549c1c5ad7106d6f0d02171a6d7548e017247986c2ab7333a4ee9d166299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 02:37:16 GMT
date: Wed, 20 Mar 2024 02:37:16 GMT
x-content-type-options: nosniff
age: 89278
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34389
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 19:35:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 405E 0
0 47ms
47ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsubtWPUIb6z-Z5Mwo84--8KdFKS8JVWG1RvUVKFjeeA6OM8czFaK7WS_YhxhffhMm-AceV2vp5MRsPFde2DWj2V5TxcSxMDk3P4_61Sz94kbc4TKz8UpWnhr7eqbMIP9i-Rr5JD5ADmnHUhy5b4d0iUtK3uRv23UaXCN9Tg1FqagB2fCK0qWZrkjGS51yKLQtwlHuJhX9xY8vEi5g5EdWVCzkSjkXpsrLFwQ2O_1FL7YKMOOGyL3M3F0mnfQRpf2Nja6CxSnH-IEkHM7SP5Nj-iS7J209ahQn-dvCI2CBdBpSs4iu1iN9RfIrwWhY_EIwTlnEUIMn2v4c2aW7P3w79RwHuePPpTL68qaqR_00Sy3Fa78ZIEFIEJzW2CdzN6Wc-km9LIeaTR9xgdBYcFjsIdP-qchF_Xv8iLxc4NWg808w0Ki3f-LlfGN2x2NQ&sig=Cg0ArKJSzLSAsYZgF7xzEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: correiodoestado.com.br
URL: https://correiodoestado.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/ Frame 405E 23 KB
9 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 14:20:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 405E 3 KB
1 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 14:27:20 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 405E 206 KB
62 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:03:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 04:03:19 GMT

GET
H2 200 7450449052247092128
tpc.googlesyndication.com/simgad/ Frame 405E 55 KB
55 KB 37ms
37ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7450449052247092128

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e55ab0244f1fdf122faf1606280c6c3627616cbced15ff6a1e536df58b08d43f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Fri, 21 Mar 2025 02:43:22 GMT
date: Thu, 21 Mar 2024 02:43:22 GMT
x-content-type-options: nosniff
age: 2512
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56450
x-xss-protection: 0
last-modified: Tue, 12 Mar 2024 22:41:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 0C5D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f97d7601dc2a49c4b81a6d11cc3378f127697a36056fdb0e7471ebc5b47a9ac8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0D8E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6a3722c81f36f240e3508eb3b42251653c8271ed2a541c2dc5981e10535417a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F573 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2361122bdb26f7995be360ae57a3050771f06941a95d76cced4c836a46c22a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 405E 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d87d09c430db949193d3b7cc94e7bf88f093117bb4071b03a2d96bc34eae52d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 rtb Show response
rtb.ads.travelaudience.com/ Frame BD6F 7 KB
4 KB 125ms
24ms Document
text/html 35.187.184.108
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.ads.travelaudience.com/rtb?ads=1000411.5.0.70020435.0.0..0.DE.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60015625.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTGDdmaj7ZbqvM4mG_NUP05aEqAXWwOm_dtPipc7RCsCNtwEQASAAYJUCggEXY2EtcHViLTU1NTQ5MDM2MDE2MjM3MTTIAQmpAs2exV2lU7I-4AIAqAMByAMCqgSuAk_QR8D2jxuv7Y_AQvH515m6N9BVc6IYM1Dz3yBwBOQdFCzZ9EJF-XG-N68c-346VpTUw5keSLLAdys2iDvlUMx2Kf2uRPtPV1LdzZodOJGUtR5-ICXvKuH7e6DKrWoIO2A70GLz3UIfRlyXD7bA0mGxRN5wrgKsrF52chqvR6cbikTkzQ95DcSTtgSEGPfUg7gLHoD0Buq7yAmqE7sPoI1IYUJMWQJvsz1HbaXr9zjY4TzeCp9hg6X6ElWdwIL8HJJ67mdFUbMOTP1VSs99FH-8-16lSld7wYlbefPOrwMetBMKJOwPzadpbY9f2JC7k_hQQDHDbGgkVNfEEzMYuI6kfq_4J1HlkgtkFd73v5a4o1lszo07tIUjhMwrDggnjXAZFkaNESyfLdVj0gR14AQBgAbx1Jmr76T7w-QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIKAiR4YBwEAEyB-uLgOC_gA06CACAgICAgJQoSL39wTpY26OUi7SEhQP6CwIIAYAMAeINEwi555SLtISFAxUJA78EHVMLAVXQFQGAFwE%26num%3D1%26sig%3DAOD64_3ng_YKQ-v3QsHAv1YsO9G2Dth2mw%26client%3Dca-pub-5554903601623714%26adurl%3D&googlewinningprice=ZfuomQAM17oEvwMJAAELU-Mpd_m3Gv7AT-gd8w&wpc=EUR&site=correiodoestado.com.br&slotvisibility=1&gcpm=2427357&gpos=1&bidder=bidder-rtb-production-74ddfd7fdb-5nm8t&dv=1&uuid=&suid=&idv=&brq=mDJKP3eIwjuIjdUSMoRdiSzJaO_69jUs7duCQA&ssp_id=0&l=pt&ts=1710991513&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=NH-h0Pp9DjTYN_Jj1Ig7q-xOgLpEW53ZLqxDnieqO1k=

Requested by

Host: 82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com
URL: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.187.184.108 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

108.184.187.35.bc.googleusercontent.com

Software

Resource Hash

64a01b2d310693f457fc4a268cdc1259c8379bf814ce7ac84b69b6a2d1d9b21e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 21 Mar 2024 03:25:14 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-engine-version: 0.0.0
x-host: deliveryengine-rtb-production-67f7fd9545-bq4pg

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 39F8 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Host: 82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com
URL: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 14:27:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 39F8 20 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com
URL: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:28:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46634
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 14:28:00 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 39F8 24 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com
URL: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 06:51:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 160435
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 19 Mar 2025 06:51:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 39F8 206 KB
62 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: 82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com
URL: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:03:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 04:03:19 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 639E 203 KB
59 KB 143ms
89ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZfuomQAM2hoEvwMJAAELU_bl_ZjmW6lH765wcQ&u=%7C6blkxjPQaN74TtOfMThcLIyhtmAwYFxHPF17LzPC940%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqDI9CrYEs2a5ZhFQbylTFRJylyMHiQnRW9UMMt-GH83vF3umFfnehlVrp4KkE7DC9I2kiOP39zGMPwWF6e2xczFmSVWg6I2XC8wbq76JAA53sqoNm7bmM50KGQ06jl1opxM1X6XQf4bQNPuB7y_J_dhCOWykCz2-S4Nu6Jp2oUNXHh3t8-WN4B1Haevl1pmAE30PclGbte21U679Da08jU6KzeAIuPiog-1Xtc3ffGaYdUW3rlFAgnx1lbrPyW5zuRvGrplrRBwj8aF8MS8yVWWeoXgYmjpVRQJ2tR_Uf7OedtyGn0XqGG1DCbkBob20PPh0gVFhaA8aL1KlHjeh7p7U6D1z2iUpqVjAGQ7dr9HSonCo469yXqyRn6g4R1Kdx_zp4ToHQKaWcW7lMbHEMMHGH5t3dKkc240pDa4cl55MtNvUg_5W2_nK03dbM3cj_6Ngla1_9UrMI931ZS9-mmeEMkCeu5u0-GIFyYA5E73rfMscb7EUs1AO9zVFrqA6zFiun77Ihg23_XRFckv22qGlIYJDyN4KHjs8XA8VhDIRl-Cy2VyVpFidMF8aJpXo1j4cu654h9BQ5kLrAbYHfRTDdba-MSL_4JVj1hdstkAow&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtHh4maj7ZZq0M4mG_NUP05aEqAXJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTU1NDkwMzYwMTYyMzcxNMgBCakCzZ7FXaVTsj7gAgCoAwHIAwKqBLECT9CGOZZZjngH9yD9leF6L7ujyL_z0nlkzUsNORT6crrNtF6VSUnKdgaFgKw06i-oWauvkTm_59eMWbsC-gv89lEv_6W3JtyVxsQ3zMC2v5tcXfrgtwcg1oo8dIlQS4bKNJD-nopgaPbbdoTXMMkMKrt2xbqe594IBgp4LK_oJXtLTKQS83pAepNU4_MqQf14O14fLurjAhbJLvLg92tzPBqD_Y-3FSYubt00CQkDrvvhNOzXYb6fkfGukoyJ7kftljhcnZkAygvagodnkmDfv00lvLCQxNwBXtmd0TcCVNXHWPIjZmSlrx4fmlfr4iza2EXmHyvJFYEBttfO1abGwvZPMak_8MtBhV-L_Z5YDXRl50AIQUIQz68kT_Fq6pt69c2hRr6_vdRDr9Ep6b5PMf7gBAGABpSdn4jlqdXJtQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggoCJHhgHAQATIH64uA4L-ADToIAICAgICAlChIvf3BOljbo5SLtISFA_oLAggBgAwB4g0TCL3nlIu0hIUDFQkDvwQdUwsBVdAVAYAXAQ%26num%3D1%26sig%3DAOD64_03D_6Q93S9Qu5g78ReopKB7ZgWJA%26client%3Dca-pub-5554903601623714%26adurl%3D

Requested by

Host: 82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com
URL: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

48fa24866de016b2f870a9880b95075d6fc9508829ccee734e0485ca299cee9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 03:25:14 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=YxwVgEDG9dqwIym9LQInu9GQtHVI69TMcsyH1KGf5w2SbUeKbbazMN6VqbPMMS8Ao6SiV7sw9pBeFZK_zTg32UXeSlyvhZJ3zbNMHhY_HPgs4i6ZV715CYVXqNFzJTODXaBNEXChHn97uLv-LPuLb6OoRUGofnCeqYT2fumILXCza8RG45jjAlBg6lce2n-4uxHwvnqnyQG05u5jdiJLJ1Bbrx1PQyrHkPgYuNeAPOvM22DADG-3aK9BJCo2TZ-7-inmMQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 74240279
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 7B5F 3 KB
1 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Host: 82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com
URL: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 14:27:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 7B5F 20 KB
8 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com
URL: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:28:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46634
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 14:28:00 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7B5F 24 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com
URL: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 06:51:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 160435
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 19 Mar 2025 06:51:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7B5F 206 KB
62 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: 82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com
URL: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:03:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 04:03:19 GMT

GET
H2 200 view
pagead2.googlesyndication.com/pcs/ Frame 0C5D 0
0 42ms
42ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst1gDfEZIe1NbRLLqznRTMIrSrq6WD6aks6_0AsedwCNnN6bYkThE7H7JPcvg4GDMhu-aBY_cO5xe-pyiZPxF5WME7Tm_93wGimaXMbwglBz4vRzjdofQbdBgzchauEB4KM5xKXbGuOvSIr2FUuEywdoc1JjHGFzmw6hU3EIOCX1ddx8ElR-eKEvO3i2PrVjU4DGU0qzaD8tO7g3Qn3w-yJoCxJUuGZF5cc0j8SJzYpEvuZl3a4rNMplu2uAAqqbMock4gtxEWTpgfjvFw8TckA109XwvuQwUqANCJsqphvpA8Qd-qrCgI25Y7BfWhFfv8U3Bgman_r4BjoTp1UxBusDHk1nMq0GtbBXJ8CdvzZox8zK7IFGGAEz4W7Gs8&sig=Cg0ArKJSzKiAgC6qZTQ-EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame F573 0
0 40ms
40ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssnumOTYjujYa7jyL3OEqyeGr9nmGmYrRf-CgpTYpoe5cpy3gKIoCFXV-2Hoae9lKEnhvmZ5mAimjjrv_7aDNK5Njzk4x2Lij1Szyi0Gbrho9dY9fmsLUH5mehkPeIfYGf6fcLeCbVYzl2TQnmIBK37mkMA8FAysazgPNqJKX1f6Jvw_ThEfGQe-DEQiaNHt-k8z6-lOjl2Thj1WirNOxPRAokTSwMAMopXTHLMOED5Nl7StlNg7iobwxPyotiZ4aAXe8gojXMFlRhAGWvT_UsT-KD3y7kKdCbDuG7TGiOSG_H6jITQ8r4vQU9rGi2ZaTRI5aMSPpJdQ80Edv4BPAzWKSouwGQcwyeDB0hUxwYVcrghuSo_EkLPO3q-JtbZ_Gwg3HTiAyfpaTiPlmcvMLGzq4JEuUJ8bZda2mD5xx3Ao6JfvyBEUXZi6f17RhtUItl8&sig=Cg0ArKJSzLhB8Gyfly8bEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 0D8E 0
0 41ms
41ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstfoxFRQKGn1F_3vEw19Jto8yv0dVczOIhuti3lWk81Pm5qnFzi2P_AlmTYYLhZRXXR_d6_QnkbgnrkFo5fHAwYvjl0cSBLZ4WiH3jL3rqiT65p6CxMW6iDT8Aof7bL-czctgyr28nxmyrtIuBHSzvmtqpPHF-4fZkbxU9PNFIl370pY62om07G8jH4kUkehMut7kjksicYAan3LPXjz_oWZCf-0R_jtYpQOaKQqNf6mydzcY8LoH6kZnfK93l7driiMhieqWDBWTv8yWYxo7xe8jzLRZ6I-z5v_aCcdIXCQaCxVXzzJYYaz-xguKdCfIUGiA0KMOv4wCuxRL20__Wl744n8-BKsNn5E6-t1Uki1i7MzTK1uGgFF9OQ0vfS3brKyOmCePMJy_4oeJCW_RGCD-IdyWFDsS109JTqHx2Z6qE&sig=Cg0ArKJSzKY2BGAoZms_EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 405E 0
0 41ms
41ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvl5EIAfsqNARZS8S-wBlR-cSDiHTVOwS_RfeFjKYMVhMK5DPmlX2tTlELoWwiHBTg-7VRbPMTfm-h95LkT_RGi55iv4eD0760XEWx34V1VWsDsKXEBB1BfAvUIRP8x7jH0k45x_lEbyEZ3a2uX5ayF2XvJf9NyIRBUFHDrvOklOAELGzW9rN_ZQx4OVQOe2qeeH03qkVSaLYbIPoPru063fwxVx1b-PN_YcrGt-KBZ_euhPc7YkfAv776mvNqISFd_9rnm6NuVwDvfzQMcuAWOqpC3SG1Dmzq2nyIziYenXy3_QwNPimC_s0HcGsvSoIWpbLAwNTM08ELnD4eZn4vrOIyxvzwyApIKZMvwiLxAFALuV0-nSOQZZxId3iIm4aUL6ivwKt1Wk7f-Ixj_oPpITgVybXV4EalLRiGtXbNdugYWswKFd9pcEbhsj15u&sig=Cg0ArKJSzKjYG58DAw0gEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 39F8 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41edd57ce03d00eca0e5aea5d5b2bdf0037ef42d67ed70ec48c5bfeb55f5dc04

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
pagead2.googlesyndication.com/pagead/ Frame 39F8 0
0 40ms
40ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/adview?ai=CzVfemaj7ZbqvM4mG_NUP05aEqAXWwOm_dtPipc7RCsCNtwEQASAAYJUCggEXY2EtcHViLTU1NTQ5MDM2MDE2MjM3MTTIAQmpAs2exV2lU7I-4AIAqAMByAMCqgSrAk_QR8D2jxuv7Y_AQvH515m6N9BVc6IYM1Dz3yBwBOQdFCzZ9EJF-XG-N68c-346VpTUw5keSLLAdys2iDvlUMx2Kf2uRPtPV1LdzZodOJGUtR5-ICXvKuH7e6DKrWoIO2A70GLz3UIfRlyXD7bA0mGxRN5wrgKsrF52chqvR6cbikTkzQ95DcSTtgSEGPfUg7gLHoD0Buq7yAmqE7sPoI1IYUJMWQJvsz1HbaXr9zjY4TzeCp9hg6X6ElWdwIL8HJJ67mdFUbMOTP1VSs99FH-8-16lSld7wYlbefPOrwMetBMKJOwPzadpbY9f2JC7k_hQQDHDbGgkVNfEEzMYuI6kfq_4JxPns5n2uzH-IHmNKIFmf30wno-OjuIzopXnh8HjsGahCbwU2tz84AQBgAbx1Jmr76T7w-QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIKAiR4YBwEAEyB-uLgOC_gA06CACAgICAgJQoSL39wTpY26OUi7SEhQOACgH6CwIIAYAMAeINEwi555SLtISFAxUJA78EHVMLAVXQFQGAFwGyFxwKGhIUcHViLTU1NTQ5MDM2MDE2MjM3MTQYmqcV&sigh=_-YuFHlQmrk&uach_m=%5BUACH%5D&cbvp=2&vis=1
Requested by: Host: 82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com
URL: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 7B5F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b1273c6c6050b63577aeeaf6249d9f8ad01424010791ae3e5c89bed2214148e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 el.ashx
ads.travelaudience.com/ Frame BD6F 631 B
754 B 57ms
21ms Image
image/jpeg 35.190.0.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.travelaudience.com/el.ashx?__trackerRequestId=0.3483425570111781&adPos=&ai1=1%3B1000411%3B5%3B1%3B%3B%3B0%3B-1%3B%3B%3B%3B7sOMk32o1KNqb38Y2MsA0w%3D%3D%3B60015625%3B999%252c1%3B%3B%3B2%3B4%3B50000055%3B7sOMk32o1KNqb38Y2MsA0w%3D%3D%3BEUR%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B70020435%3BmDJKP3eIwjuIjdUSMoRdiSzJaO_69jUs7duCQA%3BEUR%3B2%3B%3B%3B%3B%3B0%3B%3B&aid=&an=&ask=&at=1&bc=1&bd=bidder-rtb-production-74ddfd7fdb-5nm8t&bnr=0&brq=mDJKP3eIwjuIjdUSMoRdiSzJaO_69jUs7duCQA&di=&did=-1&dnt=&dv=1&ed=&ev=ic&fm=300x250&gcpm=2427357&gctr=&ia=0&id5Decr=&id5Encr=&id5PID=&id5Src=&iid=&ilt=&ir=0&ld=&mai=&mat=1&mid=&na=&no=&oo=&pb=90000&pos_old=&rg=1&rts=&salt=01&sc=&site=correiodoestado.com.br&ssp=0&sv=1&tsf=&ua=&uc=DE&ucy=&uuid=1DCC4190-252F-463C-B9F3-A08EFD17F476&view=&vrt=&vw=&wp=ZfuomQAM17oEvwMJAAELU-Mpd_m3Gv7AT-gd8w
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=1000411.5.0.70020435.0.0..0.DE.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60015625.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTGDdmaj7ZbqvM4mG_NUP05aEqAXWwOm_dtPipc7RCsCNtwEQASAAYJUCggEXY2EtcHViLTU1NTQ5MDM2MDE2MjM3MTTIAQmpAs2exV2lU7I-4AIAqAMByAMCqgSuAk_QR8D2jxuv7Y_AQvH515m6N9BVc6IYM1Dz3yBwBOQdFCzZ9EJF-XG-N68c-346VpTUw5keSLLAdys2iDvlUMx2Kf2uRPtPV1LdzZodOJGUtR5-ICXvKuH7e6DKrWoIO2A70GLz3UIfRlyXD7bA0mGxRN5wrgKsrF52chqvR6cbikTkzQ95DcSTtgSEGPfUg7gLHoD0Buq7yAmqE7sPoI1IYUJMWQJvsz1HbaXr9zjY4TzeCp9hg6X6ElWdwIL8HJJ67mdFUbMOTP1VSs99FH-8-16lSld7wYlbefPOrwMetBMKJOwPzadpbY9f2JC7k_hQQDHDbGgkVNfEEzMYuI6kfq_4J1HlkgtkFd73v5a4o1lszo07tIUjhMwrDggnjXAZFkaNESyfLdVj0gR14AQBgAbx1Jmr76T7w-QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIKAiR4YBwEAEyB-uLgOC_gA06CACAgICAgJQoSL39wTpY26OUi7SEhQP6CwIIAYAMAeINEwi555SLtISFAxUJA78EHVMLAVXQFQGAFwE%26num%3D1%26sig%3DAOD64_3ng_YKQ-v3QsHAv1YsO9G2Dth2mw%26client%3Dca-pub-5554903601623714%26adurl%3D&googlewinningprice=ZfuomQAM17oEvwMJAAELU-Mpd_m3Gv7AT-gd8w&wpc=EUR&site=correiodoestado.com.br&slotvisibility=1&gcpm=2427357&gpos=1&bidder=bidder-rtb-production-74ddfd7fdb-5nm8t&dv=1&uuid=&suid=&idv=&brq=mDJKP3eIwjuIjdUSMoRdiSzJaO_69jUs7duCQA&ssp_id=0&l=pt&ts=1710991513&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=NH-h0Pp9DjTYN_Jj1Ig7q-xOgLpEW53ZLqxDnieqO1k=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.0.190.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: 25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
content-encoding: gzip
x-engine-version: 0.0.0
via: 1.1 google
server: nginx/1.21.6
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
content-type: image/jpeg
x-host: tde-deliveryengine-production-86d8d8dc57-4gngn
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 300x250_Dubai_Family_DE.gif
static.travelaudience.com/img/import/Dubai_DMO/Family/DE/ Frame BD6F 184 KB
184 KB 57ms
7ms Image
image/gif 35.244.170.237
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.travelaudience.com/img/import/Dubai_DMO/Family/DE/300x250_Dubai_Family_DE.gif
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=1000411.5.0.70020435.0.0..0.DE.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60015625.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTGDdmaj7ZbqvM4mG_NUP05aEqAXWwOm_dtPipc7RCsCNtwEQASAAYJUCggEXY2EtcHViLTU1NTQ5MDM2MDE2MjM3MTTIAQmpAs2exV2lU7I-4AIAqAMByAMCqgSuAk_QR8D2jxuv7Y_AQvH515m6N9BVc6IYM1Dz3yBwBOQdFCzZ9EJF-XG-N68c-346VpTUw5keSLLAdys2iDvlUMx2Kf2uRPtPV1LdzZodOJGUtR5-ICXvKuH7e6DKrWoIO2A70GLz3UIfRlyXD7bA0mGxRN5wrgKsrF52chqvR6cbikTkzQ95DcSTtgSEGPfUg7gLHoD0Buq7yAmqE7sPoI1IYUJMWQJvsz1HbaXr9zjY4TzeCp9hg6X6ElWdwIL8HJJ67mdFUbMOTP1VSs99FH-8-16lSld7wYlbefPOrwMetBMKJOwPzadpbY9f2JC7k_hQQDHDbGgkVNfEEzMYuI6kfq_4J1HlkgtkFd73v5a4o1lszo07tIUjhMwrDggnjXAZFkaNESyfLdVj0gR14AQBgAbx1Jmr76T7w-QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIKAiR4YBwEAEyB-uLgOC_gA06CACAgICAgJQoSL39wTpY26OUi7SEhQP6CwIIAYAMAeINEwi555SLtISFAxUJA78EHVMLAVXQFQGAFwE%26num%3D1%26sig%3DAOD64_3ng_YKQ-v3QsHAv1YsO9G2Dth2mw%26client%3Dca-pub-5554903601623714%26adurl%3D&googlewinningprice=ZfuomQAM17oEvwMJAAELU-Mpd_m3Gv7AT-gd8w&wpc=EUR&site=correiodoestado.com.br&slotvisibility=1&gcpm=2427357&gpos=1&bidder=bidder-rtb-production-74ddfd7fdb-5nm8t&dv=1&uuid=&suid=&idv=&brq=mDJKP3eIwjuIjdUSMoRdiSzJaO_69jUs7duCQA&ssp_id=0&l=pt&ts=1710991513&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=NH-h0Pp9DjTYN_Jj1Ig7q-xOgLpEW53ZLqxDnieqO1k=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.170.237 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 237.170.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5be8e22106715ad507de3e48fa79d1b4a86e22d0b1dbaa2a90144fe7f6149c7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:19:13 GMT
age: 361
x-guploader-uploadid: ABPtcPpvvVOdvUgE4kSqkYcOI_cwmfSYCXQPo7jAmvlmgzOBT78WsizJloyTo51d_wkgWd5FcCM
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 188295
last-modified: Wed, 17 Jan 2024 09:11:02 GMT
server: UploadServer
etag: "e2f463f40efdc32fbfd26685d0f4882e"
vary: Origin
x-goog-generation: 1705482662298320
x-goog-hash: crc32c=cwDGsg==, md5=4vRj9A79wy+/0maF0PSILg==
content-type: image/gif
cache-control: public, max-age=3600
x-goog-stored-content-length: 188295
accept-ranges: bytes
expires: Thu, 21 Mar 2024 04:19:13 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/travel198849194933/ Frame BD6F 335 KB
113 KB 37ms
7ms Script
application/x-javascript 184.28.89.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/travel198849194933/moatad.js
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=1000411.5.0.70020435.0.0..0.DE.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60015625.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTGDdmaj7ZbqvM4mG_NUP05aEqAXWwOm_dtPipc7RCsCNtwEQASAAYJUCggEXY2EtcHViLTU1NTQ5MDM2MDE2MjM3MTTIAQmpAs2exV2lU7I-4AIAqAMByAMCqgSuAk_QR8D2jxuv7Y_AQvH515m6N9BVc6IYM1Dz3yBwBOQdFCzZ9EJF-XG-N68c-346VpTUw5keSLLAdys2iDvlUMx2Kf2uRPtPV1LdzZodOJGUtR5-ICXvKuH7e6DKrWoIO2A70GLz3UIfRlyXD7bA0mGxRN5wrgKsrF52chqvR6cbikTkzQ95DcSTtgSEGPfUg7gLHoD0Buq7yAmqE7sPoI1IYUJMWQJvsz1HbaXr9zjY4TzeCp9hg6X6ElWdwIL8HJJ67mdFUbMOTP1VSs99FH-8-16lSld7wYlbefPOrwMetBMKJOwPzadpbY9f2JC7k_hQQDHDbGgkVNfEEzMYuI6kfq_4J1HlkgtkFd73v5a4o1lszo07tIUjhMwrDggnjXAZFkaNESyfLdVj0gR14AQBgAbx1Jmr76T7w-QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIKAiR4YBwEAEyB-uLgOC_gA06CACAgICAgJQoSL39wTpY26OUi7SEhQP6CwIIAYAMAeINEwi555SLtISFAxUJA78EHVMLAVXQFQGAFwE%26num%3D1%26sig%3DAOD64_3ng_YKQ-v3QsHAv1YsO9G2Dth2mw%26client%3Dca-pub-5554903601623714%26adurl%3D&googlewinningprice=ZfuomQAM17oEvwMJAAELU-Mpd_m3Gv7AT-gd8w&wpc=EUR&site=correiodoestado.com.br&slotvisibility=1&gcpm=2427357&gpos=1&bidder=bidder-rtb-production-74ddfd7fdb-5nm8t&dv=1&uuid=&suid=&idv=&brq=mDJKP3eIwjuIjdUSMoRdiSzJaO_69jUs7duCQA&ssp_id=0&l=pt&ts=1710991513&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=NH-h0Pp9DjTYN_Jj1Ig7q-xOgLpEW53ZLqxDnieqO1k=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.89.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-89-220.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: bf880647b736f1922d55d9223da08fdce304be1649fd1d6665d2fb2d694b3394

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Thu, 21 Mar 2024 03:25:14 GMT
last-modified: Wed, 28 Feb 2024 12:15:16 GMT
server: AmazonS3
x-amz-request-id: P9N8PH8SBWNF70K3
etag: "4bbb31f7f93e96a25478c96585055b8c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43960
accept-ranges: bytes
content-length: 115786
x-amz-id-2: XfMuQ3eOGld10g1dLNCcNZExcEN6r187viBv0NDrES6i3meoZ6jtjvz171UdAvWf7BmHlcBh9nQ=

GET
H2 200 creative.js Show response
ads.travelaudience.com/js/ Frame BD6F 56 KB
20 KB 97ms
72ms Script
application/javascript 35.190.0.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.travelaudience.com/js/creative.js?version=0.0.0
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=1000411.5.0.70020435.0.0..0.DE.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60015625.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTGDdmaj7ZbqvM4mG_NUP05aEqAXWwOm_dtPipc7RCsCNtwEQASAAYJUCggEXY2EtcHViLTU1NTQ5MDM2MDE2MjM3MTTIAQmpAs2exV2lU7I-4AIAqAMByAMCqgSuAk_QR8D2jxuv7Y_AQvH515m6N9BVc6IYM1Dz3yBwBOQdFCzZ9EJF-XG-N68c-346VpTUw5keSLLAdys2iDvlUMx2Kf2uRPtPV1LdzZodOJGUtR5-ICXvKuH7e6DKrWoIO2A70GLz3UIfRlyXD7bA0mGxRN5wrgKsrF52chqvR6cbikTkzQ95DcSTtgSEGPfUg7gLHoD0Buq7yAmqE7sPoI1IYUJMWQJvsz1HbaXr9zjY4TzeCp9hg6X6ElWdwIL8HJJ67mdFUbMOTP1VSs99FH-8-16lSld7wYlbefPOrwMetBMKJOwPzadpbY9f2JC7k_hQQDHDbGgkVNfEEzMYuI6kfq_4J1HlkgtkFd73v5a4o1lszo07tIUjhMwrDggnjXAZFkaNESyfLdVj0gR14AQBgAbx1Jmr76T7w-QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIKAiR4YBwEAEyB-uLgOC_gA06CACAgICAgJQoSL39wTpY26OUi7SEhQP6CwIIAYAMAeINEwi555SLtISFAxUJA78EHVMLAVXQFQGAFwE%26num%3D1%26sig%3DAOD64_3ng_YKQ-v3QsHAv1YsO9G2Dth2mw%26client%3Dca-pub-5554903601623714%26adurl%3D&googlewinningprice=ZfuomQAM17oEvwMJAAELU-Mpd_m3Gv7AT-gd8w&wpc=EUR&site=correiodoestado.com.br&slotvisibility=1&gcpm=2427357&gpos=1&bidder=bidder-rtb-production-74ddfd7fdb-5nm8t&dv=1&uuid=&suid=&idv=&brq=mDJKP3eIwjuIjdUSMoRdiSzJaO_69jUs7duCQA&ssp_id=0&l=pt&ts=1710991513&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=NH-h0Pp9DjTYN_Jj1Ig7q-xOgLpEW53ZLqxDnieqO1k=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.0.190.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: 42cf93814890dafbe9fe325e92f26b963793cee6b9ed106ff78f47717c5134d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: public
date: Thu, 21 Mar 2024 03:25:14 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 20 Mar 2024 14:27:34 GMT
server: nginx/1.21.6
etag: W/"65faf256-e1ba"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=86400, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Mar 2024 03:25:14 GMT

GET
H3 200 adview
pagead2.googlesyndication.com/pagead/ Frame 7B5F 0
0 41ms
41ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/adview?ai=Cd4V-maj7ZZq0M4mG_NUP05aEqAXJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTU1NDkwMzYwMTYyMzcxNMgBCakCzZ7FXaVTsj7gAgCoAwHIAwKqBK4CT9CGOZZZjngH9yD9leF6L7ujyL_z0nlkzUsNORT6crrNtF6VSUnKdgaFgKw06i-oWauvkTm_59eMWbsC-gv89lEv_6W3JtyVxsQ3zMC2v5tcXfrgtwcg1oo8dIlQS4bKNJD-nopgaPbbdoTXMMkMKrt2xbqe594IBgp4LK_oJXtLTKQS83pAepNU4_MqQf14O14fLurjAhbJLvLg92tzPBqD_Y-3FSYubt00CQkDrvvhNOzXYb6fkfGukoyJ7kftljhcnZkAygvagodnkmDfv00lvLCQxNwBXtmd0TcCVNXHWPIjZmSlrx4fmlfr4iza2EXmHyvJFYEBttfO1abGwvZPMak_8MtBx12qbx7L3UnDN2fSzWL5a6EDRUdgxIP4QQWc4EwAo_hbNxu9yVfgBAGABpSdn4jlqdXJtQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggoCJHhgHAQATIH64uA4L-ADToIAICAgICAlChIvf3BOljbo5SLtISFA4AKAfoLAggBgAwB4g0TCL3nlIu0hIUDFQkDvwQdUwsBVdAVAYAXAbIXHAoaEhRwdWItNTU1NDkwMzYwMTYyMzcxNBiapxU&sigh=_WpVYpUNxlQ&uach_m=%5BUACH%5D&cbvp=2&vis=1
Requested by: Host: 82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com
URL: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 7B5F 0
126 B 94ms
20ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=m-z_GMc1rAL6AZ2DYgICAAAAezdZ8xEWpV8w7PXrW2fNARCZqPtlMMgs_B_d_C1ssAAAEgAACgpBUVVCRHdFQkR3MSK9SznRVLXpEfsFJL8_PA&wp=ZfuomQAM2hoEvwMJAAELU_bl_ZjmW6lH765wcQ&cbvp=2

Requested by

Host: 82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com
URL: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 146624
server: Kestrel
content-length: 0

GET
H2 200 lead-tracking.min.js Show response
d335luupugsy2.cloudfront.net/js/lead-tracking/stable/ 2 KB
1 KB 12ms
11ms Script
application/javascript 52.222.250.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/07312727-7430-4b77-95d5-8569abc18736-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-175.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: VK74Y_629OBaxeWwwoiBIyYa.m4SxWD5
content-encoding: gzip
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
date: Wed, 20 Mar 2024 03:45:36 GMT
last-modified: Mon, 17 Aug 2020 12:56:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 85179
etag: W/"361325c86c17ebc03ff0f4d88d267a83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: wdtpJxK0FvND9Kdxaoh-4C18Ze3p1hiv9cT_MB0nAcGovSkzq-y-2w==

GET
H2 200 traffic-source-cookie.min.js Show response
d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/ 2 KB
1 KB 12ms
12ms Script
application/javascript 52.222.250.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/07312727-7430-4b77-95d5-8569abc18736-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-175.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d92be1f6d97a323320191dfed0c85aaa581ef050be1ae22e20a4ae007bcee5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: QfrmjXJN9imPm0CvR.Kk8uxg0RnubrVf
content-encoding: gzip
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
date: Wed, 20 Mar 2024 21:47:41 GMT
last-modified: Mon, 09 Jan 2023 17:04:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 20254
x-amz-server-side-encryption: AES256
etag: W/"dae3ed517b23abad11d0bd6b79f24080"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: O7gc9KIlbMjG5HsrT5a4mQonk8jaHxRa8yuWxqfU974rnVPXH3N2qA==

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 639E 2 KB
1 KB 40ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZfuomQAM2hoEvwMJAAELU_bl_ZjmW6lH765wcQ&u=%7C6blkxjPQaN74TtOfMThcLIyhtmAwYFxHPF17LzPC940%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqDI9CrYEs2a5ZhFQbylTFRJylyMHiQnRW9UMMt-GH83vF3umFfnehlVrp4KkE7DC9I2kiOP39zGMPwWF6e2xczFmSVWg6I2XC8wbq76JAA53sqoNm7bmM50KGQ06jl1opxM1X6XQf4bQNPuB7y_J_dhCOWykCz2-S4Nu6Jp2oUNXHh3t8-WN4B1Haevl1pmAE30PclGbte21U679Da08jU6KzeAIuPiog-1Xtc3ffGaYdUW3rlFAgnx1lbrPyW5zuRvGrplrRBwj8aF8MS8yVWWeoXgYmjpVRQJ2tR_Uf7OedtyGn0XqGG1DCbkBob20PPh0gVFhaA8aL1KlHjeh7p7U6D1z2iUpqVjAGQ7dr9HSonCo469yXqyRn6g4R1Kdx_zp4ToHQKaWcW7lMbHEMMHGH5t3dKkc240pDa4cl55MtNvUg_5W2_nK03dbM3cj_6Ngla1_9UrMI931ZS9-mmeEMkCeu5u0-GIFyYA5E73rfMscb7EUs1AO9zVFrqA6zFiun77Ihg23_XRFckv22qGlIYJDyN4KHjs8XA8VhDIRl-Cy2VyVpFidMF8aJpXo1j4cu654h9BQ5kLrAbYHfRTDdba-MSL_4JVj1hdstkAow&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtHh4maj7ZZq0M4mG_NUP05aEqAXJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNTU1NDkwMzYwMTYyMzcxNMgBCakCzZ7FXaVTsj7gAgCoAwHIAwKqBLECT9CGOZZZjngH9yD9leF6L7ujyL_z0nlkzUsNORT6crrNtF6VSUnKdgaFgKw06i-oWauvkTm_59eMWbsC-gv89lEv_6W3JtyVxsQ3zMC2v5tcXfrgtwcg1oo8dIlQS4bKNJD-nopgaPbbdoTXMMkMKrt2xbqe594IBgp4LK_oJXtLTKQS83pAepNU4_MqQf14O14fLurjAhbJLvLg92tzPBqD_Y-3FSYubt00CQkDrvvhNOzXYb6fkfGukoyJ7kftljhcnZkAygvagodnkmDfv00lvLCQxNwBXtmd0TcCVNXHWPIjZmSlrx4fmlfr4iza2EXmHyvJFYEBttfO1abGwvZPMak_8MtBhV-L_Z5YDXRl50AIQUIQz68kT_Fq6pt69c2hRr6_vdRDr9Ep6b5PMf7gBAGABpSdn4jlqdXJtQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggoCJHhgHAQATIH64uA4L-ADToIAICAgICAlChIvf3BOljbo5SLtISFA_oLAggBgAwB4g0TCL3nlIu0hIUDFQkDvwQdUwsBVdAVAYAXAQ%26num%3D1%26sig%3DAOD64_03D_6Q93S9Qu5g78ReopKB7ZgWJA%26client%3Dca-pub-5554903601623714%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Mar 2025 03:25:14 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 639E 2 KB
1 KB 39ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Mar 2025 03:25:14 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 639E 308 B
636 B 40ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 16 Mar 2025 03:25:14 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 639E 293 B
621 B 40ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 16 Mar 2025 03:25:14 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 639E 43 B
348 B 153ms
14ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=U5CyiZSdAITy1Ulo9HjmEAakjX1edkc3yebAaMrc2WZyyvPXO7z2IJGIHIIiLMX6_oeVF8Y2k95dpjKGOBndni98MF5UDMnOMsms8Cujz2QioZy7gEZ1TI1U29FzDv0yb0jED_tSzrW6t3xtQMKU6-QqNlMrBrk1GqHVyOH-FUMsmJhiaZSBlyI4FMQiiiD3g2_47abaIrr24bRiJLIFbq8T3uvtJvNSkcbKV3fRvrIivXroCsZs_ptQD28orPtnCYARFNgloJDfKjuZic63KJ8pWyCIGx9lDLso8koBjxWhPACjt6K3hHdC_zs-_XxmWHw2BKjfwB7leCf2QAzBi-xaT-NYMnffo-pIULnR5-1mRcoGaPThLnXpE9kvTfzvokPGi1mUl6joS6HVfcYLAIxJpE2lrYfN8a8LdvIBctU8CDOstnLSIyhO-ANBDYuZSsaXiA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:25:14 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1769651
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 n.js Show response
mb.moatads.com/ Frame BD6F 98 B
276 B 131ms
31ms Script
text/html 132.226.214.62
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/n.js?e=35&ol=3420983584&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t7RZ.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M3%3C%2C%7BK%24t!.xPmej%24le31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wkPxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-AAEDDJRIqioP6g%3D%3D&sc=1&os=1-jg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TRAVELAUDIENCE_DISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2F82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com&lp=https%3A%2F%2Fcorreiodoestado.com.br&t=1710991514540&de=434896145372&m=0&ar=b14f40e8f24-clean&iw=fad0310&q=2&cb=0&ym=0&cu=1710991514540&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=1000411%3A50000055%3A60015625%3A70020435&zMoatSSP=0&zMoatDeal=-1&zMoatSubdomain=correiodoestado.com.br&zMoatIMPID=mDJKP3eIwjuIjdUSMoRdiSzJaO_69jUs7duCQA&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcorreiodoestado.com.br&id=0&ii=2&bo=82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com&bd=300x250&zMoatOrigSlicer1=82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com&zMoatOrigSlicer2=300x250&zMoatDomain=correiodoestado.com.br&gw=travel198849194933&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jk=-1&jm=-1&fs=207200&na=923008284&cs=0&ord=1710991514540&jv=953301304&callback=DOMlessLLDcallback_54336709
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/travel198849194933/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 132.226.214.62 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: ab91bd06ebcc862c60c8002c7127034a667edd798617a2902d4c6e9beff19a1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
server: istio-envoy
etag: "3ebedb80c8764cb90b4588b72477b523fee38a65"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 8
timing-allow-origin: *
content-length: 98

GET
H2 200 pixel.gif
px.moatads.com/ Frame BD6F 43 B
251 B 14ms
6ms Image
image/gif 184.28.89.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=TRAVELAUDIENCE_DISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2F82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com&lp=https%3A%2F%2Fcorreiodoestado.com.br&t=1710991514540&de=434896145372&m=0&ar=b14f40e8f24-clean&iw=fad0310&q=3&cb=0&ym=0&cu=1710991514540&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=1000411%3A50000055%3A60015625%3A70020435&zMoatSSP=0&zMoatDeal=-1&zMoatSubdomain=correiodoestado.com.br&zMoatIMPID=mDJKP3eIwjuIjdUSMoRdiSzJaO_69jUs7duCQA&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcorreiodoestado.com.br&id=0&ii=2&bo=82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com&bd=300x250&zMoatOrigSlicer1=82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com&zMoatOrigSlicer2=300x250&zMoatDomain=correiodoestado.com.br&gw=travel198849194933&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jk=-1&jm=-1&fs=207200&na=1155292030&cs=0
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=1000411.5.0.70020435.0.0..0.DE.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60015625.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTGDdmaj7ZbqvM4mG_NUP05aEqAXWwOm_dtPipc7RCsCNtwEQASAAYJUCggEXY2EtcHViLTU1NTQ5MDM2MDE2MjM3MTTIAQmpAs2exV2lU7I-4AIAqAMByAMCqgSuAk_QR8D2jxuv7Y_AQvH515m6N9BVc6IYM1Dz3yBwBOQdFCzZ9EJF-XG-N68c-346VpTUw5keSLLAdys2iDvlUMx2Kf2uRPtPV1LdzZodOJGUtR5-ICXvKuH7e6DKrWoIO2A70GLz3UIfRlyXD7bA0mGxRN5wrgKsrF52chqvR6cbikTkzQ95DcSTtgSEGPfUg7gLHoD0Buq7yAmqE7sPoI1IYUJMWQJvsz1HbaXr9zjY4TzeCp9hg6X6ElWdwIL8HJJ67mdFUbMOTP1VSs99FH-8-16lSld7wYlbefPOrwMetBMKJOwPzadpbY9f2JC7k_hQQDHDbGgkVNfEEzMYuI6kfq_4J1HlkgtkFd73v5a4o1lszo07tIUjhMwrDggnjXAZFkaNESyfLdVj0gR14AQBgAbx1Jmr76T7w-QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIKAiR4YBwEAEyB-uLgOC_gA06CACAgICAgJQoSL39wTpY26OUi7SEhQP6CwIIAYAMAeINEwi555SLtISFAxUJA78EHVMLAVXQFQGAFwE%26num%3D1%26sig%3DAOD64_3ng_YKQ-v3QsHAv1YsO9G2Dth2mw%26client%3Dca-pub-5554903601623714%26adurl%3D&googlewinningprice=ZfuomQAM17oEvwMJAAELU-Mpd_m3Gv7AT-gd8w&wpc=EUR&site=correiodoestado.com.br&slotvisibility=1&gcpm=2427357&gpos=1&bidder=bidder-rtb-production-74ddfd7fdb-5nm8t&dv=1&uuid=&suid=&idv=&brq=mDJKP3eIwjuIjdUSMoRdiSzJaO_69jUs7duCQA&ssp_id=0&l=pt&ts=1710991513&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=NH-h0Pp9DjTYN_Jj1Ig7q-xOgLpEW53ZLqxDnieqO1k=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.89.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-89-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:25:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 21 Mar 2024 03:25:14 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 639E 12 KB
6 KB 14ms
14ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Mar 2025 03:25:14 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 639E 9 KB
9 KB 75ms
15ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=76&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F19906%2F5239992%2F48af5100de544feda21bbd14dae69b51_0e31a2f3-ca2f-448f-a66d-451c36ec080e.png&v=3&w=596&rid=4&s=aKXYYihdw2MXqT6aeOz0q431

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

099c5589e9209cf8e32450bdc9bf4275ae60f7b2f35a635a35a756a24f65623f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9306
expires: Sat, 22 Feb 2025 09:16:50 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 639E 60 KB
60 KB 93ms
32ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F19906%2F5360993%2F8b24405bb8414f32bdedaa6cae6a6437_criteo_800x1200.png&v=3&w=1200&rid=4&s=xP-i3chhitYEIhXV4sBAWihn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d9e42ab9266d40399a7538036a6fa25e081c13b5a205d7f661e59669d1bc3aa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 61548
expires: Thu, 13 Mar 2025 15:28:49 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 639E 714 B
928 B 76ms
16ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F11063679_2-202010052355.jpg&v=3&w=400&rid=4&s=MJWP2jM6_lR9rlbqf5kxpblh&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

da13f639054a6677efee21f8b4847ddbc37972b9b9110284c1bbc1c9c4b85514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 714
expires: Sat, 22 Feb 2025 10:13:42 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 639E 6 KB
6 KB 102ms
42ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F12107095_10-202002262236.jpg&v=3&w=400&rid=4&s=PZiqXNLWLkmxtmy9AWGAZt0n&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ed8b066205b49d2cb2423085c2bf454c6abf3ebb755a07ba87dedce3d78c09d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 5638
expires: Sun, 09 Mar 2025 06:10:54 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 639E 3 KB
3 KB 91ms
31ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F41610415_3-202401241238.jpg&v=3&w=400&rid=4&s=xxxeKD6CvX4qmKMiuyBYzfvJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2a36aab4a570d85a844133f77558b2c19c1de9a021a1432098281c681a67dee7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3176
expires: Thu, 20 Feb 2025 15:11:07 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 639E 6 KB
6 KB 88ms
28ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F12113946_8-202108041259.jpg&v=3&w=400&rid=4&s=SDF2TPaNs53ACzmsLm7U17QL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f3e89c400cd4a65ad12d631a1fb4b867312fbf007ab912b3e7fd9477ce06b2db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 5804
expires: Sun, 09 Mar 2025 07:17:30 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 639E 5 KB
5 KB 38ms
37ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F12103249_4-202210211234.jpg&v=3&w=400&rid=4&s=EFBHfDhNvXt2JtaAwqTfUn6L&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

87d79bac2d74953c434cd481d17013900a3cbe50b1fa47d89ca9c9e0fc3b3f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 5030
expires: Thu, 13 Feb 2025 14:31:35 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 639E 2 KB
2 KB 36ms
36ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F10135746_3-201811271501.jpg&v=3&w=400&rid=4&s=hCklvZcynMi9iBSO78hnoi6u&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e5b32f30c9ff12a92bde21bca9ab73e79937e360573a4ec2c8d2715a17a8bab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 2144
expires: Tue, 11 Mar 2025 08:20:49 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 639E 0
128 B 73ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=YxwVgEDG9dqwIym9LQInu9GQtHVI69TMcsyH1KGf5w2SbUeKbbazMN6VqbPMMS8Ao6SiV7sw9pBeFZK_zTg32UXeSlyvhZJ3zbNMHhY_HPgs4i6ZV715CYVXqNFzJTODXaBNEXChHn97uLv-LPuLb6OoRUGofnCeqYT2fumILXCza8RG45jjAlBg6lce2n-4uxHwvnqnyQG05u5jdiJLJ1Bbrx1PQyrHkPgYuNeAPOvM22DADG-3aK9BJCo2TZ-7-inmMQ&sds=2&rev=91270&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 21 Mar 2024 03:25:13 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 639E 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Mar 2025 03:25:14 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 639E 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Mar 2025 03:25:14 GMT

GET
H2 200 js-err
rtb.ads.travelaudience.com/ Frame BD6F 35 B
354 B 25ms
25ms Image
image/gif 35.187.184.108
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.ads.travelaudience.com/js-err?description=Script%20error.&url=&line=0&col=0&parent_url=https%3A%2F%2Frtb.ads.travelaudience.com%2Frtb%3Fads%3D1000411.5.0.70020435.0.0..0.DE.-1..7sOMk32o1KNqb38Y2MsA0w%253D%253D.60015625.OTk5JTJjMQ%3D%3D...7sOMk32o1KNqb38Y2MsA0w%253D%253D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ%3D%3D.2.0%26p%3D90000%26x%3D300%26y%3D250%26click%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCTGDdmaj7ZbqvM4mG_NUP05aEqAXWwOm_dtPipc7RCsCNtwEQASAAYJUCggEXY2EtcHViLTU1NTQ5MDM2MDE2MjM3MTTIAQmpAs2exV2lU7I-4AIAqAMByAMCqgSuAk_QR8D2jxuv7Y_AQvH515m6N9BVc6IYM1Dz3yBwBOQdFCzZ9EJF-XG-N68c-346VpTUw5keSLLAdys2iDvlUMx2Kf2uRPtPV1LdzZodOJGUtR5-ICXvKuH7e6DKrWoIO2A70GLz3UIfRlyXD7bA0mGxRN5wrgKsrF52chqvR6cbikTkzQ95DcSTtgSEGPfUg7gLHoD0Buq7yAmqE7sPoI1IYUJMWQJvsz1HbaXr9zjY4TzeCp9hg6X6ElWdwIL8HJJ67mdFUbMOTP1VSs99FH-8-16lSld7wYlbefPOrwMetBMKJOwPzadpbY9f2JC7k_hQQDHDbGgkVNfEEzMYuI6kfq_4J1HlkgtkFd73v5a4o1lszo07tIUjhMwrDggnjXAZFkaNESyfLdVj0gR14AQBgAbx1Jmr76T7w-QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIKAiR4YBwEAEyB-uLgOC_gA06CACAgICAgJQoSL39wTpY26OUi7SEhQP6CwIIAYAMAeINEwi555SLtISFAxUJA78EHVMLAVXQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3ng_YKQ-v3QsHAv1YsO9G2Dth2mw%2526client%253Dca-pub-5554903601623714%2526adurl%253D%26googlewinningprice%3DZfuomQAM17oEvwMJAAELU-Mpd_m3Gv7AT-gd8w%26wpc%3DEUR%26site%3Dcorreiodoestado.com.br%26slotvisibility%3D1%26gcpm%3D2427357%26gpos%3D1%26bidder%3Dbidder-rtb-production-74ddfd7fdb-5nm8t%26dv%3D1%26uuid%3D%26suid%3D%26idv%3D%26brq%3DmDJKP3eIwjuIjdUSMoRdiSzJaO_69jUs7duCQA%26ssp_id%3D0%26l%3Dpt%26ts%3D1710991513%26uc%3DDE%26at%3D1%26ia%3D0%26mai%3D%26mat%3D1%26ir%3D0%26an%3D%26rg%3D1%26hm%3DNH-h0Pp9DjTYN_Jj1Ig7q-xOgLpEW53ZLqxDnieqO1k%3D

Requested by

Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=1000411.5.0.70020435.0.0..0.DE.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60015625.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTGDdmaj7ZbqvM4mG_NUP05aEqAXWwOm_dtPipc7RCsCNtwEQASAAYJUCggEXY2EtcHViLTU1NTQ5MDM2MDE2MjM3MTTIAQmpAs2exV2lU7I-4AIAqAMByAMCqgSuAk_QR8D2jxuv7Y_AQvH515m6N9BVc6IYM1Dz3yBwBOQdFCzZ9EJF-XG-N68c-346VpTUw5keSLLAdys2iDvlUMx2Kf2uRPtPV1LdzZodOJGUtR5-ICXvKuH7e6DKrWoIO2A70GLz3UIfRlyXD7bA0mGxRN5wrgKsrF52chqvR6cbikTkzQ95DcSTtgSEGPfUg7gLHoD0Buq7yAmqE7sPoI1IYUJMWQJvsz1HbaXr9zjY4TzeCp9hg6X6ElWdwIL8HJJ67mdFUbMOTP1VSs99FH-8-16lSld7wYlbefPOrwMetBMKJOwPzadpbY9f2JC7k_hQQDHDbGgkVNfEEzMYuI6kfq_4J1HlkgtkFd73v5a4o1lszo07tIUjhMwrDggnjXAZFkaNESyfLdVj0gR14AQBgAbx1Jmr76T7w-QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIKAiR4YBwEAEyB-uLgOC_gA06CACAgICAgJQoSL39wTpY26OUi7SEhQP6CwIIAYAMAeINEwi555SLtISFAxUJA78EHVMLAVXQFQGAFwE%26num%3D1%26sig%3DAOD64_3ng_YKQ-v3QsHAv1YsO9G2Dth2mw%26client%3Dca-pub-5554903601623714%26adurl%3D&googlewinningprice=ZfuomQAM17oEvwMJAAELU-Mpd_m3Gv7AT-gd8w&wpc=EUR&site=correiodoestado.com.br&slotvisibility=1&gcpm=2427357&gpos=1&bidder=bidder-rtb-production-74ddfd7fdb-5nm8t&dv=1&uuid=&suid=&idv=&brq=mDJKP3eIwjuIjdUSMoRdiSzJaO_69jUs7duCQA&ssp_id=0&l=pt&ts=1710991513&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=NH-h0Pp9DjTYN_Jj1Ig7q-xOgLpEW53ZLqxDnieqO1k=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.187.184.108 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

108.184.187.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://rtb.ads.travelaudience.com/rtb?ads=1000411.5.0.70020435.0.0..0.DE.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60015625.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTGDdmaj7ZbqvM4mG_NUP05aEqAXWwOm_dtPipc7RCsCNtwEQASAAYJUCggEXY2EtcHViLTU1NTQ5MDM2MDE2MjM3MTTIAQmpAs2exV2lU7I-4AIAqAMByAMCqgSuAk_QR8D2jxuv7Y_AQvH515m6N9BVc6IYM1Dz3yBwBOQdFCzZ9EJF-XG-N68c-346VpTUw5keSLLAdys2iDvlUMx2Kf2uRPtPV1LdzZodOJGUtR5-ICXvKuH7e6DKrWoIO2A70GLz3UIfRlyXD7bA0mGxRN5wrgKsrF52chqvR6cbikTkzQ95DcSTtgSEGPfUg7gLHoD0Buq7yAmqE7sPoI1IYUJMWQJvsz1HbaXr9zjY4TzeCp9hg6X6ElWdwIL8HJJ67mdFUbMOTP1VSs99FH-8-16lSld7wYlbefPOrwMetBMKJOwPzadpbY9f2JC7k_hQQDHDbGgkVNfEEzMYuI6kfq_4J1HlkgtkFd73v5a4o1lszo07tIUjhMwrDggnjXAZFkaNESyfLdVj0gR14AQBgAbx1Jmr76T7w-QBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIKAiR4YBwEAEyB-uLgOC_gA06CACAgICAgJQoSL39wTpY26OUi7SEhQP6CwIIAYAMAeINEwi555SLtISFAxUJA78EHVMLAVXQFQGAFwE%26num%3D1%26sig%3DAOD64_3ng_YKQ-v3QsHAv1YsO9G2Dth2mw%26client%3Dca-pub-5554903601623714%26adurl%3D&googlewinningprice=ZfuomQAM17oEvwMJAAELU-Mpd_m3Gv7AT-gd8w&wpc=EUR&site=correiodoestado.com.br&slotvisibility=1&gcpm=2427357&gpos=1&bidder=bidder-rtb-production-74ddfd7fdb-5nm8t&dv=1&uuid=&suid=&idv=&brq=mDJKP3eIwjuIjdUSMoRdiSzJaO_69jUs7duCQA&ssp_id=0&l=pt&ts=1710991513&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=NH-h0Pp9DjTYN_Jj1Ig7q-xOgLpEW53ZLqxDnieqO1k=
Origin: https://rtb.ads.travelaudience.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
access-control-allow-methods: GET
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
access-control-allow-origin: https://rtb.ads.travelaudience.com
content-type: image/gif

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 21ms
21ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202403140101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03bc083e9ce9a80e896b903c65545bfa8877d931fbb3a92379b7329b0173cb69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12252
x-xss-protection: 0

POST
H2 200 send Show response
pageview-notify.rdstation.com.br/ 36 B
622 B 392ms
124ms XHR
text/html 35.223.116.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pageview-notify.rdstation.com.br/send

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.223.116.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.116.223.35.bc.googleusercontent.com

Software

Resource Hash

86c0d1062a4428ff4adbf17b0216b43597637b6f46b0266c22c18030608d7107

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 21 Mar 2024 03:25:15 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html;charset=utf-8
access-control-allow-origin: https://correiodoestado.com.br
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: *, Content-Type, Accept, AUTHORIZATION, Cache-Control
content-length: 36
x-xss-protection: 1; mode=block

POST
H2 200 ingest.php
events.newsroom.bi/ 2 B
786 B 18ms
17ms Ping
application/json 57.128.96.95
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=4189
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.128.96.95 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy07.cl11.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://correiodoestado.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Mar 2024 03:25:14 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2D82 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 30319
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 18:59:55 GMT
expires: Thu, 20 Mar 2025 18:59:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2D82 40 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 22:03:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15865
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 22:03:19 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2D82 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?VwoGcw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 03:25:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 rdstation-popup.min.js Show response
d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/ 202 KB
56 KB 9ms
8ms Script
application/javascript 52.222.250.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/07312727-7430-4b77-95d5-8569abc18736-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-175.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 225343440217a5d22f3877ec17dc7ee6d830ee741a47228cfd1781362ad00474

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: p5CvNmBR8Hi2L2KZd2nEga.lokO16FDg
content-encoding: gzip
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
date: Wed, 20 Mar 2024 20:22:52 GMT
last-modified: Mon, 29 Jan 2024 17:45:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 25342
x-amz-server-side-encryption: AES256
etag: "ebe3e4ed1116d2f30c297f590cf2bfc7"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 56869
x-amz-cf-id: h4-PUAfIp325fJP12sPOmtqGVNDXiM72LpaksDs30pxs7xguiWFlng==

GET
H2 200 rd-js-integration.min.js Show response
d335luupugsy2.cloudfront.net/js/integration/stable/ 13 KB
5 KB 15ms
14ms Script
application/javascript 52.222.250.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/integration/stable/rd-js-integration.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/07312727-7430-4b77-95d5-8569abc18736-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-175.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f98dd5a52d1b5eae7b5846936ae0ebbddc0a10466d818706696144157d207d0b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 19:40:05 GMT
content-encoding: gzip
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-amz-version-id: Ue47Arb7o21QIXzXdR.6SzkIvhr7p6iy
x-amz-cf-pop: FRA60-P3
age: 27910
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4699
last-modified: Wed, 29 Mar 2023 14:00:58 GMT
server: AmazonS3
etag: "1f7cabf79794bdf27abc546d74059ded"
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, must-revalidate
accept-ranges: bytes
x-amz-cf-id: dTfDwY23IjnzPPmqntaQ6kx1e7nCSNpgdve-zjOixL3378YWVw4aZQ==

GET
H2 200 show.json Show response
popups.rdstation.com.br/popup/ 13 B
248 B 423ms
138ms XHR
application/json 34.68.90.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://popups.rdstation.com.br/popup/show.json?account_id=241031&uniq=_qeb88fzyi&ref=aHR0cHM6Ly9jb3JyZWlvZG9lc3RhZG8uY29tLmJyLw%3D%3D

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.68.90.188 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

188.90.68.34.bc.googleusercontent.com

Software

Resource Hash

96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=7776000
date: Thu, 21 Mar 2024 03:25:15 GMT
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: upgrade-insecure-requests; default-src 'self' https: data: wss: 'unsafe-inline' 'unsafe-eval';
x-frame-options: sameorigin
content-type: application/json
access-control-allow-origin: *
content-length: 13

GET
H2 200 pixel.gif
travel198849194933.s.moatpixel.com/ Frame BD6F 43 B
251 B 63ms
9ms Image
image/gif 23.32.101.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=138&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=correiodoestado.com.br&L1id=1000411&L2id=50000055&L3id=60015625&L4id=70020435&S1id=82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com&S2id=300x250&ord=1710991514540&r=434896145372&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatSubdomain=correiodoestado.com.br&zMoatIMPID=mDJKP3eIwjuIjdUSMoRdiSzJaO_69jUs7duCQA&bedc=1&nosend&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.101.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-101-205.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:25:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 21 Mar 2024 03:25:15 GMT

GET
H2 200 pixel.gif
travel198849194933.s.moatpixel.com/ Frame BD6F 43 B
251 B 61ms
7ms Image
image/gif 23.32.101.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=138&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=correiodoestado.com.br&L1id=1000411&L2id=50000055&L3id=60015625&L4id=70020435&S1id=82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com&S2id=300x250&ord=1710991514540&r=434896145372&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatSubdomain=correiodoestado.com.br&zMoatIMPID=mDJKP3eIwjuIjdUSMoRdiSzJaO_69jUs7duCQA&bedc=1&nosend&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.101.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-101-205.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:25:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 21 Mar 2024 03:25:15 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame BD6F 43 B
251 B 7ms
6ms Image
image/gif 184.28.89.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fstatic.travelaudience.com%2Fimg%2Fimport%2FDubai_DMO%2FFamily%2FDE%2F300x250_Dubai_Family_DE.gif&i=TRAVELAUDIENCE_DISPLAY1&ol=3420983584&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t7RZ.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M3%3C%2C%7BK%24t!.xPmej%24le31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wkPxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-AAEDDJRIqioP6g%3D%3D&sc=1&os=1-jg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcorreiodoestado.com.br&id=0&ii=2&f=1&j=https%3A%2F%2F82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com&lp=https%3A%2F%2Fcorreiodoestado.com.br&t=1710991514540&de=434896145372&cu=1710991514540&m=563&ar=b14f40e8f24-clean&iw=fad0310&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lf=132&lg=1&lh=13&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A305%3A305%3A426%3A330&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=138&cd=0&ah=138&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=1000411%3A50000055%3A60015625%3A70020435&bo=82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com&bd=300x250&gw=travel198849194933&zMoatOrigSlicer1=82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com&zMoatOrigSlicer2=300x250&zMoatDomain=correiodoestado.com.br&zMoatSubdomain=correiodoestado.com.br&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=mDJKP3eIwjuIjdUSMoRdiSzJaO_69jUs7duCQA&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=2&jm=-1&tc=0&fs=207200&na=918880544&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.89.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-89-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:25:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 21 Mar 2024 03:25:15 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame BD6F 43 B
251 B 7ms
7ms Image
image/gif 184.28.89.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=3420983584&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t7RZ.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M3%3C%2C%7BK%24t!.xPmej%24le31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wkPxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-AAEDDJRIqioP6g%3D%3D&sc=1&os=1-jg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcorreiodoestado.com.br&id=0&ii=2&f=1&j=https%3A%2F%2F82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com&lp=https%3A%2F%2Fcorreiodoestado.com.br&t=1710991514540&de=434896145372&cu=1710991514540&m=614&ar=b14f40e8f24-clean&iw=fad0310&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lf=132&lg=1&lh=13&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A305%3A305%3A426%3A330&aa=0&ad=31&cn=0&gk=31&gl=0&ik=31&ic=31&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=138&cd=138&ah=138&am=138&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=1000411%3A50000055%3A60015625%3A70020435&bo=82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com&bd=300x250&gw=travel198849194933&zMoatOrigSlicer1=82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com&zMoatOrigSlicer2=300x250&zMoatDomain=correiodoestado.com.br&zMoatSubdomain=correiodoestado.com.br&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=mDJKP3eIwjuIjdUSMoRdiSzJaO_69jUs7duCQA&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=2&jm=-1&tc=0&fs=207200&na=1806864849&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.89.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-89-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:25:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 21 Mar 2024 03:25:15 GMT

GET
H2 200 pixel.gif
travel198849194933.s.moatpixel.com/ Frame BD6F 43 B
251 B 12ms
8ms Image
image/gif 23.32.101.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=31&fi=1&apd=200&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=correiodoestado.com.br&L1id=1000411&L2id=50000055&L3id=60015625&L4id=70020435&S1id=82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com&S2id=300x250&ord=1710991514540&r=434896145372&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatSubdomain=correiodoestado.com.br&zMoatIMPID=mDJKP3eIwjuIjdUSMoRdiSzJaO_69jUs7duCQA&bedc=1&nosend&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.101.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-101-205.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:25:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 21 Mar 2024 03:25:15 GMT

GET
H2 200 pixel.gif
travel198849194933.s.moatpixel.com/ Frame BD6F 43 B
251 B 14ms
9ms Image
image/gif 23.32.101.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=31&fi=1&apd=200&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=correiodoestado.com.br&L1id=1000411&L2id=50000055&L3id=60015625&L4id=70020435&S1id=82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com&S2id=300x250&ord=1710991514540&r=434896145372&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatSubdomain=correiodoestado.com.br&zMoatIMPID=mDJKP3eIwjuIjdUSMoRdiSzJaO_69jUs7duCQA&bedc=1&nosend&q=4&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.101.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-101-205.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:25:15 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 21 Mar 2024 03:25:15 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 405E 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvXfDhYbiIRQGhURD-rXgJUXgYaLHzQYifGMDAv1XseIZTN4L5XPoUfcS1DemLCtdF0OZEEgPuqFxpz0Jc0ZprQSu_9ZgMu6HsEFYJoVYnybLy2oVCYkCSi8dFI3Us32yEsS7PZSLZFKPTZ84ObqmcdqjRTlH0QcjkX9xyz&sig=Cg0ArKJSzNuOYiCTtaO8EAE&id=lidar2&mcvt=1000&p=251,315,501,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240320&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4068051353&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=692431400&rst=1710991514257&rpt=123&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 39ms
39ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202403140101&jk=331617907180490&bg=!bm2lbSLNAAZaswqNerM7ADQBe5WfOEI6QKl84d2-s4JRkWCNIijWvKncHOTWvictWwsfEdqQ5XwGWYP8xQiWMzDSYVl8AgAAADBSAAAAAmgBB34ANTScEOp603IeBq6Ek8x2rVjEI1KMnRed0yxaBjZOJtwvGVLavZoz3iGl5F-piN3jr4Xv7haBmQJtNyXo31RwDQbexP02dlRHnOnay0Eh_GFaA7s1-AsOIlPOScRtpDik5b3rK-r96TYBjaRdY86aXCSejKz8jQBsNAebHIhoONddAIrIkhGSKuUKdhXVEQEsjp15z9e6BOi5NioT35T0nnHlDUQd9UlPKB17JGtSFvdJXjWLAPDgisdwZBK6WUQ4JFdvKrglWKeqZ604HtpSiM3dtWC94hMoB1XwvF5dbAw4XHmwVu5mh1vHXnvM-_ZKjd0uooAZsT_EinENjQIBm9qQ6bXSHd35Gk5gFE4Fb-u17vs1_o8M4lvZkRMmQpytaDLpviCK86Rmo8sGKS1zg0wLqHePbIBr_axg4VU-V-7uzQrHgGY48G7ERRXLJi-gDqgJdB4PtF5MQpH2_HlupJOxmKIIY5VTCaIibz8afFVUIyOVlMfjlLcAe-vYeRGT46ORVKT2zvFDILeQJ2N4TqEYmGK_dPwl1-Lpv__x69_I5HW1glPSR-OLEbxY0c3a404_JV_UnBhXUN8JGOJ8SljNri5PdBtMQvSKcQ8tIUFYEXt0A7NCwzQGWLGk9rTGYPSgk3EGjKFix9dJ7uUS0-vsSH0SccDCJBwzsjygYm1E7A0x8iyAAT5ZULJmTvo74nloe0Zn82wjEfbPlMnRW-D_dTXXsDLHTQ3ri5aIWp26cT9mfG5PXy0G26NAX6M5SudhbMyc21xsQw45DvJR1ZOttCS-Z4TAhh3VGS87TGdkk95xxboY13YS0sYSNMY8_qdFrVhhitRJ1BRpsb8IneQdkhCIMzlauQie0yqsj4hzjGAHVD3nYZsgfnkR1GzjA9p8p_YK
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 39F8 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwhLe7Jl2P3kYVItouyzyHBibsvxEQiJtuqY35hVPgKqtcrbMbUD1jls5M5yk4bNRRuOT15LgeBQyNz40Osk8UHYnFljeO-SF_i772k86FteUfnXrh3nszuc_oZzUYTyeRzZdrpXDEKIvD&sig=Cg0ArKJSzOIIQPkAPAbrEAE&id=lidar2&mcvt=1000&p=531,1130,781,1430&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=594300009&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=692431400&rst=1710991514220&rpt=207&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:25:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame BD6F 43 B
251 B 7ms
7ms Image
image/gif 184.28.89.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=3420983584&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t7RZ.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M3%3C%2C%7BK%24t!.xPmej%24le31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wkPxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-AAEDDJRIqioP6g%3D%3D&sc=1&os=1-jg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcorreiodoestado.com.br&id=0&ii=2&f=1&j=https%3A%2F%2F82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com&lp=https%3A%2F%2Fcorreiodoestado.com.br&t=1710991514540&de=434896145372&cu=1710991514540&m=1619&ar=b14f40e8f24-clean&iw=fad0310&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lf=132&lg=1&lh=13&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A305%3A305%3A426%3A330&aa=1&ad=1036&cn=31&gn=1&gk=1036&gl=31&ik=1036&ic=1036&ez=1&co=1036&cp=1005&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1005&cd=138&ah=1005&am=138&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=1000411%3A50000055%3A60015625%3A70020435&bo=82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com&bd=300x250&gw=travel198849194933&zMoatOrigSlicer1=82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com&zMoatOrigSlicer2=300x250&zMoatDomain=correiodoestado.com.br&zMoatSubdomain=correiodoestado.com.br&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=mDJKP3eIwjuIjdUSMoRdiSzJaO_69jUs7duCQA&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=207200&na=1937063712&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.89.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-89-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:25:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 21 Mar 2024 03:25:16 GMT

GET
H2 200 pixel.gif
travel198849194933.s.moatpixel.com/ Frame BD6F 43 B
251 B 8ms
8ms Image
image/gif 23.32.101.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1005&tet=1036&fi=1&apd=1205&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=correiodoestado.com.br&L1id=1000411&L2id=50000055&L3id=60015625&L4id=70020435&S1id=82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com&S2id=300x250&ord=1710991514540&r=434896145372&t=iv&os=1&fi2=0&div1=1&ait=0&zMoatSubdomain=correiodoestado.com.br&zMoatIMPID=mDJKP3eIwjuIjdUSMoRdiSzJaO_69jUs7duCQA&bedc=1&nosend&q=5&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.101.205 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-101-205.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:25:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 21 Mar 2024 03:25:16 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame BD6F 43 B
251 B 7ms
7ms Image
image/gif 184.28.89.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=3420983584&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t7RZ.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M3%3C%2C%7BK%24t!.xPmej%24le31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wkPxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-AAEDDJRIqioP6g%3D%3D&sc=1&os=1-jg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcorreiodoestado.com.br&id=0&ii=2&f=1&j=https%3A%2F%2F82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com&lp=https%3A%2F%2Fcorreiodoestado.com.br&t=1710991514540&de=434896145372&cu=1710991514540&m=1619&ar=b14f40e8f24-clean&iw=fad0310&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lf=132&lg=1&lh=13&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A305%3A305%3A426%3A330&aa=1&ad=1036&cn=1036&gn=1&gk=1036&gl=1036&ik=1036&ic=1036&ez=1&co=1036&cp=1005&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1005&cd=1005&ah=1005&am=1005&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=1000411%3A50000055%3A60015625%3A70020435&bo=82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com&bd=300x250&gw=travel198849194933&zMoatOrigSlicer1=82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com&zMoatOrigSlicer2=300x250&zMoatDomain=correiodoestado.com.br&zMoatSubdomain=correiodoestado.com.br&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=mDJKP3eIwjuIjdUSMoRdiSzJaO_69jUs7duCQA&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=207200&na=1975792859&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.89.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-89-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:25:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 21 Mar 2024 03:25:16 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame BD6F 43 B
251 B 8ms
8ms Image
image/gif 184.28.89.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=3420983584&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t7RZ.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M3%3C%2C%7BK%24t!.xPmej%24le31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wkPxp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-AAEDDJRIqioP6g%3D%3D&sc=1&os=1-jg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcorreiodoestado.com.br&id=0&ii=2&f=1&j=https%3A%2F%2F82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com&lp=https%3A%2F%2Fcorreiodoestado.com.br&t=1710991514540&de=434896145372&cu=1710991514540&m=1620&ar=b14f40e8f24-clean&iw=fad0310&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lf=132&lg=1&lh=13&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A305%3A305%3A426%3A330&aa=1&ad=1036&cn=1036&gn=1&gk=1036&gl=1036&ik=1036&ic=1036&ez=1&co=1036&cp=1005&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1005&cd=1005&ah=1005&am=1005&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=1000411%3A50000055%3A60015625%3A70020435&bo=82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com&bd=300x250&gw=travel198849194933&zMoatOrigSlicer1=82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com&zMoatOrigSlicer2=300x250&zMoatDomain=correiodoestado.com.br&zMoatSubdomain=correiodoestado.com.br&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=mDJKP3eIwjuIjdUSMoRdiSzJaO_69jUs7duCQA&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=207200&na=1621241191&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.89.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-89-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 03:25:16 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 21 Mar 2024 03:25:16 GMT

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
correiodoestado.com.br/	1970-01-20 19:16:35	Name: DO-LB_DOTHCOM Value: "ChExMC4xMzIuMjAwLjEzMjo4MBDesNQC"
.correiodoestado.com.br/	1970-01-21 04:02:07	Name: BC-ADD-SIGNATURE Value: 4950d38e-5f0f-4dc0-a7dc-6f5ae10ff10e
.correiodoestado.com.br/	1970-01-21 04:52:31	Name: _ga_BXGB68T2MJ Value: GS1.1.1710991513.1.0.1710991513.60.0.0
.correiodoestado.com.br/	1969-12-31 23:59:59	Name: ___nrbic Value: %7B%22previousVisit%22%3A1710991513%2C%22currentVisitStarted%22%3A1710991513%2C%22sessionId%22%3A%224ab6e6bb-2c99-4f4b-a709-c308680e8a25%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//correiodoestado.com.br/%22%2C%22referrer%22%3A%22%22%7D
.correiodoestado.com.br/	1970-01-20 23:41:25	Name: ___nrbi Value: %7B%22firstVisit%22%3A1710991513%2C%22userId%22%3A%22a421b982-c435-42f4-8446-27b20d3d36b4%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1710991513%2C%22timesVisited%22%3A1%7D
.correiodoestado.com.br/	1970-01-20 23:41:25	Name: compass_uid Value: a421b982-c435-42f4-8446-27b20d3d36b4
.correiodoestado.com.br/	1970-01-21 04:52:31	Name: _ga Value: GA1.3.1296022164.1710991514
.correiodoestado.com.br/	1970-01-20 19:17:57	Name: _gid Value: GA1.3.161668464.1710991514
.correiodoestado.com.br/	1970-01-20 19:16:31	Name: _gat_gtag_UA_1420794_71 Value: 1
events.newsroom.bi/	1970-01-20 23:35:43	Name: 4189_u Value: a421b982-c435-42f4-8446-27b20d3d36b4
events.newsroom.bi/	1969-12-31 23:59:59	Name: 4189_s Value: 4ab6e6bb-2c99-4f4b-a709-c308680e8a25
events.newsroom.bi/	1970-01-20 19:59:43	Name: 4189_lv Value: null
events.newsroom.bi/	1970-01-20 19:59:43	Name: 4189_ut Value: 0
.correiodoestado.com.br/	1970-01-20 23:35:43	Name: __eoi Value: ID=1f94451d46d6ed94:T=1710991513:RT=1710991513:S=AA-AfjbQ9xPXSm3xbMQXjj2sqlNC
.travelaudience.com/	1970-01-21 04:46:45	Name: _tracker Value: %7B%22pb%22%3A%2290000%22%2C%22UUID%22%3A%221DCC4190-252F-463C-B9F3-A08EFD17F476%22%7D
.correiodoestado.com.br/	1970-01-21 04:02:07	Name: __trf.src Value: encoded_eyJmaXJzdF9zZXNzaW9uIjp7InZhbHVlIjoiKG5vbmUpIiwiZXh0cmFfcGFyYW1zIjp7fX0sImN1cnJlbnRfc2Vzc2lvbiI6eyJ2YWx1ZSI6Iihub25lKSIsImV4dHJhX3BhcmFtcyI6e319LCJjcmVhdGVkX2F0IjoxNzEwOTkxNTE0NDk2fQ==
.criteo.com/	1970-01-21 04:38:07	Name: receive-cookie-deprecation Value: 1
.correiodoestado.com.br/	1970-01-21 04:02:07	Name: rdtrk Value: %7B%22id%22%3A%226b2314f4-368b-4ca2-9c0a-e840d4ad4d67%22%7D

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://correiodoestado.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://correiodoestado.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://correiodoestado.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
violation	error	URL: https://z.moatads.com/travel198849194933/moatad.js(Line 139) Message: Permissions policy violation: accelerometer is not allowed in this document.
javascript	warning	URL: https://z.moatads.com/travel198849194933/moatad.js(Line 139) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

82a06907cb0980763ba07e8317bbcce0.safeframe.googlesyndication.com
ads.eu.criteo.com
ads.travelaudience.com
ajax.googleapis.com
ap-adserver.igaming-ap-service.io
cat.nl3.eu.criteo.com
cdn.correiodoestado.com.br
cdn.pn.vg
connect.facebook.net
correiodoestado.com.br
csm.eu.criteo.net
d335luupugsy2.cloudfront.net
dtokw98w8oklz.cloudfront.net
events.newsroom.bi
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
imageproxy.eu.criteo.net
mb.moatads.com
osp-assets.pn.vg
p.smrk.io
pagead2.googlesyndication.com
pageview-notify.rdstation.com.br
popups.rdstation.com.br
px.moatads.com
region1.analytics.google.com
rtb.ads.travelaudience.com
rtb.fr3.eu.criteo.com
sdk.mrf.io
securepubads.g.doubleclick.net
static.criteo.net
static.travelaudience.com
stats.g.doubleclick.net
tpc.googlesyndication.com
travel198849194933.s.moatpixel.com
widget.horoscopovirtual.com.br
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
z.moatads.com
13.95.152.229
132.226.214.62
178.250.1.6
184.28.89.220
2001:4860:4802:32::36
23.32.101.205
2600:9000:236e:7a00:5:6af1:95c0:21
2606:4700:20::681a:ab
2606:4700:20::681a:ce0
2606:4700:3032::6815:5681
2606:4700:3033::6815:325a
2606:4700:3034::ac43:dc2f
2a00:1450:4001:802::200a
2a00:1450:4001:806::2004
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2003
2a00:1450:4001:812::2008
2a00:1450:4001:81c::200e
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200e
2a00:1450:400c:c00::9b
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
2a03:2880:f083:100:face:b00c:0:3
34.68.90.188
35.187.184.108
35.190.0.66
35.223.116.65
35.244.170.237
52.222.250.175
54.170.183.180
57.128.96.95
03bc083e9ce9a80e896b903c65545bfa8877d931fbb3a92379b7329b0173cb69
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
099c5589e9209cf8e32450bdc9bf4275ae60f7b2f35a635a35a756a24f65623f
09f045c1839cc92f5adf09c4097f37732447ade45293fc704a003a5b9e949029
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
0b1273c6c6050b63577aeeaf6249d9f8ad01424010791ae3e5c89bed2214148e
0d336a97efd52a4ef44ef3270e71eac24ba405d4450016f9d3e943256e9e58c8
0e997d8eed4381414339f70c7beb72d614e4953c3f97f06cb841816182bd8d1b
10fb6beeefc7ab361adddf3cb96aec2f3a4519b4e5170fc574211b6385ac950e
11076dd4a86d587f214ac5bb2fe78147db864e0087056274c0d34d7a2f1ffb9a
1290e8e18182f113167f8ee6901091029eb3f18524f30867357fd9dd253dcc6f
1568186ba17aacd78ff41bdbadd5ee696a220f5962b47affdd28f123316c7fb3
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
1b02035774d9978a0656512051c97ec80f62a4da90137b41e4e998d5cbb7b957
1b4cf99e9e38bbc5c5d7d29133b5d2aa1eeabfdd2c27124aecac9be5346c4d30
1d87d09c430db949193d3b7cc94e7bf88f093117bb4071b03a2d96bc34eae52d
1de34477d7b7a353650a22c1cfa24571f2ccd8487b83c22e9092194877b6f026
225343440217a5d22f3877ec17dc7ee6d830ee741a47228cfd1781362ad00474
233ac504546f7c61594002539cd7c2951cc0bcba441552fcfdfd6227a45a123a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820
272f81d199550e922da3f9ebffcb38f62c7ae6eb784503695d05a8cba8d81d8e
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2a36aab4a570d85a844133f77558b2c19c1de9a021a1432098281c681a67dee7
2ebfff462b279df4dd98d0749e12c026a3caf744ca103997428e2ca6563b5050
30d560cf2957049a53bf04ff25fe18114d6457d1550efd13f5738823b848015d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31a67f4b480d9a00087e757fd7c1025c577bf3d152532eb4dcc806d5e5235690
39cf238f9f7b75d929c393d8f56a60c1b9b8da74d20bf06d78a15894bcdad501
3b903fb9e277701d1aed32bcd887e2484aaa4c17fd0e4ce5e474b32a7618ef66
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d0b33548817a7dcae4beb37258951e85e51c22d4b937c9369b23ad1226aeca7
3e74797f64d03c5e711604e36b050f6c1ff400dbb9550f8573cc3fe3e085fdc0
41edd57ce03d00eca0e5aea5d5b2bdf0037ef42d67ed70ec48c5bfeb55f5dc04
42cf93814890dafbe9fe325e92f26b963793cee6b9ed106ff78f47717c5134d0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
48fa24866de016b2f870a9880b95075d6fc9508829ccee734e0485ca299cee9c
4a6a2d909697b17e2775fc77237ba4526e00320eec078b7ab7212772c44558c1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
510c537007a36e1480396bae494d41bcb5b64d04de7e3915f3c5faee4d000377
54a258f8429ddba2de7b8fb7854e5982c77cf03afdb1e968e72f73096e28c496
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565b549c1c5ad7106d6f0d02171a6d7548e017247986c2ab7333a4ee9d166299
590ad48f4ba01402a518d5b93ac45b5937fb6f2e9338c24371b381232fcc63a2
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
5be8e22106715ad507de3e48fa79d1b4a86e22d0b1dbaa2a90144fe7f6149c7a
5edfdd5c3168f686e026de36429f5d3bb2216ddf2447ce2613b68654f60fcb05
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63b8ede97bc962d12bfffc83cf2fb04629ad6d29384d8f468a91fa75b0a87236
63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df
64a01b2d310693f457fc4a268cdc1259c8379bf814ce7ac84b69b6a2d1d9b21e
6583bbe1f321e8396c6a516a1681e1745f5c1396dc4eff3075f05bc1e917a87e
6ad923bba919b50e1b30e12f1692ba43c996b036f75dc1de1c282099b814b5f1
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae8d9d0bbae200bda8aa66fb3ebc20ed24aadd5b88ba93f4ea4138471b7d1cb
6cb7e7a08e9beef86a9bcc623216bed9df694c1ff20f4a743d157dfd3f74947c
6d19e9846e8cd55450e56b63402a3c4b42571bc4d882a6c952805e84003dc194
70fbedd25992e0b003c735ef697a034c7aa744d74e447ca878aa67e70c387df3
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73194b21ff88337c0bd88cf4eef1a46246b0be5d83fb2a5544bded3a1d3afee3
7807281cc69741dfe420d922345e84df11205a6b84c657c86b12b619d90cb79c
7ff1306e27b72a6f2d21146394db565262c8fd9aba12f647d9e2a8d2f2de13ed
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
82d395c9161aca1e01d63e152adf3c3c5a46dc902122b969535f1a8c57207e50
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84ec375bb0fe47ac5297e206806d12c98d4259a3573291b30aa5a713a4ad96db
853d8f1bd85e395bbdfb1b01d17d17f238c3100393afcf1d7430711f5f391525
86c0d1062a4428ff4adbf17b0216b43597637b6f46b0266c22c18030608d7107
86c6f9e9d2322bfb7517992c4d9e1ecc93e86e01d5088c52b020c4844bfc2579
87d79bac2d74953c434cd481d17013900a3cbe50b1fa47d89ca9c9e0fc3b3f60
8b1b20d7acf230037c6396205deb88419eb93376d59fac26502d9972bb097f37
8cdd1051b39adbee974061cfe2294060d42aed1ddf0fd777a957ae14be6e1643
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
905ea416df2028fb675f5a102dcf677a29fdfa8ba9611f89e81d4cc4984ce00f
925620b961a3140a4fbf38e5a03b68c2abbeb5c6959e9326612f66b421ed0443
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4
9a83935554c811295bf724df7c5737750750bd0c5819a548366ceebf2287976b
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1b9a23d1d13dfabb89d12a0c2573cb92758b793118bb9b3327ce645a0900b67
a2cc30a09010e49fe57fa6b3bc667fd94d12fbb72b7dc4fc6ee8684535d4713b
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a6a3722c81f36f240e3508eb3b42251653c8271ed2a541c2dc5981e10535417a
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ab4e6f7d2a6b0198996b74d34881525ec16d6d1d23aa19ea55741cff8cc8530e
ab91bd06ebcc862c60c8002c7127034a667edd798617a2902d4c6e9beff19a1c
b5b0feddbd1dde0e0793d83bcd62810ee233b6b65d3bd95f733b92ab3b5012c2
b5c86eb1a9da0fc49c3359d1b078629a520d568127869c422a9089af6c747557
bf880647b736f1922d55d9223da08fdce304be1649fd1d6665d2fb2d694b3394
c93859a19629d370c76a56632cd266fcecb04550cc3bcf7b4aed19d534117786
c9bd7e36e502a1852269ecd4594c7a7bfcf7337869809cec23d1e74c5e903495
ca96e29125d7fd6b599b0bb96ee9c5f460a97722d92916089a4d7476272a5d6d
cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1237454e2f5e6b1f9f3ca7f1dc90cd57486230ce288ffd4f9364fdbf3fc73ca
d14bd29d89fc74cdc1501fd139867ad735affbfd659f2a50803205e33d1d77e6
d93f59993d7a296252370769f040cb02f32db6bf65baf28dd20a05eee68cbdf5
d9e42ab9266d40399a7538036a6fa25e081c13b5a205d7f661e59669d1bc3aa0
da13f639054a6677efee21f8b4847ddbc37972b9b9110284c1bbc1c9c4b85514
daf0c567ed5499bb5a2062f1fbd9144ad9d23fc46fdeb4cfbf7ff4ca0b266afd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0204dbaa01c6ed0ef25045332bd76eb6f0c2a61bbd4be194fe8bc7881c5c86f
e217ca929041462aea2d6e57bf7161d02ce546e0b07ff5eef86a9a55d806377f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55ab0244f1fdf122faf1606280c6c3627616cbced15ff6a1e536df58b08d43f
e58da58b314ccdeefa3c4865b4b8aa3153e890d7904e04483481d8fff2c27eaa
e5b32f30c9ff12a92bde21bca9ab73e79937e360573a4ec2c8d2715a17a8bab9
eaf8e94ca3f1f5fa27746f07d0a396d273b3d1affcc74e7acc28eba7c19d4304
ece2c4a6485e558c6391638609ceb936b3aae63f1ca49d7edc11da093627b066
ed8b066205b49d2cb2423085c2bf454c6abf3ebb755a07ba87dedce3d78c09d4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c8ccf2c6c00fea2c67436e338a08d5aa7c45720ccf8a9d609859879930d189
f2361122bdb26f7995be360ae57a3050771f06941a95d76cced4c836a46c22a4
f3710634eaa52e63fe0c574d0b8adf1a9d4bf78819793e818394e237dc71faa1
f3e89c400cd4a65ad12d631a1fb4b867312fbf007ab912b3e7fd9477ce06b2db
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5b810879d926326f14210569df5b98b6db32adffed2d7d8fd326c572687337d
f6d92be1f6d97a323320191dfed0c85aaa581ef050be1ae22e20a4ae007bcee5
f70d060548859badbadde9c6e3326252c078a7d2cf70405f98d83c2599bc463c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f97d7601dc2a49c4b81a6d11cc3378f127697a36056fdb0e7471ebc5b47a9ac8
f98dd5a52d1b5eae7b5846936ae0ebbddc0a10466d818706696144157d207d0b
fb661951d744f303c9c1504f68f78a44bdabbb81fb025f35ea91d2a3f4d82899
fd8526cb02722497a376ad1b117ea5bb7fc772a1af4d6609bb7df05437736f5b
fd85eddb7d662d5237b7366e9eeaaf4bd5ca2af2bf9a6673e5e165baeb09da1f

correiodoestado.com.br Open in urlscan Pro 2606:4700:3032::6815:5681 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

174 Requests

100 %HTTPS

68 %IPv6

24 Domains

42 Subdomains

40 IPs

7 Countries

3258 kBTransfer

7553 kBSize

18 Cookies

62 Outgoing links

Page URL History

Redirected requests

174 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

correiodoestado.com.br Open in urlscan Pro
2606:4700:3032::6815:5681 Public Scan

Screenshot
Live screenshot

Full Image

174
Requests

100 %
HTTPS

68 %
IPv6

24
Domains

42
Subdomains

40
IPs

7
Countries

3258 kB
Transfer

7553 kB
Size

18
Cookies

174 HTTP transactions
7 data transactions