diariodonordeste.verdesmares.com.br Open in urlscan Pro
170.82.174.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://diariodonordeste.verdesmares.com.br/
Effective URL:
https://diariodonordeste.verdesmares.com.br/
Submission: On January 06 via api (January 6th 2024, 8:16:10 am UTC) from US — Scanned from DE

Summary HTTP 511 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 67 IPs in 8 countries across 54 domains to perform 511 HTTP transactions. The main IP is 170.82.174.15, located in São Paulo, Brazil and belongs to 3L CLOUD INTERNET SERVICES LTDA - EPP, BR. The main domain is diariodonordeste.verdesmares.com.br. The Cisco Umbrella rank of the primary domain is 908225.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 19th 2023. Valid for: a year.

This is the only time diariodonordeste.verdesmares.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 67	170.82.174.15 170.82.174.15	266444 (3L CLOUD ...) (3L CLOUD INTERNET SERVICES LTDA - EPP)
4	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:1e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::681a:1ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
15	2606:4700::68... 2606:4700::6810:df3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
14	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
48	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::ac43:9fa2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5 18	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 3	13.32.99.23 13.32.99.23	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
10	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3 15	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2016	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	162.19.96.32 162.19.96.32	16276 (OVH) (OVH)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1 1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1 1	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:303... 2606:4700:3034::ac43:9a96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:e79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6814:e180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	20.231.53.73 20.231.53.73	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.165.183.39 18.165.183.39	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1 8	2606:4700:440... 2606:4700:4400::6812:2a64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
2 2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 16	2606:4700:440... 2606:4700:4400::ac40:9754	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.236.114 52.222.236.114	16509 (AMAZON-02) (AMAZON-02)
1 82	2606:4700:440... 2606:4700:4400::ac40:934d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
2 4	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
1 2	37.157.2.249 37.157.2.249	198622 (ADFORM) (ADFORM)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700:1::... 2606:4700:1::6813:844c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.192.108.144 18.192.108.144	16509 (AMAZON-02) (AMAZON-02)
5	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2 4	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2606:4700:303... 2606:4700:3033::6815:325a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.35.229.56 23.35.229.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	35.186.194.101 35.186.194.101	15169 (GOOGLE) (GOOGLE)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	81.17.55.171 81.17.55.171	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	34.250.183.118 34.250.183.118	16509 (AMAZON-02) (AMAZON-02)
1	2.23.197.190 2.23.197.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.240.241.48 34.240.241.48	16509 (AMAZON-02) (AMAZON-02)
2 2	54.170.105.58 54.170.105.58	16509 (AMAZON-02) (AMAZON-02)
2 2	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 2	81.17.55.173 81.17.55.173	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
511	67

67 170.82.174.15 (São Paulo, Brazil) 1 redirects

ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR)

diariodonordeste.verdesmares.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:1e8 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.goadopt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
disclaimer-api.goadopt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:1ab (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6810:df3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync2.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nr-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:9fa2 (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.23 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-23.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.96.32 (France)

ASN16276 (OVH, FR)
PTR: haproxy05.cl13.ovh.mrf.io

events.newsroom.bi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6545577c874dddcd4ced99dc6acf5bd2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.207 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:9a96 (United States)

ASN13335 (CLOUDFLARENET, US)

i.pravatar.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:e79 (United States)

ASN13335 (CLOUDFLARENET, US)

tags.premiumads.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:e180 (United States)

ASN13335 (CLOUDFLARENET, US)

id.navegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.231.53.73 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

q.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.183.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-39.zrh55.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:4400::6812:2a64 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

scripts.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ui.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sender.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lp.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
call.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

gml-grp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:4400::ac40:9754 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

promos.betano.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-114.fra56.r.cloudfront.net

dd.betano.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

82 2606:4700:4400::ac40:934d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

landingpages.kaizengaming.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
visuals.kaizengaming.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.38 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f6.1e100.net

12738953.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.249 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:1::6813:844c (United States)

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.108.144 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-108-144.eu-central-1.compute.amazonaws.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.5.132 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:325a (United States)

ASN13335 (CLOUDFLARENET, US)

experiences.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.229.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-56.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.194.101 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com

ad.sxp.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.17.55.171 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.183.118 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-183-118.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.240.241.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-241-48.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.170.105.58 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-105-58.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.212 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.17.55.173 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
82	kaizengaming.com 1 redirects landingpages.kaizengaming.com — Cisco Umbrella Rank: 119937 visuals.kaizengaming.com — Cisco Umbrella Rank: 122611	1 MB
67	verdesmares.com.br 1 redirects diariodonordeste.verdesmares.com.br — Cisco Umbrella Rank: 908225	2 MB
48	youtube.com www.youtube.com — Cisco Umbrella Rank: 79	6 MB
45	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1255 c2.taboola.com — Cisco Umbrella Rank: 12960 pm-widget.taboola.com — Cisco Umbrella Rank: 3998 nr-events.taboola.com — Cisco Umbrella Rank: 16493 trc.taboola.com — Cisco Umbrella Rank: 960 trc-events.taboola.com — Cisco Umbrella Rank: 2320 am-trc-events.taboola.com — Cisco Umbrella Rank: 11740 images.taboola.com — Cisco Umbrella Rank: 1897 pips.taboola.com — Cisco Umbrella Rank: 1936 cds.taboola.com — Cisco Umbrella Rank: 2300	802 KB
42	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 stats.g.doubleclick.net — Cisco Umbrella Rank: 184 static.doubleclick.net — Cisco Umbrella Rank: 371 cm.g.doubleclick.net — Cisco Umbrella Rank: 338 12738953.fls.doubleclick.net Failed	308 KB
27	gstatic.com fonts.gstatic.com www.gstatic.com	328 KB
20	google.com 3 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2014 www.google.com — Cisco Umbrella Rank: 6 play.google.com — Cisco Umbrella Rank: 95 Failed adservice.google.com — Cisco Umbrella Rank: 189	119 KB
18	googlesyndication.com 6545577c874dddcd4ced99dc6acf5bd2.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 185 pagead2.googlesyndication.com — Cisco Umbrella Rank: 140	165 KB
17	betano.de 1 redirects promos.betano.de dd.betano.de — Cisco Umbrella Rank: 629768	263 KB
15	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 45211 usr.navdmp.com — Cisco Umbrella Rank: 50426 cdn.navdmp.com — Cisco Umbrella Rank: 33736 sync2.navdmp.com — Cisco Umbrella Rank: 78647 sync.navdmp.com — Cisco Umbrella Rank: 41196	8 KB
14	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	642 KB
11	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 306 fonts.googleapis.com — Cisco Umbrella Rank: 115	83 KB
11	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 323	239 KB
8	cleverwebserver.com 1 redirects scripts.cleverwebserver.com — Cisco Umbrella Rank: 23894 ui.cleverwebserver.com — Cisco Umbrella Rank: 25820 sender.cleverwebserver.com — Cisco Umbrella Rank: 41996 lp.cleverwebserver.com — Cisco Umbrella Rank: 46994 call.cleverwebserver.com — Cisco Umbrella Rank: 27322	95 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1280 q.clarity.ms — Cisco Umbrella Rank: 12359 c.clarity.ms — Cisco Umbrella Rank: 2579	28 KB
6	adform.net 3 redirects s2.adform.net — Cisco Umbrella Rank: 7751 track.adform.net — Cisco Umbrella Rank: 4333	35 KB
6	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 193	15 KB
6	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 104	177 KB
6	google.de www.google.de — Cisco Umbrella Rank: 4002	905 B
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 1096 tr6.snapchat.com — Cisco Umbrella Rank: 1403	1 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101 region1.google-analytics.com — Cisco Umbrella Rank: 1695	42 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 692 c.bing.com — Cisco Umbrella Rank: 539	14 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	177 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 438	173 KB
3	smartadserver.com 2 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 1167 sync.smartadserver.com — Cisco Umbrella Rank: 2055	1 KB
3	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 359 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925	74 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 274	3 KB
3	jquery.com code.jquery.com — Cisco Umbrella Rank: 1219	66 KB
3	pn.vg cdn.pn.vg — Cisco Umbrella Rank: 160214	74 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 793	2 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 313	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 1396	611 B
2	smartclip.net 2 redirects ad.sxp.smartclip.net — Cisco Umbrella Rank: 7187	699 B
2	teads.tv a.teads.tv — Cisco Umbrella Rank: 1674 at.teads.tv — Cisco Umbrella Rank: 5198	4 KB
2	mgid.com a.mgid.com — Cisco Umbrella Rank: 11503	5 KB
2	gml-grp.com 2 redirects gml-grp.com — Cisco Umbrella Rank: 39255	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	129 KB
2	premiumads.com.br tags.premiumads.com.br — Cisco Umbrella Rank: 404064	143 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	239 B
2	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 2418 ups.analytics.yahoo.com — Cisco Umbrella Rank: 505	380 B
2	newsroom.bi events.newsroom.bi — Cisco Umbrella Rank: 7834	2 KB
2	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 173	2 KB
2	mrf.io sdk.mrf.io — Cisco Umbrella Rank: 10258 experiences.mrf.io — Cisco Umbrella Rank: 12895	46 KB
2	goadopt.io tag.goadopt.io — Cisco Umbrella Rank: 224091 disclaimer-api.goadopt.io — Cisco Umbrella Rank: 231700	106 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 594	149 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 1173	339 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 1261	218 B
1	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 1419	205 B
1	datadome.co api-js.datadome.co — Cisco Umbrella Rank: 6379	408 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1399	18 KB
1	navegg.com id.navegg.com — Cisco Umbrella Rank: 413337	303 B
1	pravatar.cc i.pravatar.cc — Cisco Umbrella Rank: 637740	6 KB
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 3160	623 B
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 597	303 B
511	54

	Domain	Requested by
67	diariodonordeste.verdesmares.com.br	1 redirects diariodonordeste.verdesmares.com.br cdn.pn.vg
48	www.youtube.com	diariodonordeste.verdesmares.com.br www.youtube.com www.googletagmanager.com
47	landingpages.kaizengaming.com	code.jquery.com landingpages.kaizengaming.com promos.betano.de
35	visuals.kaizengaming.com	1 redirects code.jquery.com visuals.kaizengaming.com diariodonordeste.verdesmares.com.br
16	promos.betano.de	1 redirects lp.cleverwebserver.com promos.betano.de code.jquery.com
16	images.taboola.com	diariodonordeste.verdesmares.com.br
16	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
15	www.google.com	3 redirects diariodonordeste.verdesmares.com.br www.youtube.com promos.betano.de tpc.googlesyndication.com
15	securepubads.g.doubleclick.net	diariodonordeste.verdesmares.com.br securepubads.g.doubleclick.net www.googletagservices.com
14	googleads.g.doubleclick.net	5 redirects www.googletagmanager.com www.youtube.com diariodonordeste.verdesmares.com.br
14	www.googletagmanager.com	diariodonordeste.verdesmares.com.br www.googletagmanager.com tags.premiumads.com.br promos.betano.de
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net diariodonordeste.verdesmares.com.br tpc.googlesyndication.com
11	www.gstatic.com	www.youtube.com www.gstatic.com
11	cdn.ampproject.org	diariodonordeste.verdesmares.com.br securepubads.g.doubleclick.net
9	am-trc-events.taboola.com	diariodonordeste.verdesmares.com.br cdn.taboola.com
9	cdn.taboola.com	diariodonordeste.verdesmares.com.br cdn.taboola.com
8	jnn-pa.googleapis.com	www.youtube.com
7	sync.navdmp.com	diariodonordeste.verdesmares.com.br
6	yt3.ggpht.com	www.youtube.com
6	i.ytimg.com	www.youtube.com
6	static.doubleclick.net	www.youtube.com
6	www.google.de	diariodonordeste.verdesmares.com.br www.googletagmanager.com promos.betano.de
5	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	track.adform.net	2 redirects promos.betano.de
4	tr.snapchat.com	sc-static.net promos.betano.de
4	12738953.fls.doubleclick.net	www.googletagmanager.com
4	lp.cleverwebserver.com	diariodonordeste.verdesmares.com.br lp.cleverwebserver.com
4	q.clarity.ms	www.clarity.ms
4	connect.facebook.net	www.googletagmanager.com connect.facebook.net diariodonordeste.verdesmares.com.br
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	cdn.jsdelivr.net	diariodonordeste.verdesmares.com.br cdn.jsdelivr.net promos.betano.de
3	bat.bing.com	diariodonordeste.verdesmares.com.br bat.bing.com promos.betano.de
3	fonts.googleapis.com	cdn.taboola.com securepubads.g.doubleclick.net
3	trc.taboola.com	cdn.taboola.com tag.navdmp.com
3	sb.scorecardresearch.com	1 redirects diariodonordeste.verdesmares.com.br
3	tag.navdmp.com	diariodonordeste.verdesmares.com.br tag.navdmp.com
3	code.jquery.com	diariodonordeste.verdesmares.com.br promos.betano.de
3	cdn.pn.vg	diariodonordeste.verdesmares.com.br cdn.pn.vg
2	sync.smartadserver.com	1 redirects
2	secure.adnxs.com	2 redirects
2	dpm.demdex.net	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	ad.sxp.smartclip.net	2 redirects
2	c.clarity.ms	1 redirects
2	adservice.google.com	12738953.fls.doubleclick.net
2	a.mgid.com	diariodonordeste.verdesmares.com.br promos.betano.de
2	s2.adform.net	1 redirects www.googletagmanager.com
2	gml-grp.com	2 redirects
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	c.amazon-adsystem.com	tags.premiumads.com.br c.amazon-adsystem.com
2	tags.premiumads.com.br	www.googletagmanager.com tags.premiumads.com.br
2	www.facebook.com	diariodonordeste.verdesmares.com.br promos.betano.de
2	cdn.navdmp.com	tag.navdmp.com
2	www.clarity.ms	diariodonordeste.verdesmares.com.br www.clarity.ms
2	events.newsroom.bi	sdk.mrf.io
2	usr.navdmp.com	tag.navdmp.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.googleadservices.com	1 redirects www.googletagmanager.com
2	nr-events.taboola.com	c2.taboola.com diariodonordeste.verdesmares.com.br
2	pm-widget.taboola.com	cdn.taboola.com pm-widget.taboola.com
1	match.adsrvr.org
1	beacon.krxd.net	tag.navdmp.com
1	tags.bluekai.com	tag.navdmp.com
1	sync.crwdcntrl.net	1 redirects
1	ssbsync.smartadserver.com	1 redirects
1	at.teads.tv	a.teads.tv
1	a.teads.tv	tags.premiumads.com.br
1	c.bing.com	1 redirects
1	disclaimer-api.goadopt.io	diariodonordeste.verdesmares.com.br
1	experiences.mrf.io	sdk.mrf.io
1	tr6.snapchat.com	sc-static.net
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	api-js.datadome.co	dd.betano.de
1	sc-static.net	www.googletagmanager.com
1	dd.betano.de	promos.betano.de
1	call.cleverwebserver.com	diariodonordeste.verdesmares.com.br
1	sender.cleverwebserver.com	1 redirects
1	ui.cleverwebserver.com	diariodonordeste.verdesmares.com.br
1	scripts.cleverwebserver.com	diariodonordeste.verdesmares.com.br
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	region1.google-analytics.com	www.googletagmanager.com
1	id.navegg.com	tags.premiumads.com.br
1	play.google.com	www.youtube.com
1	i.pravatar.cc	diariodonordeste.verdesmares.com.br
1	ups.analytics.yahoo.com	diariodonordeste.verdesmares.com.br
1	cms.analytics.yahoo.com	1 redirects
1	pixel.mathtag.com	1 redirects
1	sync2.navdmp.com	diariodonordeste.verdesmares.com.br
1	cm.g.doubleclick.net	1 redirects
1	6545577c874dddcd4ced99dc6acf5bd2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	trc-events.taboola.com	cdn.taboola.com
1	gum.criteo.com	cdn.taboola.com
1	sdk.mrf.io	diariodonordeste.verdesmares.com.br
1	c2.taboola.com	diariodonordeste.verdesmares.com.br
1	tag.goadopt.io	diariodonordeste.verdesmares.com.br
511	97

This site contains links to these domains. Also see Links.

Domain
cleveradvertising.com
assine.diariodonordeste.com.br
privacidade.geq.com.br
diariodigital.verdesmares.com.br
api.whatsapp.com
www.instagram.com
www.facebook.com
www.twitter.com
www.youtube.com
midiakit.svm.com.br
centraldoassinante.diariodonordeste.com.br
maximparerurehab.com
popup.taboola.com
www.2clicktrk.com
bredings-person.com
www.becompliance.com
goadopt.io

Subject Issuer	Validity	Valid
*.verdesmares.com.br Go Daddy Secure Certificate Authority - G2	`2023-12-19` - `2025-01-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
pn.vg GTS CA 1P5	`2023-12-23` - `2024-03-22`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-15` - `2024-01-13`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
ssl03.cert.cl13.k8s.mrf.io R3	`2023-11-24` - `2024-02-22`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
pravatar.cc GTS CA 1P5	`2023-11-23` - `2024-02-21`	3 months	crt.sh
premiumads.com.br Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
cleverwebserver.com Cloudflare Inc ECC CA-3	`2023-08-06` - `2024-08-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
promos.betano.de Cloudflare Inc ECC CA-3	`2023-09-11` - `2024-09-10`	a year	crt.sh
dd.betano.de R3	`2023-12-15` - `2024-03-14`	3 months	crt.sh
landingpages.kaizengaming.com E1	`2023-12-02` - `2024-03-01`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.datadome.co Gandi RSA Domain Validation Secure Server CA 3	`2023-10-10` - `2024-11-09`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://diariodonordeste.verdesmares.com.br/
Frame ID: 891A756E8E003A5FD2429F89D723DFB7
Requests: 209 HTTP requests in this frame

Frame: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
Frame ID: F015B36333FEC5D05D508DF3A8797049
Requests: 40 HTTP requests in this frame

Frame: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
Frame ID: 84C087DD0947E11A5C49F6E6EF932C14
Requests: 41 HTTP requests in this frame

Frame: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
Frame ID: DB8C0EFB82A6A01895F6008731E2B802
Requests: 37 HTTP requests in this frame

Frame: https://6545577c874dddcd4ced99dc6acf5bd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9B570851283BFD6F1F1398F6E0D95A75
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDpk8VnGQxMwZUceduynTrPDVXeUvjY-0GZ4QmGmnCDoGCZBsZBccNOuTN1OYKBc-FSdCuXD7Ir5O96OJdCiOeN17Ggn2IK5wEPcXgMiTkcGujFPSutIgNNo8hLopQy5Gwvda6n4MaP8Fj_-pwgSWRzKEfocemKHmBVkH2Lfj1WjqRQwmXWTEXMkoQ9Av3i0AizGlx37ImsfBsn_1449kprDEOKVWGUUuq7ik1AOYV0-xIbZjb91Izkiff9UUwSssdvopjCtvlcgIda9DXF-4BoAJKJoCHtTkfaTKpm7QnY9YmtjbVjsBrgCTH1UO8TeIEyzjKXEn1V9qKuWldINQCufYNW3_kSLeN-D6veDeTvQkVYBZxTHk&sai=AMfl-YRRpNuxh1FwA_LVSsVAN9g93g2ecRHWuaQiLSKY_thCMoeQOOAwMs3Z8zqIgSEftL8ZzUcei6w9QuyuG-P66kynGs22wBlI8-RujOepo6n-eK_WIlg5IxsfrUun2A&sig=Cg0ArKJSzH8X5W4Qx_eSEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 2B71E34D3D430B8FEE24C0D5CABAE3E5
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupxyD7aHam7ywsKncJQePlhSRqJcysEgoNtVduFHo4FiazOKlTAzdvaxHeV1YMcMk0xIEDHT1YBejXDvWlv4fFKpMp_KkEteCQkSwyk6pMUwdo5BakIOedoZJZcnOw1HuTJs4O_UgbjjbGInqda-yGYK6TKjWx-_ttis-ij_XWbzvFi1KQCuV0g80J3L1BOldkk2lWlUZ0yfddQnrZWpf7sYiqDEryOoR0tpK40y0lYHUp1y-DqW14cgCWOE7vrFVOV7nXNimCrLLPk2t-3fWq2Om7wwbITeqp7A-224bkmiF3P3Ik-Kr37EAliGxwLiQqOFGEtYcjS2V0jK2ZV2_Z_GNMyZjYSeheac_EEGyjT6XCGtt_Yirl91ocZg&sai=AMfl-YQ0PSIBTHoJrHtLICq1YbCuCrbOdls7rYnIDMDFDxjKblpO1Z4Gc7rrYeGp0PMzPQXERucWGT2dwcnUQsCEFSATpqs6zxxjyE-gFUg_eT0iBPNGNXdWUSCo37NIEOY&sig=Cg0ArKJSzN0sRL-yjS-CEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 3CB33986FBB93CAE108C34C2E9C28000
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 6688C1B0121165AEF7FF5824C091BAC9
Requests: 17 HTTP requests in this frame

Frame: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=798620&group=49109&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTJiXzI5MzFjXyZhZmZpZD00MzEmc2l0ZWlkPTExNTImYWRpZD0yOTMxJmM9Q0FBQlhOTVNMQURBQURF&ref=aHR0cHM6Ly9kaWFyaW9kb25vcmRlc3RlLnZlcmRlc21hcmVzLmNvbS5ici8%3D&r=466705229
Frame ID: 3250C47599612BF4E3C9145F5BC77035
Requests: 4 HTTP requests in this frame

Frame: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Frame ID: 2885C063DC6CC061D01BF0AB48ECD460
Requests: 95 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: BD0DDBB4B237CFD8324AF641D100B31A
Requests: 14 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-MN2KPC6
Frame ID: 6C763DEA87DFFAAB05BC7BD05B36ADE5
Requests: 2 HTTP requests in this frame

Frame: https://promos.betano.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: 7F8B067EA39C57FEA108FE4149502DDA
Requests: 2 HTTP requests in this frame

Frame: https://12738953.fls.doubleclick.net/activityi;dc_pre=CPubv5upyIMDFZHtOwIdHT0GTg;src=12738953;type=despo0;cat=despo0;ord=786226975;~oref=https%3A%2F%2Fpromos.betano.de%2F
Frame ID: 15EA0657D97D614F9D21FE794F1ECE01
Requests: 1 HTTP requests in this frame

Frame: https://12738953.fls.doubleclick.net/activityi;dc_pre=CKLov5upyIMDFVbLOwId17wD_A;src=12738953;type=despo0;cat=despo0;ord=5587437305606;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152
Frame ID: 92273A394D9E94C8F30725EA3EB07D4E
Requests: 2 HTTP requests in this frame

Frame: https://12738953.fls.doubleclick.net/activityi;dc_pre=CMnxv5upyIMDFYfIOwIddX8H_g;src=12738953;type=deaff0;cat=deaff0;ord=4592301623775;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152
Frame ID: 125B989A5B8A05A314B87B595AB83E3B
Requests: 2 HTTP requests in this frame

Frame: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Frame ID: 3AFC56A14D0E7A9C9167A0F16B8D3478
Requests: 10 HTTP requests in this frame

Frame: https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: C7548561E9ED369FA90165A4F2C3BF29
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&u_scsid=58e0978e-1071-4ffc-9618-9768253616f8&u_sclid=06441328-3dcd-49b1-b924-0f256af753f8
Frame ID: 59AE97640ABBA230F14B45E5AE6A1EB6
Requests: 1 HTTP requests in this frame

Frame: blob://https://visuals.kaizengaming.com/96f9e4b5-a726-4e7d-a7a3-3f1e98c9c0a7
Frame ID: ABFC25F002618D2B7F9F8A9DAD1741D3
Requests: 1 HTTP requests in this frame

Frame: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F3cca6a95-2ccc-4b24-b704-2a20f97d11af.jpg&w=1213&h=1765&q=99&f=webp&rt=contain
Frame ID: 87C036D9F8BF668671B1F195FFAA1D02
Requests: 23 HTTP requests in this frame

Frame: https://experiences.mrf.io/marfeelpass/statics/dw-check.html?v=5
Frame ID: 7AAB6C76025D7BFD33A5ACBA1384D5EC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6CEAA76039B51B97B0822CB2D54E1697
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4556EF13BB91BCC1EDDAB24655DD8596
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Diário do Nordeste - Últimas notícias de Fortaleza, Ceará, Brasil Group 3Group 3Group 3Group 3

Page URL History Show full URLs

http://diariodonordeste.verdesmares.com.br/ HTTP 301
https://diariodonordeste.verdesmares.com.br/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

<(?:iframe|img)[^>]+adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

511
Requests

93 %
HTTPS

55 %
IPv6

54
Domains

97
Subdomains

67
IPs

8
Countries

13898 kB
Transfer

36198 kB
Size

74
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://cleveradvertising.com/

Search URL Search Domain Scan URL

URL: https://assine.diariodonordeste.com.br/lojadiariodonordeste/acesso-assinante/https://diariodonordeste.verdesmares.com.br/
Title: Entrar

Search URL Search Domain Scan URL

URL: https://assine.diariodonordeste.com.br/lojadiariodonordeste/
Title: Assinar

Search URL Search Domain Scan URL

URL: https://privacidade.geq.com.br/
Title: Portal da privacidade

Search URL Search Domain Scan URL

URL: https://assine.diariodonordeste.com.br/lojadiariodonordeste/acesso-assinante/https://diariodonordeste.verdesmares.com.br
Title: Entrar

Search URL Search Domain Scan URL

URL: https://assine.diariodonordeste.com.br/lojadiariodonordeste
Title: Assine

Search URL Search Domain Scan URL

URL: https://diariodigital.verdesmares.com.br/loginAssinante?utm_source=diariodonordeste-home&utm_medium=referral&utm_campaign=conversao_digital

Search URL Search Domain Scan URL

URL: https://assine.diariodonordeste.com.br/
Title: Assinar

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=+5585999690752
Title: (85) 99969-0752

Search URL Search Domain Scan URL

URL: https://www.instagram.com/diariodonordeste

Search URL Search Domain Scan URL

URL: https://www.facebook.com/diariodonordeste

Search URL Search Domain Scan URL

URL: https://www.twitter.com/diarioonline

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/diariodonordeste

Search URL Search Domain Scan URL

URL: https://midiakit.svm.com.br/
Title: Anuncie

Search URL Search Domain Scan URL

URL: https://centraldoassinante.diariodonordeste.com.br/
Title: Central do Assinante

Search URL Search Domain Scan URL

URL: https://maximparerurehab.com/f04b78f6-a4d4-4532-8454-2337b084513b
Title: Solar-Vergleich

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=diariodonordeste-diariodonordeste&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Patrocinado

Search URL Search Domain Scan URL

URL: https://www.2clicktrk.com/go/a42d57eb-0f80-42a2-875c-fcf2c3815e0f
Title: Deutschlands Kopfkissen Nr. 1

Search URL Search Domain Scan URL

URL: https://bredings-person.com/7a9920f4-d67c-4782-9847-08ce4b0b707e
Title: Deutsche Neuro

Search URL Search Domain Scan URL

URL: https://www.becompliance.com/

Search URL Search Domain Scan URL

URL: https://privacidade.geq.com.br/politica-de-privacidade.php
Title: Datenschutz-Bestimmungen

Search URL Search Domain Scan URL

URL: https://goadopt.io/en/porque-aviso/?source=firstLevel
Title: AdOpt

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://diariodonordeste.verdesmares.com.br/ HTTP 301
https://diariodonordeste.verdesmares.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 97

https://sb.scorecardresearch.com/cs/20663921/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 122

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 124

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 126

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 134

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1008543156/?random=440983863&cv=11&fst=1704528961831&bg=ffffff&guid=ON&async=1&gtm=45He4130v71506129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&label=3CIuCPmA3_sYELTL9OAD&hn=www.googleadservices.com&frm=0&tiba=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&value=0&auid=279987347.1704528962&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=QQyZZcLrOKCa78EPxq6YoAI&sscte=1&crd=&eitems=ChAIgJHkrAYQ_cuBsKO19_JTEh0AWMIr8FhgNBoq9NnBKyc82u0u3r5CD33onzgXyA&pscrd=EkxDaEFJZ0pIa3JBWVEwYjNycDhyX3E0by1FaVVBWnZ4MjRCeVRUSmp3bTZsNE5sRl85QmVIeUs1Z05SYW5fUTFFVTJmeDNWakEtX0tIGldDaEFJZ0pIa3JBWVFfLXZZbE5MWTF2MFBFaTBBVDFEd1NyQm0xRmZ1Wm5XTnRCUTVJM0MyTXlUWERERHdPSWdRczJHUWNaU3dFRzkxNFJrejRYTXd6RHciEwiCkKSaqciDAxUgzTsCHUYXBiQ HTTP 302
https://www.google.com/pagead/1p-conversion/1008543156/?random=440983863&cv=11&fst=1704528961831&bg=ffffff&guid=ON&async=1&gtm=45He4130v71506129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&label=3CIuCPmA3_sYELTL9OAD&hn=www.googleadservices.com&frm=0&tiba=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&value=0&auid=279987347.1704528962&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0pIa3JBWVEwYjNycDhyX3E0by1FaVVBWnZ4MjRCeVRUSmp3bTZsNE5sRl85QmVIeUs1Z05SYW5fUTFFVTJmeDNWakEtX0tIGldDaEFJZ0pIa3JBWVFfLXZZbE5MWTF2MFBFaTBBVDFEd1NyQm0xRmZ1Wm5XTnRCUTVJM0MyTXlUWERERHdPSWdRczJHUWNaU3dFRzkxNFJrejRYTXd6RHciEwiCkKSaqciDAxUgzTsCHUYXBiQ&is_vtc=1&ocp_id=QQyZZcLrOKCa78EPxq6YoAI&cid=CAQSKQAvHhf_ceoGRLAYSrrERDRdG0xVKk8bzZo_QrgfWqDY5-Ni6-OZB2fy&eitems=ChAIgJHkrAYQ_cuBsKO19_JTEh0AWMIr8MxxqXHxXkJiYyjn5S2h2-Yqbsj_Pa14Pg&random=1375013316 HTTP 302
https://www.google.de/pagead/1p-conversion/1008543156/?random=440983863&cv=11&fst=1704528961831&bg=ffffff&guid=ON&async=1&gtm=45He4130v71506129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&label=3CIuCPmA3_sYELTL9OAD&hn=www.googleadservices.com&frm=0&tiba=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&value=0&auid=279987347.1704528962&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0pIa3JBWVEwYjNycDhyX3E0by1FaVVBWnZ4MjRCeVRUSmp3bTZsNE5sRl85QmVIeUs1Z05SYW5fUTFFVTJmeDNWakEtX0tIGldDaEFJZ0pIa3JBWVFfLXZZbE5MWTF2MFBFaTBBVDFEd1NyQm0xRmZ1Wm5XTnRCUTVJM0MyTXlUWERERHdPSWdRczJHUWNaU3dFRzkxNFJrejRYTXd6RHciEwiCkKSaqciDAxUgzTsCHUYXBiQ&is_vtc=1&ocp_id=QQyZZcLrOKCa78EPxq6YoAI&cid=CAQSKQAvHhf_ceoGRLAYSrrERDRdG0xVKk8bzZo_QrgfWqDY5-Ni6-OZB2fy&eitems=ChAIgJHkrAYQ_cuBsKO19_JTEh0AWMIr8MxxqXHxXkJiYyjn5S2h2-Yqbsj_Pa14Pg&random=1375013316&ipr=y

Request Chain 168

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=85597320549 HTTP 302
https://sync2.navdmp.com/sync?prtid=2&id=85597320549&google_gid=CAESEFuYNKr8of-DL3CMu2Mv8lE&google_cver=1

Request Chain 169

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
https://sync.navdmp.com/sync?img=1&mdia=955c6599-0c42-4c00-9981-797155aa0da3

Request Chain 170

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

Request Chain 321

https://sender.cleverwebserver.com/group/49109?id=798620&ref=aHR0cHM6Ly9kaWFyaW9kb25vcmRlc3RlLnZlcmRlc21hcmVzLmNvbS5ici8%3D&ruri=&r=466705229&tok=33419711310201791433&t=1704528963&cmpId=&fb=0&wl=1&furl=0&sf=0&bw=Q2hyb21l&b=0&m=0&p=V2luMTA%3D&res=1600x1200&app=&iv=-1&ctr=DE&sz=1200&landing=1&hei=360.00&ts=0.134 HTTP 301
https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=798620&group=49109&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTJiXzI5MzFjXyZhZmZpZD00MzEmc2l0ZWlkPTExNTImYWRpZD0yOTMxJmM9Q0FBQlhOTVNMQURBQURF&ref=aHR0cHM6Ly9kaWFyaW9kb25vcmRlc3RlLnZlcmRlc21hcmVzLmNvbS5ici8%3D&r=466705229

Request Chain 335

https://gml-grp.com/C.ashx?btag=a_1152b_2931c_&affid=431&siteid=1152&adid=2931&c=CAABXNMSLADAADE HTTP 302
https://gml-grp.com/C.ashx?btag=a_1152b_2931c_&affid=431&siteid=1152&adid=2931&c=CAABXNMSLADAADE&AutoR=1 HTTP 302
https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Request Chain 363

https://promos.betano.de/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://promos.betano.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Request Chain 372

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 373

https://www.googleadservices.com/pagead/conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data= HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&ocp_id=RAyZZfWZFvbJ78EPioGniAc&random=2121540118&sscte=1&crd=&pscrd=IhMI9cu4m6nIgwMV9uQ7Ah2KwAlx HTTP 302
https://www.google.com/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=2121540118&sscte=1&crd=&pscrd=IhMI9cu4m6nIgwMV9uQ7Ah2KwAlx&is_vtc=1&ocp_id=RAyZZfWZFvbJ78EPioGniAc&cid=CAQSKQAvHhf_2MmWAY00EEdSBjyqteAAU4Xunyjr9AisFAvhxyLG3FDb-fbo&random=805159610 HTTP 302
https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=2121540118&sscte=1&crd=&pscrd=IhMI9cu4m6nIgwMV9uQ7Ah2KwAlx&is_vtc=1&ocp_id=RAyZZfWZFvbJ78EPioGniAc&cid=CAQSKQAvHhf_2MmWAY00EEdSBjyqteAAU4Xunyjr9AisFAvhxyLG3FDb-fbo&random=805159610&ipr=y

Request Chain 374

https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=786226975;~oref=https%3A%2F%2Fpromos.betano.de%2F HTTP 302
https://12738953.fls.doubleclick.net/activityi;dc_pre=CPubv5upyIMDFZHtOwIdHT0GTg;src=12738953;type=despo0;cat=despo0;ord=786226975;~oref=https%3A%2F%2Fpromos.betano.de%2F

Request Chain 392

https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=5587437305606;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152 HTTP 302
https://12738953.fls.doubleclick.net/activityi;dc_pre=CKLov5upyIMDFVbLOwId17wD_A;src=12738953;type=despo0;cat=despo0;ord=5587437305606;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152

Request Chain 393

https://12738953.fls.doubleclick.net/activityi;src=12738953;type=deaff0;cat=deaff0;ord=4592301623775;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152 HTTP 302
https://12738953.fls.doubleclick.net/activityi;dc_pre=CMnxv5upyIMDFYfIOwIddX8H_g;src=12738953;type=deaff0;cat=deaff0;ord=4592301623775;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152

Request Chain 450

https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Request Chain 454

https://s2.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=534384445301&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 301
https://track.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=534384445301&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=534384445301&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 455

https://track.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=188935869466&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=188935869466&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 497

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7ECD10C0EFAF4E9EA0C5E650DFE2C41A&RedC=c.clarity.ms&MXFR=187AE444B48364440044F7BAB0836A56 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7ECD10C0EFAF4E9EA0C5E650DFE2C41A&MUID=1668188008C36AE808FF0B7E09116B25

Request Chain 513

https://ad.sxp.smartclip.net/sync?type=red&dsp=75 HTTP 302
https://ad.sxp.smartclip.net/sync?type=red&dsp=75&ang_testid=1 HTTP 302
https://sync.navdmp.com/sync?prtid=25&sclid=10a22f79-480c-9965-1b09-ed0f1ec14df7

Request Chain 514

https://sync-tm.everesttech.net/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D&_test=ZZkMSAAMcpSnFwBU HTTP 302
https://sync.navdmp.com/sync?prtid=17&tubid=ZZkMSAAMcpSnFwBU&_test=ZZkMSAAMcpSnFwBU

Request Chain 515

https://ssbsync.smartadserver.com/api/sync?callerId=95&redirectUri=https%3A//sync.navdmp.com/sync%3Fprtid%3D21%26dynid%3D%5Bssb_sync_pid%5D&gdpr=0 HTTP 302
https://sync.navdmp.com/sync?prtid=21&dynid=9000244689617039543

Request Chain 516

https://sync.crwdcntrl.net/map/c=15478/tp=NVEG/tpid=85597320549?https%3A//sync.navdmp.com/sync%3Fprtid%3D38%26lotid%3D%24%7Bprofile_id%7D HTTP 302
https://sync.navdmp.com/sync?prtid=38&lotid=

Request Chain 520

https://dpm.demdex.net/ibs:dpid=822&dpuuid=85597320549&redir=https%3A//sync.navdmp.com/sync%3Fid%3D85597320549%26adID%3D%24%7BDD_UUID%7D%26img%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=822&dpuuid=85597320549&redir=https%3A//sync.navdmp.com/sync%3Fid%3D85597320549%26adID%3D%24%7BDD_UUID%7D%26img%3D1 HTTP 302
https://sync.navdmp.com/sync?id=85597320549&adID=80582435497752200693996765479654130297&img=1

Request Chain 521

https://secure.adnxs.com/getuid?https://sync.navdmp.com/sync?appNx=$UID&img=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsync.navdmp.com%2Fsync%3FappNx%3D%24UID%26img%3D1 HTTP 302
https://sync.navdmp.com/sync?appNx=5146746622001865410&img=1

Request Chain 523

https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fsync.navdmp.com%2Fsync%3Fprtid%3D36%26uid%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1

511 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
diariodonordeste.verdesmares.com.br/
Redirect Chain

http://diariodonordeste.verdesmares.com.br/
https://diariodonordeste.verdesmares.com.br/

477 KB
22 KB

913ms
461ms

Document
text/html

170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

7924ab66537a4c0252d28e30fa2d90409f64e77466ae3693d2c9673f7bf6cc1d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
content-encoding: br
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
content-type: text/html;charset=utf-8
date: Sat, 06 Jan 2024 08:16:00 GMT
server: gocache
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: MISS
x-cache-rule: YES with ttl: 10.000 /
x-cacheable: YES
x-frame-options: SAMEORIGIN ALLOW-FROM http://polopoly.verdesmares.com.br
x-gocache-cachestatus: HIT
x-process: V1

Redirect headers

Connection: keep-alive
Content-Length: 157
Content-Type: text/html
Date: Sat, 06 Jan 2024 08:15:59 GMT
Keep-Alive: timeout=15
Location: https://diariodonordeste.verdesmares.com.br:443/
Server: gocache
X-GoCache-CacheStatus: MISS

GET
H2 200 swiper-bundle.min.css
cdn.jsdelivr.net/npm/swiper@11/ 18 KB
5 KB 74ms
31ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swiper@11/swiper-bundle.min.css

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c94a0dc6cbd7f95a3c4eb8f7959fd8e5905ff0794116c07a5f09bbac7ef9ffd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 26550
x-jsd-version: 11.0.5
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230136-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"4804-9yCb7UhhpXmk+wLPeZGhum72F0M"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62zACTarZCMk8MEeOnFUMrgqbRM7mr4NG8cBsMFwritm05Yjps%2Fb1IaAKyvg3vPh6Gw7wczjfdX6uHvXzv2suhx9CpakwFamcsFT5IUIy7%2F6yhUlmxTvt6t7UZ31V0B8o6tN%2FpZReQ89C5NTHkA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 84128435d81e39ce-FRA

GET
H2 200 remixicon.css
cdn.jsdelivr.net/npm/remixicon@3.5.0/fonts/ 120 KB
16 KB 72ms
29ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/remixicon@3.5.0/fonts/remixicon.css

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3319df8b9c28451700b6dc398868f64e5554b3cb164d188bf6f0cac6b6e39793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3298484
x-jsd-version: 3.5.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230091-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"1e1f5-48QJs2Ev7WXpvZWlpyTMbKw/aZY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zfsyTdwXs3IJcp43znWJxBxbUY7qR8B0AlaiuZ3IlP8nViDaktuuSJlswZvVAqFOsSVz0laLF%2BFhg0Wv72dI6jKzbqVKNHVsu3AvExIBSgJrdGPmUVP4pVOSmvoAa72u2rjo1uFjB8LGWc3Ov74%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 84128435d81d39ce-FRA

GET
H2 200 morpheus.css
diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/styles/ 122 KB
17 KB 241ms
239ms Stylesheet
text/css 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/styles/morpheus.css?v=1.0.39

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

f926d2eaa1938821474fb891a5c5620ff7b1608c91fa248ba1b0a3488891ea1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
x-cache-rule: YES with ttl: 2592000.000 /css/diario/assets/morpheus/styles/morpheus.css?v=1.0.39
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 24 Jul 2023 18:41:10 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 353522
etag: W/"125068-1690224070000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/css
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 main.css
diariodonordeste.verdesmares.com.br/apps/morpheus/static/styles/ 84 KB
13 KB 235ms
234ms Stylesheet
text/css 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/apps/morpheus/static/styles/main.css

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

4038a2a1b34c21f1acd08f84cb08d341feafc9be8ea2c4596885c1255f3f2bbe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
x-cache-rule: YES with ttl: 3600.000 /apps/morpheus/static/styles/main.css
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 21 Dec 2023 03:56:46 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 760
etag: W/"86192-1703131006000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/css
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 base.css
diariodonordeste.verdesmares.com.br/static/assets/styles/ 2 KB
1 KB 237ms
235ms Stylesheet
text/css 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/static/assets/styles/base.css?v=1.0.39

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

9a911782a9d1a53c1c90b440beed750584f83620bef4d1c97de328a8fa472b47

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-cacheable: YES
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 90
x-gocache-cachestatus: HIT
x-cache: HIT
x-cache-rule: YES with ttl: 10.000 /static/assets/styles/base.css?v=1.0.39
last-modified: Mon, 24 Jul 2023 18:41:10 GMT
server: gocache
etag: W/"2403-1690224070000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: text/css
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 components.css
diariodonordeste.verdesmares.com.br/static/assets/styles/ 119 KB
16 KB 240ms
238ms Stylesheet
text/css 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/static/assets/styles/components.css?v=1.0.39

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

a0e1b81ee14a9c3432248f962ca11f3d939f6066c4eafb15a61680e7b406aa18

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
x-cacheable: YES
age: 15
x-gocache-cachestatus: HIT
x-cache: HIT
x-cache-rule: YES with ttl: 10.000 /static/assets/styles/components.css?v=1.0.39
last-modified: Mon, 24 Jul 2023 18:41:10 GMT
server: gocache
x-process: V2
etag: W/"121759-1690224070000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: text/css
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 light.css
diariodonordeste.verdesmares.com.br/static/assets/styles/themes/ 334 B
887 B 240ms
239ms Stylesheet
text/css 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/static/assets/styles/themes/light.css?v=1.0.39

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

52a29b757bfaf927dcb60fc3ed65d05560152bdc2b12227e5c53344237d1bed3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
x-cacheable: YES
age: 10
x-gocache-cachestatus: HIT
x-cache: HIT
x-cache-rule: YES with ttl: 10.000 /static/assets/styles/themes/light.css?v=1.0.39
last-modified: Mon, 24 Jul 2023 18:41:10 GMT
server: gocache
x-process: V2
etag: W/"334-1690224070000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: text/css
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 diario.css
diariodonordeste.verdesmares.com.br/static/assets/styles/themes/ 14 KB
2 KB 459ms
458ms Stylesheet
text/css 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/static/assets/styles/themes/diario.css?v=1.0.39

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

2f9dfe3bc1c7da5c87b21ccc2e81cce4e37e1cca9f085d70d8682747219e18bd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-cacheable: YES
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 54
x-gocache-cachestatus: HIT
x-cache: HIT
x-cache-rule: YES with ttl: 10.000 /static/assets/styles/themes/diario.css?v=1.0.39
last-modified: Thu, 21 Dec 2023 03:56:46 GMT
server: gocache
etag: W/"14514-1703131006000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: text/css
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 injector.js Show response
tag.goadopt.io/ 328 KB
105 KB 95ms
38ms Script
text/javascript 2606:4700:20::681a:1e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.goadopt.io/injector.js?website_code=0ab6c141-e658-4d74-a27f-53f691e4dab0
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9a4e39d50f327270714dcd7f18f54b57a03fc26189befc99da628449c5355017

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39795
cf-polished: origSize=335929
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
request-context: appId=cid-v1:
cf-bgj: minify
last-modified: Fri, 05 Jan 2024 21:12:45 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VhszfFwkivIU5ecxgNEcr52R%2BVlzHP0FleA7WMmhl0OBew0ryyDHFDeLwvv76yGskvMNeOKrYf%2BLD37i7hLKCkI%2F4FD9ApQ%2FFPIRHh1jtRgvZSWinmWGDqZdSa4LriQP%2B1IFi3phu4KlzOyc"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=120
access-control-allow-credentials: true
cf-ray: 84128435ed965d96-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 188ms
103ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42586418372ab46eed4fd53154766fb5ebade0afea824d47f882eae085a2ee7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29039
x-xss-protection: 0
server: cafe
etag: 721 / 19728 / m202401020101 / config-hash: 2026918608723226553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 08:16:01 GMT

GET
H2 200 p_googletag.js Show response
diariodonordeste.verdesmares.com.br/static/assets/scripts/ 2 KB
2 KB 460ms
459ms Script
text/javascript 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/static/assets/scripts/p_googletag.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

f099ab2b067e69ce7aec7316818cd1847e4bf80ecc9b3efa0cc9b4fa3d1e88d5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
x-cache-rule: YES with ttl: 3600.000 /static/assets/scripts/p_googletag.js
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 24 Jul 2023 18:41:10 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 91
etag: W/"2534-1690224070000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/javascript
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
33 KB 121ms
28ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 06 Jan 2024 08:16:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32187
x-xss-protection: 0
server: sffe
etag: "f62e83b3b94bc414"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 06 Jan 2024 08:16:01 GMT

GET
H2 200 187307e1-8c37-4991-9aaa-71c2299dcc50.js Show response
cdn.pn.vg/sites/ 3 KB
2 KB 83ms
29ms Script
text/javascript 2606:4700:20::681a:1ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/sites/187307e1-8c37-4991-9aaa-71c2299dcc50.js
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 913e8863b4a9fdd1dc408e358b7fa24cf3ce14d5b08eb9f0f91728a08440f0de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P5
age: 1086
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 17 Jan 2023 12:26:03 GMT
server: cloudflare
etag: W/"a63336097f4b5fb1a431c9a971f6ef1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEuIc%2FDg0yidD2JrbFQkYmiz5l8WENUj9ZEgunvBwSixSgu2lHutARDN0dxlMty1gL%2B5xoUaHfpdcC2q51ChMhyj93XieQ1aVArzTQeD9WdTkhPF%2BJWgES9fehI7kmIhGVaSLqB4%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 8412843a9a1036e0-FRA
x-amz-cf-id: wt6qFAjVJs5DPcOqQ6Fc653rGHB-DdJztA0fFUbq5OpmSaN_Y6xeUA==

GET
H2 200 white.svg
diariodonordeste.verdesmares.com.br/apps/diario-do-nordeste/static/brand/ 6 KB
3 KB 461ms
460ms Image
image/svg+xml 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/apps/diario-do-nordeste/static/brand/white.svg

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

f32b140b03828c62df3172e04064f5224d1903f6b45ef970e71e87d345b485c7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
x-cache-rule: YES with ttl: 3600.000 /apps/diario-do-nordeste/static/brand/white.svg
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 21 Dec 2023 03:56:46 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 776
etag: W/"6144-1703131006000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: image/svg+xml
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 accent.svg
diariodonordeste.verdesmares.com.br/apps/diario-do-nordeste/static/brand/ 6 KB
3 KB 681ms
680ms Image
image/svg+xml 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/apps/diario-do-nordeste/static/brand/accent.svg

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

ea92e1dfe7b0bad34df752ab0a7d7c65896679b908e3b95e81fc88a52bd49fa8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
x-cache-rule: YES with ttl: 3600.000 /apps/diario-do-nordeste/static/brand/accent.svg
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 21 Dec 2023 03:56:46 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 1420
etag: W/"6188-1703131006000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: image/svg+xml
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 EG%C3%8DDIO-SERPA-2.png
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3181665:1685967456/ 44 KB
45 KB 467ms
460ms Image
image/webp 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3181665:1685967456/EG%C3%8DDIO-SERPA-2.png?f=1x1&$p$f=0ee3834

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

270014f86c9f5d70a4c39e74f1e16c3209ff44dc0737ae0aea02762bbc182be4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: optimized
age: 1977
x-gocache-cachestatus: HIT
x-cache: HIT
x-original-image-width: 800
x-original-image-height: 800
x-rendered-image-height: 546
content-length: 44888
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3181665:1685967456/EG%C3%8DDIO-SERPA-2.png?f=1x1&$p$f=0ee3834
server: gocache
etag: W/"policy:1.3181665:1685967456"
x-rendered-image-width: 546
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/webp
cache-control: max-age=1296000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 Sem-T%C3%ADtulo-1.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3181853:1642509659/ 69 KB
70 KB 597ms
590ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3181853:1642509659/Sem-T%C3%ADtulo-1.jpg?f=1x1&$p$f=de10c88

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

6dc54b59d9676995b295651619a40959edfd2e18ef49e89e4c0a569066c1405d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 1874
x-gocache-cachestatus: REVALIDATED, EXPIRED
x-cache: HIT
x-original-image-width: 850
x-original-image-height: 850
x-rendered-image-height: 850
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3181853:1642509659/Sem-T%C3%ADtulo-1.jpg?f=1x1&$p$f=de10c88
server: gocache
etag: W/"policy:1.3181853:1642509659"
x-rendered-image-width: 850
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 Victor_2_Easy-Resize.com.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3256523:1658161357/ 57 KB
58 KB 374ms
367ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3256523:1658161357/Victor_2_Easy-Resize.com.jpg?f=1x1&$p$f=b664d85

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

964565e96eba3653f3f34e6cab49ebb69a7e628e6f376d0b3995048e60d4c264

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 273
x-gocache-cachestatus: HIT
x-cache: HIT
x-original-image-width: 1155
x-original-image-height: 1280
x-rendered-image-height: 816
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3256523:1658161357/Victor_2_Easy-Resize.com.jpg?f=1x1&$p$f=b664d85
server: gocache
etag: W/"policy:1.3256523:1658161357"
x-rendered-image-width: 815
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 Andr%C3%A9%20Almeida.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.2949549:1632957008/ 33 KB
34 KB 470ms
464ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.2949549:1632957008/Andr%C3%A9%20Almeida.jpg?f=1x1&$p$f=3497731

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

3470ec5a8c42a5266093ffc43138e26da1e0c7990e6316f76e9a18a650ef3d7c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: REVALIDATED, EXPIRED
x-cache: MISS
x-original-image-width: 800
x-original-image-height: 1200
x-rendered-image-height: 603
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.2949549:1632957008/Andr%C3%A9%20Almeida.jpg?f=1x1&$p$f=3497731
server: gocache
etag: W/"policy:1.2949549:1632957008"
x-rendered-image-width: 603
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 8a60ab66-f6bb-4296-8910-86120a9a61a3.jfif
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3296069:1668275353/ 31 KB
32 KB 467ms
461ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3296069:1668275353/8a60ab66-f6bb-4296-8910-86120a9a61a3.jfif?f=1x1&$p$f=9621649

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

47b7b61d4a719998ac12bf2e12279a9175c971e617eb6544766cf8c5f0369459

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3296069:1668275353/8a60ab66-f6bb-4296-8910-86120a9a61a3.jfif?f=1x1&$p$f=9621649
strict-transport-security: max-age=31536000; includeSubDomains
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 785
etag: W/"policy:1.3296069:1668275353"
x-rendered-image-width: 569
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-original-image-width: 853
content-type: image/jpeg
x-gocache-cachestatus: HIT
x-cache: HIT
x-original-image-height: 1280
x-rendered-image-height: 569

GET
H2 200 Ingrid%20Coelho%20Site.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3364998:1683220475/ 25 KB
26 KB 470ms
463ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3364998:1683220475/Ingrid%20Coelho%20Site.jpg?f=1x1&$p$f=f15a4ec

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

957b54331affe2dc8fdc71f7638304da5e4152973d21c7c35d9f59d1252cd8f0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: REVALIDATED, EXPIRED
x-cache: MISS
x-original-image-width: 444
x-original-image-height: 715
x-rendered-image-height: 443
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3364998:1683220475/Ingrid%20Coelho%20Site.jpg?f=1x1&$p$f=f15a4ec
server: gocache
etag: W/"policy:1.3364998:1683220475"
x-rendered-image-width: 443
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 Igor%20Pires.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3260534:1658925367/ 56 KB
57 KB 467ms
461ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3260534:1658925367/Igor%20Pires.jpg?f=1x1&$p$f=9c59751

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

a6c012f52a79847e00cc1e8f8538fbd3a2237d06c78d56351a4fd844ee296279

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 3776
x-gocache-cachestatus: HIT
x-cache: HIT
x-original-image-width: 813
x-original-image-height: 1280
x-rendered-image-height: 814
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3260534:1658925367/Igor%20Pires.jpg?f=1x1&$p$f=9c59751
server: gocache
etag: W/"policy:1.3260534:1658925367"
x-rendered-image-width: 813
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 Paulo%20Angelim-colunista_-site.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3440600:1699449095/ 92 KB
93 KB 467ms
461ms Image
image/webp 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3440600:1699449095/Paulo%20Angelim-colunista_-site.jpg?f=1x1&$p$f=cb2e3c3

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

a1305f35e96334c2735a13c26771db6e89d5ba273af5d4ebdbfbf517d52b6a33

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: optimized
age: 0
x-gocache-cachestatus: HIT
x-cache: MISS
x-original-image-width: 1126
x-original-image-height: 1280
x-rendered-image-height: 1126
content-length: 93744
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3440600:1699449095/Paulo%20Angelim-colunista_-site.jpg?f=1x1&$p$f=cb2e3c3
server: gocache
etag: W/"policy:1.3440600:1699449095"
x-rendered-image-width: 1126
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/webp
cache-control: max-age=1296000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 WhatsApp%20Image%202022-01-25%20at%2009.15.32%20(3).jpeg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3184465:1643113284/ 31 KB
32 KB 469ms
463ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3184465:1643113284/WhatsApp%20Image%202022-01-25%20at%2009.15.32%20(3).jpeg?f=1x1&$p$f=4078d9c

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

d9736ecc3d0b02292cbcc412ccde89edccaa563cf91cb2e4c93e20ef91bfb2e6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 2692
x-gocache-cachestatus: REVALIDATED, EXPIRED
x-cache: HIT
x-original-image-width: 800
x-original-image-height: 653
x-rendered-image-height: 495
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3184465:1643113284/WhatsApp%20Image%202022-01-25%20at%2009.15.32%20(3).jpeg?f=1x1&$p$f=4078d9c
server: gocache
etag: W/"policy:1.3184465:1643113284"
x-rendered-image-width: 495
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 jeritza.png
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3391608:1689094815/ 79 KB
80 KB 468ms
461ms Image
image/webp 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3391608:1689094815/jeritza.png?f=1x1&$p$f=3f48bf4

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

adb50f96bb5a48e2ef0fb797794458292ac375857dbb50238b51e354dd3c1760

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: optimized
age: 2017
x-gocache-cachestatus: HIT
x-cache: HIT
x-original-image-width: 689
x-original-image-height: 728
x-rendered-image-height: 689
content-length: 80916
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3391608:1689094815/jeritza.png?f=1x1&$p$f=3f48bf4
server: gocache
etag: W/"policy:1.3391608:1689094815"
x-rendered-image-width: 689
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/webp
cache-control: max-age=1296000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 Maria%20Camila%20Moura%20(1).jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3270885:1661369825/ 26 KB
26 KB 596ms
590ms Image
image/webp 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3270885:1661369825/Maria%20Camila%20Moura%20(1).jpg?f=1x1&$p$f=b751315

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

6914bba20ecb857f03498d896f3429d786f29d8839f28275c5f0eaefb1fa31ba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: optimized
age: 0
x-gocache-cachestatus: REVALIDATED, EXPIRED
x-cache: MISS
x-original-image-width: 667
x-original-image-height: 1000
x-rendered-image-height: 667
content-length: 26124
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3270885:1661369825/Maria%20Camila%20Moura%20(1).jpg?f=1x1&$p$f=b751315
server: gocache
etag: W/"policy:1.3270885:1661369825"
x-rendered-image-width: 667
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/webp
cache-control: max-age=1296000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 Delania%20Santos%20PB_Easy-Resize.com.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3272895:1688419883/ 98 KB
99 KB 468ms
462ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3272895:1688419883/Delania%20Santos%20PB_Easy-Resize.com.jpg?f=1x1&$p$f=e95f53d

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

36480d8320f3027e1959409b9618093a71366fafdbd8481f2fa570f30e8680a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 1109
x-gocache-cachestatus: HIT
x-cache: HIT
x-original-image-width: 1200
x-original-image-height: 1280
x-rendered-image-height: 1200
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3272895:1688419883/Delania%20Santos%20PB_Easy-Resize.com.jpg?f=1x1&$p$f=e95f53d
server: gocache
etag: W/"policy:1.3272895:1688419883"
x-rendered-image-width: 1200
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 WhatsApp%20Image%202022-01-14%20at%2010.21.10.jpeg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3180647:1642166599/ 19 KB
20 KB 596ms
590ms Image
image/webp 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3180647:1642166599/WhatsApp%20Image%202022-01-14%20at%2010.21.10.jpeg?f=1x1&$p$f=0f7315a

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

b5ec2a4d1861890e777618cb339db16300cba327389383ea485ae69ec748b619

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: optimized
age: 2155
x-gocache-cachestatus: REVALIDATED, EXPIRED
x-cache: HIT
x-original-image-width: 853
x-original-image-height: 1280
x-rendered-image-height: 481
content-length: 19878
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3180647:1642166599/WhatsApp%20Image%202022-01-14%20at%2010.21.10.jpeg?f=1x1&$p$f=0f7315a
server: gocache
etag: W/"policy:1.3180647:1642166599"
x-rendered-image-width: 481
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/webp
cache-control: max-age=1296000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 Haley.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463691:1704497152/ 14 KB
15 KB 445ms
445ms Image
image/webp 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463691:1704497152/Haley.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=d97c2ba

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

73711581a64e5153e1d6dc83d5ab9c59190279073cc32274ea9f85d1dbeaf943

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: optimized
age: 0
x-gocache-cachestatus: REVALIDATED, EXPIRED
x-cache: MISS
x-original-image-width: 1874
x-original-image-height: 822
x-rendered-image-height: 314
content-length: 14498
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463691:1704497152/Haley.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=d97c2ba
server: gocache
etag: W/"policy:1.3463691:1704497152"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/webp
cache-control: max-age=1296000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 colac-o-unifor.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463723:1704505671/ 23 KB
24 KB 471ms
463ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463723:1704505671/colac-o-unifor.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=e998758

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

c7add74cb2fd22974fbf7676913f045af43dc852adff61022172deb587b3e539

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 3
x-gocache-cachestatus: REVALIDATED, EXPIRED
x-cache: HIT
x-original-image-width: 1280
x-original-image-height: 853
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463723:1704505671/colac-o-unifor.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=e998758
server: gocache
etag: W/"policy:1.3463723:1704505671"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 BBB-24.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463369:1704459565/ 36 KB
36 KB 246ms
238ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463369:1704459565/BBB-24.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=976a2a7

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

050125150d4fde5f0db366518c41e3f2226be0957f3078037bdb6785f1165b54

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT
x-cache: MISS
x-original-image-width: 1280
x-original-image-height: 921
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463369:1704459565/BBB-24.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=976a2a7
server: gocache
etag: W/"policy:1.3463369:1704459565"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 castro.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463698:1704498338/ 33 KB
34 KB 468ms
463ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463698:1704498338/castro.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=0cb93ff

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

f494f275bce4fd4dee8ab566084a9c551759aeea03d29469be6fc5747183d4bb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT
x-cache: MISS
x-original-image-width: 756
x-original-image-height: 504
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463698:1704498338/castro.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=0cb93ff
server: gocache
etag: W/"policy:1.3463698:1704498338"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 wanessa-e-filhos.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463726:1704507587/ 30 KB
31 KB 467ms
462ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463726:1704507587/wanessa-e-filhos.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=24158a0

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

410ad554317ffeddb3df5c2a550c2b315881de9b01aa8f77f5d8081fef722cbf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT
x-cache: MISS
x-original-image-width: 1080
x-original-image-height: 1350
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463726:1704507587/wanessa-e-filhos.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=24158a0
server: gocache
etag: W/"policy:1.3463726:1704507587"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 trump.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3457757:1703034099/ 19 KB
20 KB 468ms
462ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3457757:1703034099/trump.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=ec7baff

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

69c5f856d15a613a74c211ca54dbaffe3ecd6b56fde61a0a73a81b7d9be49974

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT
x-cache: MISS
x-original-image-width: 1024
x-original-image-height: 682
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3457757:1703034099/trump.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=ec7baff
server: gocache
etag: W/"policy:1.3457757:1703034099"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 vanessa-lopes.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463679:1704494487/ 33 KB
34 KB 1883ms
297ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463679:1704494487/vanessa-lopes.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=b4ef2e3

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

7824eb42d6c442d4ab27c624e009fa731b268639c6571d2c8bf36b8e76a1e216

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: REVALIDATED, EXPIRED
x-cache: MISS
x-original-image-width: 1000
x-original-image-height: 1250
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463679:1704494487/vanessa-lopes.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=b4ef2e3
server: gocache
etag: W/"policy:1.3463679:1704494487"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:03 GMT

GET
H2 200 mc-bin-laden.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463662:1704489612/ 21 KB
22 KB 1895ms
306ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463662:1704489612/mc-bin-laden.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=8f261c2

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

987c8ef99ecc722fe3927bac67f2eae84ddd47944191fd354de09dc73a677c71

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 131
x-gocache-cachestatus: REVALIDATED, EXPIRED
x-cache: HIT
x-original-image-width: 1080
x-original-image-height: 1349
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463662:1704489612/mc-bin-laden.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=8f261c2
server: gocache
etag: W/"policy:1.3463662:1704489612"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:03 GMT

GET
H2 200 Hickmann.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463638:1704485532/ 19 KB
20 KB 1937ms
347ms Image
image/webp 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463638:1704485532/Hickmann.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=e4692fe

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

cad9bc6527b72257d887e2f6cb68247261691695c0b8f1f03157f9a693c2ffa3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: optimized
age: 0
x-gocache-cachestatus: REVALIDATED, EXPIRED
x-cache: MISS
x-original-image-width: 888
x-original-image-height: 603
x-rendered-image-height: 314
content-length: 19242
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463638:1704485532/Hickmann.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=e4692fe
server: gocache
etag: W/"policy:1.3463638:1704485532"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/webp
cache-control: max-age=1296000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 08:16:03 GMT

GET
H2 200 Luan.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463477:1704476253/ 28 KB
29 KB 1716ms
446ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463477:1704476253/Luan.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=f623e9d

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

c4fd5da88e6a307d3c80675b203e95f9d92bd3d1772f4a341acc6d57605f7e82

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: REVALIDATED, EXPIRED
x-cache: MISS
x-original-image-width: 440
x-original-image-height: 1024
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463477:1704476253/Luan.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=f623e9d
server: gocache
etag: W/"policy:1.3463477:1704476253"
x-rendered-image-width: 417
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:03 GMT

GET
H2 200 Caio-Alexandre-meia-Fortaleza.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3346493:1704469123/ 28 KB
29 KB 1717ms
406ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3346493:1704469123/Caio-Alexandre-meia-Fortaleza.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=66118ac

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

b34bae971348ff69541a08b66598c078cf3cd023e8b45762654ea24cffd7445c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: REVALIDATED, EXPIRED
x-cache: MISS
x-original-image-width: 800
x-original-image-height: 533
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3346493:1704469123/Caio-Alexandre-meia-Fortaleza.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=66118ac
server: gocache
etag: W/"policy:1.3346493:1704469123"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:03 GMT

GET
H2 200 Reveillon-2024.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463119:1704456846/ 33 KB
34 KB 1717ms
357ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463119:1704456846/Reveillon-2024.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=70d2e13

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

004faa933546e8b32fa2563c5c180b980dde2d81247683d8d14d4ee66969f188

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: REVALIDATED, EXPIRED
x-cache: MISS
x-original-image-width: 1000
x-original-image-height: 666
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463119:1704456846/Reveillon-2024.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=70d2e13
server: gocache
etag: W/"policy:1.3463119:1704456846"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:03 GMT

GET
H2 200 Danilo-de-Campos.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463438:1704467160/ 12 KB
13 KB 1767ms
280ms Image
image/webp 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463438:1704467160/Danilo-de-Campos.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=9dc9b10

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

dffa82fae402fa358344642ea93e4401ff99760fa93eaa676ae31fb6b703e2f3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: optimized
age: 0
x-gocache-cachestatus: REVALIDATED, EXPIRED
x-cache: MISS
x-original-image-width: 600
x-original-image-height: 600
x-rendered-image-height: 314
content-length: 12020
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463438:1704467160/Danilo-de-Campos.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=9dc9b10
server: gocache
etag: W/"policy:1.3463438:1704467160"
x-rendered-image-width: 417
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/webp
cache-control: max-age=1296000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 08:16:03 GMT

GET
H2 200 Negueba.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463708:1704500706/ 31 KB
32 KB 1808ms
321ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463708:1704500706/Negueba.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=cd5e881

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

56f1771460ce21136cc8f9fb9c00c1d43b755edd5197e1f55f2b0e9780c1e3c5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 5
x-gocache-cachestatus: REVALIDATED, EXPIRED
x-cache: HIT
x-original-image-width: 1080
x-original-image-height: 1350
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463708:1704500706/Negueba.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=cd5e881
server: gocache
etag: W/"policy:1.3463708:1704500706"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:03 GMT

GET
H2 200 vozao.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463674:1704492034/ 38 KB
39 KB 1734ms
243ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463674:1704492034/vozao.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=6471546

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

41f23834d77768418c29a6e4578dc5fe673e053d0341e8d1ad2074f764bd208d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 3
x-gocache-cachestatus: HIT
x-cache: HIT
x-original-image-width: 1280
x-original-image-height: 853
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463674:1704492034/vozao.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=6471546
server: gocache
etag: W/"policy:1.3463674:1704492034"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:03 GMT

GET
H2 200 JO.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463609:1704481976/ 26 KB
27 KB 1787ms
296ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463609:1704481976/JO.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=ef10abe

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

779a231769d09869c9ff4c8127c40f64189de7b1dd3b0fa70130b3f02dc6c37a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: REVALIDATED, EXPIRED
x-cache: MISS
x-original-image-width: 984
x-original-image-height: 656
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463609:1704481976/JO.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=ef10abe
server: gocache
etag: W/"policy:1.3463609:1704481976"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:03 GMT

GET
H2 200 Recalde.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463572:1704480297/ 20 KB
21 KB 1040ms
571ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463572:1704480297/Recalde.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=2731b8e

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

7deda1c39954d6f7cfd176868e6558aaaa6f941d0a118be674d30c04fb443ae9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT
x-cache: MISS
x-original-image-width: 1280
x-original-image-height: 853
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463572:1704480297/Recalde.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=2731b8e
server: gocache
etag: W/"policy:1.3463572:1704480297"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:02 GMT

GET
H2 200 Policia.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463704:1704499859/ 22 KB
22 KB 1133ms
540ms Image
image/webp 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463704:1704499859/Policia.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=4dbef76

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

abbd6d5f068aae28bebddc2ff1ac767a61094c668f3472fb4a82104889b00938

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: optimized
age: 0
x-gocache-cachestatus: HIT
x-cache: MISS
x-original-image-width: 1024
x-original-image-height: 683
x-rendered-image-height: 314
content-length: 22116
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463704:1704499859/Policia.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=4dbef76
server: gocache
etag: W/"policy:1.3463704:1704499859"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/webp
cache-control: max-age=1296000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 08:16:02 GMT

GET
H2 200 Ana-Paula-Arosio.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463632:1704484670/ 22 KB
23 KB 1134ms
536ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463632:1704484670/Ana-Paula-Arosio.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=47b641d

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

d88ed7f285ad93601c7c1a42a3089295e46a73ad65affe1f34f000924621376b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT
x-cache: MISS
x-original-image-width: 600
x-original-image-height: 450
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463632:1704484670/Ana-Paula-Arosio.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=47b641d
server: gocache
etag: W/"policy:1.3463632:1704484670"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:02 GMT

GET
H2 200 diniz.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463640:1704485758/ 17 KB
18 KB 1134ms
537ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463640:1704485758/diniz.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=3bd1d9d

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

de0ac645206f74dd9197dad7e0d7c30eb5b59a7183108b197b22c3277a1d5d26

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT
x-cache: MISS
x-original-image-width: 674
x-original-image-height: 450
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463640:1704485758/diniz.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=3bd1d9d
server: gocache
etag: W/"policy:1.3463640:1704485758"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:02 GMT

GET
H2 200 A-Viagem.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463444:1704468492/ 27 KB
27 KB 1134ms
447ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463444:1704468492/A-Viagem.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=8cd0e89

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

cc39dce33b537a2de2ec395aac9062ac88ced3a39a13d038b9410b80bd7990db

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT
x-cache: MISS
x-original-image-width: 620
x-original-image-height: 420
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463444:1704468492/A-Viagem.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=8cd0e89
server: gocache
etag: W/"policy:1.3463444:1704468492"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:02 GMT

GET
H2 200 Delegacia.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463565:1704480062/ 26 KB
27 KB 1135ms
448ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463565:1704480062/Delegacia.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=b70febc

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

5d75e6b6bc5bbfa6fa2afd985daae315db41763f30c3981aae7958a3437e1988

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 100
x-gocache-cachestatus: HIT
x-cache: HIT
x-original-image-width: 960
x-original-image-height: 540
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463565:1704480062/Delegacia.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=b70febc
server: gocache
etag: W/"policy:1.3463565:1704480062"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:02 GMT

GET
H2 200 Presidio.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463388:1704461797/ 19 KB
20 KB 1135ms
442ms Image
image/webp 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463388:1704461797/Presidio.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=a9e499e

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

d2230c7695f96fbffa2a8e1711c582e3dcb6e136bac033dc98704b82164302b7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: optimized
age: 0
x-gocache-cachestatus: HIT
x-cache: MISS
x-original-image-width: 1280
x-original-image-height: 720
x-rendered-image-height: 314
content-length: 19328
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463388:1704461797/Presidio.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=a9e499e
server: gocache
etag: W/"policy:1.3463388:1704461797"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/webp
cache-control: max-age=1296000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 08:16:02 GMT

GET
H2 200 Frio.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463416:1704463528/ 30 KB
31 KB 1263ms
447ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463416:1704463528/Frio.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=9c36109

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

3d2162445b314f8b5187e9aab513f7f65b8a6f1ae2c911ad812a66b66e9d8975

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 42
x-gocache-cachestatus: HIT
x-cache: HIT
x-original-image-width: 1024
x-original-image-height: 682
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463416:1704463528/Frio.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=9c36109
server: gocache
etag: W/"policy:1.3463416:1704463528"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:02 GMT

GET
H2 200 Luiz-Menezes.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463398:1704462211/ 28 KB
29 KB 1711ms
443ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463398:1704462211/Luiz-Menezes.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=f67097c

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

a04cd7a62992df85368e1b445cdd555b394779dd4242e14877cfba103d0bcff0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT
x-cache: MISS
x-original-image-width: 1280
x-original-image-height: 853
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463398:1704462211/Luiz-Menezes.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=f67097c
server: gocache
etag: W/"policy:1.3463398:1704462211"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:03 GMT

GET
H2 200 Menina-Pimenta.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463313:1704452538/ 27 KB
28 KB 1711ms
442ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463313:1704452538/Menina-Pimenta.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=46fc391

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

3b34383246d1feb438171b37cc5e2dce02114953d3a9749952980c10566321ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT
x-cache: MISS
x-original-image-width: 1016
x-original-image-height: 502
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463313:1704452538/Menina-Pimenta.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=46fc391
server: gocache
etag: W/"policy:1.3463313:1704452538"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:03 GMT

GET
H2 200 Futura-unidade-do-Grupo-Mateus-na-Aldeota.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3460575:1703772024/ 28 KB
29 KB 1712ms
443ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3460575:1703772024/Futura-unidade-do-Grupo-Mateus-na-Aldeota.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=bd3df5e

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

05c7441247d8f700e8d12fa47d6b88f7e028ef9b28bc9549e713c854ba3add81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 11
x-gocache-cachestatus: HIT
x-cache: HIT
x-original-image-width: 1600
x-original-image-height: 1066
x-rendered-image-height: 314
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3460575:1703772024/Futura-unidade-do-Grupo-Mateus-na-Aldeota.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=bd3df5e
server: gocache
etag: W/"policy:1.3460575:1703772024"
x-rendered-image-width: 418
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:03 GMT

GET
H2 200 jquery-1.11.0.min.js Show response
code.jquery.com/ 94 KB
33 KB 70ms
21ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.0.min.js
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 9625164
x-cache: MISS, HIT
content-length: 33357
x-served-by: cache-lga21931-LGA, cache-fra-etou8220086-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1704528962.695165,VS0,VE0
etag: W/"28feccc0-1787d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 0, 9768

GET
H2 200 jquery-migrate-1.2.1.min.js Show response
code.jquery.com/ 7 KB
3 KB 70ms
20ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 9625166
x-cache: HIT, HIT
content-length: 3063
x-served-by: cache-lga21931-LGA, cache-fra-etou8220086-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1704528962.695112,VS0,VE0
etag: W/"28feccc0-1c1f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 3, 10761

GET
H2 200 com.atex.gong.paywall.membership.js Show response
diariodonordeste.verdesmares.com.br/js/ 6 KB
2 KB 374ms
366ms Script
text/javascript 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/js/com.atex.gong.paywall.membership.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

494ef673cae9df9d1c8e677e6c24c99241f709a9ef150373687ad20d18500881

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
x-cache-rule: YES with ttl: 3600.000 /js/com.atex.gong.paywall.membership.js
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 21 Dec 2023 03:56:46 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 493
etag: W/"5908-1703131006000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/javascript
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 index.js Show response
diariodonordeste.verdesmares.com.br/apps/morpheus/vanilla/dist/ 136 KB
35 KB 680ms
680ms Script
text/javascript 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/apps/morpheus/vanilla/dist/index.js?v=1.56.0

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

7e8af219d39c1874b3743a3f2ff3670b764b3733db2391be86f284575562a1e9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
last-modified: Thu, 21 Dec 2023 03:56:46 GMT
x-cacheable: NO
server: gocache
age: 0
etag: W/"139761-1703131006000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: MISS
content-type: text/javascript
x-gocache-cachestatus: REVALIDATED
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 index.js Show response
diariodonordeste.verdesmares.com.br/apps/diario-do-nordeste/static/scripts/ 13 KB
4 KB 681ms
680ms Script
text/javascript 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/apps/diario-do-nordeste/static/scripts/index.js?v=0.5.0

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

68d5359f369dbe89ab3504391fccf4e3dc534abebe4431d8e105833d2ad36165

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-cacheable: YES
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 6
x-gocache-cachestatus: HIT
x-cache: HIT
x-cache-rule: YES with ttl: 10.000 /apps/diario-do-nordeste/static/scripts/index.js?v=0.5.0
last-modified: Thu, 21 Dec 2023 03:56:46 GMT
server: gocache
etag: W/"13283-1703131006000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: text/javascript
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 web-components.esm.js Show response
diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/ 5 KB
2 KB 903ms
903ms Script
text/javascript 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/web-components.esm.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

174311aeecbe9b3ac728199fefbf349859785250c49c45951b6f3b180668c4ce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
x-cache-rule: YES with ttl: 3600.000 /apps/morpheus/web-components/dist/web-components/web-components.esm.js
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 21 Dec 2023 03:56:46 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 984
etag: W/"5055-1703131006000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/javascript
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 CAPA%20050124.jpeg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463729:1704509731/ 41 KB
42 KB 1712ms
444ms Image
image/jpeg 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3463729:1704509731/CAPA%20050124.jpeg?h=496&w=340&$p$h$w=478a53b

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

5276824bcd884e7f39035f625c3748a07c3c10748054717a4b202e5071eec07d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-gocache-image: unmodified
age: 0
x-gocache-cachestatus: HIT
x-cache: MISS
x-original-image-width: 1094
x-original-image-height: 1600
x-rendered-image-height: 496
x-cache-rule: YES with ttl: 3600.000 /image/contentid/policy:1.3463729:1704509731/CAPA%20050124.jpeg?h=496&w=340&$p$h$w=478a53b
server: gocache
etag: W/"policy:1.3463729:1704509731"
x-rendered-image-width: 339
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type: image/jpeg
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:03 GMT

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 14 KB
5 KB 123ms
42ms Script
application/javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 20:59:24 GMT
server: cloudflare
age: 1805
etag: W/"642de12c-36d1"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 8412843ad9ce9067-FRA
expires: Sat, 06 Jan 2024 08:45:55 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/ 376 KB
52 KB 69ms
21ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c088c360f079039bda4967beba79b1caaf126da534ac7f7e2b6baf34acdf263

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: fJdyxCBrErH1RZDfcR904ZMOZCDUjJv1
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 Jan 2024 08:16:01 GMT
x-amz-request-id: 2ART05SZHJJ3H955
age: 47
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 52517
x-amz-id-2: 63gHVY01E9ddhq0QppvREcSeZ5iQuVhX20ReXPMia5GInGuFPBQdx2YEUI/VI4O0SVIW2JuG4Hw=
x-served-by: cache-fra-etou8220038-FRA
last-modified: Thu, 04 Jan 2024 11:44:42 GMT
server: AmazonS3
x-timer: S1704528962.698266,VS0,VE1
etag: "8735a00148a5f70e6dd8634dfad535f8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 98
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 286 KB
97 KB 93ms
42ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d0a0436aa0d474bb9cfaa49ab617b635f6ccf57e6815d3ad350bfd427268af0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98958
x-xss-protection: 0
last-modified: Sat, 06 Jan 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 06 Jan 2024 08:16:01 GMT

GET
H2 200 newsroom.js Show response
c2.taboola.com/nr/diariodonordeste-diariodonordeste/ 60 KB
18 KB 81ms
21ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.taboola.com/nr/diariodonordeste-diariodonordeste/newsroom.js
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33b9412580991bedd119a35b9cdeade7f98aa46f1e30cc8cf3c107b60c44aed9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 Jan 2024 08:16:01 GMT
x-amz-request-id: 89T45T47NPN1QMFZ
age: 47
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17547
x-amz-id-2: N+eN+Kiz9fmbrQpA5j+R8dDPeFxQK8MwoxsrP7ezWZZLoe1zpCPFHb4QemUp6PYg4r145S9zxiw=
x-served-by: cache-fra-etou8220025-FRA
last-modified: Thu, 03 Aug 2023 20:34:47 GMT
server: AmazonS3
x-timer: S1704528962.711305,VS0,VE2
etag: "d89efb7d8e608969a82595f2f3a2ea49"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 QapS58_46_U Show response
www.youtube.com/embed/ Frame F015 92 KB
39 KB 151ms
82ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

837ee9aaba71278b67b61dcd736521ed2e3f1595b607f62b6c3c709ba261d35f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 08:16:01 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 OsCp2pYT2_A Show response
www.youtube.com/embed/ Frame 84C0 93 KB
41 KB 142ms
73ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

316d109b2e29015436e85e9b265d4259d42d0abf661d3268db746f4a8493a5b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 08:16:01 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 2pR204OZkqw Show response
www.youtube.com/embed/ Frame DB8C 93 KB
40 KB 182ms
114ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5471308ad1a101670136d6ac7024729d228d6b9d965329b9c2b5657068ba4011

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 08:16:01 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 remixicon.woff2
cdn.jsdelivr.net/npm/remixicon@3.5.0/fonts/ 140 KB
141 KB 55ms
31ms Font
font/woff2 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/remixicon@3.5.0/fonts/remixicon.woff2?t=1690730386070

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/remixicon@3.5.0/fonts/remixicon.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0d0b7e5101a1b8a54268b9188da520d19d74df9b35714a8ddb5987fad990591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/remixicon@3.5.0/fonts/remixicon.css
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3291463
x-jsd-version: 3.5.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 143720
x-served-by: cache-fra-eddf8230045-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"23168-v1UW3MYZ+EWM8MIIc0fjGC2QYss"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OlZs8vPyQLx76BV%2B1ZiZzse32rVZ6MGms%2FJBVuIOO3z5iiIiHBuR4OAJ24eePsznNP7ScAwyFePtsTl7IPqbEB2gm6HjYF1%2FtpKF%2FxdyattY2DNr5%2BpoFRdsGbjkBSuph2a71RwIlWTJO%2FUOaUA%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8412843a8a3437d1-FRA

GET
H2 200 RobotoCondensed-Bold.woff2
diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/fonts/RobotoCondensed/ 15 KB
16 KB 581ms
438ms Font
text/html 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/fonts/RobotoCondensed/RobotoCondensed-Bold.woff2

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/styles/morpheus.css?v=1.0.39

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

8f428971557af529ec0843e025e70f8e642859b4fed2f2cf0134f16f97bf6910

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/styles/morpheus.css?v=1.0.39
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
x-cache-rule: YES with ttl: 2592000.000 /css/diario/assets/morpheus/fonts/RobotoCondensed/RobotoCondensed-Bold.woff2
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 24 Jul 2023 18:41:10 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 353572
etag: W/"15640-1690224070000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/html;charset=utf-8
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 RobotoCondensed-Regular.woff2
diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/fonts/RobotoCondensed/ 15 KB
16 KB 581ms
438ms Font
text/html 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/fonts/RobotoCondensed/RobotoCondensed-Regular.woff2

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/styles/morpheus.css?v=1.0.39

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

437c424ae2c33178b013590e4fc99f8584edc9893d9276067ef9f9c774d68f9f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/styles/morpheus.css?v=1.0.39
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
x-cache-rule: YES with ttl: 2592000.000 /css/diario/assets/morpheus/fonts/RobotoCondensed/RobotoCondensed-Regular.woff2
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 24 Jul 2023 18:41:10 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 353562
etag: W/"15720-1690224070000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/html;charset=utf-8
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 ArdinaText-Bold.woff2
diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/fonts/ArdinaText/ 19 KB
20 KB 581ms
438ms Font
text/html 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/fonts/ArdinaText/ArdinaText-Bold.woff2

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/styles/morpheus.css?v=1.0.39

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

f5baa4d60470a8a53017733f8489c66411d0b65af7883d73c22ac1c949478c35

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/styles/morpheus.css?v=1.0.39
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
x-cache-rule: YES with ttl: 2592000.000 /css/diario/assets/morpheus/fonts/ArdinaText/ArdinaText-Bold.woff2
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 24 Jul 2023 18:41:10 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 353496
etag: W/"19260-1690224070000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/html;charset=utf-8
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:01 GMT

GET
H2 200 icofont.woff2
diariodonordeste.verdesmares.com.br/static/assets/fonts/icofont/ 525 KB
527 KB 677ms
534ms Font
text/html 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/static/assets/fonts/icofont/icofont.woff2

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/static/assets/styles/base.css?v=1.0.39

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

b8683d861b8449eaa346c46cfa609c2142c0e505e41615aee70096c6e31e919e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/static/assets/styles/base.css?v=1.0.39
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
x-cache-rule: YES with ttl: 3600.000 /static/assets/fonts/icofont/icofont.woff2
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 24 Jul 2023 18:41:10 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 3394
etag: W/"537868-1690224070000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/html;charset=utf-8
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:02 GMT

GET
H2 200 ArdinaText-Medium.woff2
diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/fonts/ArdinaText/ 19 KB
19 KB 804ms
445ms Font
text/html 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/fonts/ArdinaText/ArdinaText-Medium.woff2

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/styles/morpheus.css?v=1.0.39

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

3f78db732fd67cee6fbe4b219ebfec4f4ddefa9d83080fe6019a291071609f33

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/styles/morpheus.css?v=1.0.39
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
x-cache-rule: YES with ttl: 2592000.000 /css/diario/assets/morpheus/fonts/ArdinaText/ArdinaText-Medium.woff2
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 24 Jul 2023 18:41:10 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 353484
etag: W/"19032-1690224070000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/html;charset=utf-8
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:02 GMT

GET
H2 200 ilabspush.min.js Show response
cdn.pn.vg/push/ 237 KB
63 KB 33ms
33ms Script
application/javascript 2606:4700:20::681a:1ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/ilabspush.min.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/sites/187307e1-8c37-4991-9aaa-71c2299dcc50.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e52de34ed636085ead8598c90ef5ac802d5cd018542099e4d15e6aad41c07ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P5
age: 76
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 05 Jan 2024 20:13:36 GMT
server: cloudflare
etag: W/"4c1401c852c2c2cc476f10fe6fc44c9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2F%2B6ottgP1JyenfZqjiYbfE7O8R8hdrDW1QSKIPk8vuxbJ6D8u96ojNhelOYf1xjhD7uMVYmlm%2FkkJSOiN5vvMeFv4hJHBTVAviQp6xTCyzR3kJWISbxeC1U%2BdML6ThAPuyqHSsvjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 8412843aca2e36e0-FRA
x-amz-cf-id: elcSKKAv5JhDpUoJ1dx6bmBfonVbKdykL9dRBfo_lUM8DYrgHV4_aA==

GET
H2 200 load.js Show response
pm-widget.taboola.com/diariodonordeste-diariodonordeste/ 3 KB
1 KB 56ms
52ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/diariodonordeste-diariodonordeste/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af6d94040de81bc27c76495dc92561955e86639b6ed7923c1ea4b08b9f235892

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: bkH1kQGAPSAYA_41mibKtE4DXOd5bIYd
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 Jan 2024 08:16:01 GMT
x-amz-request-id: VYN952JYEWBTMKTS
age: 1417
x-cache: HIT
content-length: 1173
x-amz-id-2: HVhx/bU8Fi/F7luuuMRm+hNGOOk0xCVzTVqWxntMxiRQbbkpHlP0e6u5Hbu3qOpbuYbPLstdfOc=
x-served-by: cache-fra-etou8220038-FRA
last-modified: Fri, 29 Sep 2023 10:44:20 GMT
server: AmazonS3
x-timer: S1704528962.765766,VS0,VE1
etag: "3f1b76f3bde3baa4a0887f571d8c7fd1"
vary: Accept-Encoding,
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 impl.20240104-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ 833 KB
173 KB 21ms
19ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20240104-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: d48838c5cb12eedc7ddecf68684fdf8a6692818d80bbfb86437d7f4e2d0ad1c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: wgSKbKxiT2.bVgTpAIeE4skihedLcyMc
content-encoding: br
via: 1.1 varnish
date: Sat, 06 Jan 2024 08:16:01 GMT
x-amz-request-id: 6G041TYX4PGD5MJ7
age: 19674
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 176440
x-amz-id-2: cqOS2auUmW77R3KIsj+h+zLPwsD3nPiSui82wKyYcOw+qJFxa3/4KHcsCFp2MpEkGfDrsPK4BFM=
x-served-by: cache-fra-etou8220038-FRA
last-modified: Thu, 04 Jan 2024 10:40:18 GMT
server: AmazonS3-br
x-timer: S1704528962.764978,VS0,VE0
etag: "5d1a26d82acd8ece5d0bca4d478ba6c9"
vary: Accept-Encoding
content-type: application/javascript
abp: 76
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 27715

GET
H2 200 82438 Show response
tag.navdmp.com/u/ 500 B
507 B 162ms
162ms Script
application/javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/82438
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6cdf488e01c52018c72e669f38948ef1b3f44463428e6f2fd87c1d77ca77c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 25 May 2022 11:58:12 GMT
server: cloudflare
etag: W/"628e19d4-1f4"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 8412843b19e99067-FRA
expires: Sat, 06 Jan 2024 09:16:01 GMT

GET
H2 200 pushnews-sw.js Show response
diariodonordeste.verdesmares.com.br/ 95 B
803 B 545ms
535ms Fetch
text/javascript 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/pushnews-sw.js

Requested by

Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

1e55ff825d7664e533f64f8430a9782e343bf2b4f000dd7e230a6b01a7495a61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
x-cache-rule: YES with ttl: 3600.000 /pushnews-sw.js
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 24 Jul 2023 18:41:10 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 68
etag: W/"95-1690224070000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/javascript
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:02 GMT

GET
H2 200 get-action Show response
nr-events.taboola.com/newsroom/1.0/diariodonordeste-diariodonordeste/ 132 B
229 B 215ms
30ms Script
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nr-events.taboola.com/newsroom/1.0/diariodonordeste-diariodonordeste/get-action?page.url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&view.id=149606455803278111&page.template=home&page.dashboard=home
Requested by: Host: c2.taboola.com
URL: https://c2.taboola.com/nr/diariodonordeste-diariodonordeste/newsroom.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 86d7042ac9fa4c20b28568cfd9a87e6d428c6f2aa21a0346c8ab51b887f23b1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: cache-fra-etou8220038-FRA
tbl-x-upstream: 10.45.40.105:80
date: Sat, 06 Jan 2024 08:16:01 GMT
via: 1.1 varnish
server: nginx
x-timer: S1704528962.986628,VS0,VE11
x-cache: MISS
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
accept-ranges: bytes
content-length: 132
x-application-context: front-page-event-server:production
x-cache-hits: 0

GET
H2 200 www-player.css
www.youtube.com/s/player/4fd50162/ Frame F015 358 KB
47 KB 32ms
30ms Stylesheet
text/css 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:49:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5191
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47439
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Jan 2025 06:49:30 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/4fd50162/ Frame 84C0 358 KB
46 KB 39ms
38ms Stylesheet
text/css 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:49:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5191
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47439
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Jan 2025 06:49:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F015 15 KB
16 KB 73ms
19ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 118145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F015 15 KB
15 KB 78ms
24ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 388710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 20:17:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 84C0 15 KB
15 KB 95ms
43ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 118145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 84C0 15 KB
15 KB 101ms
49ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 388710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 20:17:31 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 84C0 52 KB
16 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3356f0f5569f8ef558651670486b10b673b2bbce268a8f265812b3820ebad28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258661
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16407
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:25:00 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/4fd50162/www-embed-player.vflset/ Frame 84C0 322 KB
96 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4956
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98534
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Jan 2025 06:53:25 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 84C0 2 MB
771 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f889ab9b9138135d594a5da3ad215533462f6007ef0c8ce4c1ac6f9f0e5c4885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:24:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788601
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:24:58 GMT

GET
H2 200 marfeel-sdk.js Show response
sdk.mrf.io/statics/ 156 KB
45 KB 163ms
64ms Script
application/javascript 2606:4700:3033::ac43:9fa2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=391
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7f6e2585f4bb89f9d5c4bf0bfdf2d8637fd97a0818ca76fe281eb7229e8fbf6

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 60
x-envoy-upstream-service-time: 9
alt-svc: h3=":443"; ma=86400
content-length: 45824
x-response-time: 1ms
last-modified: Sat, 06 Jan 2024 08:15:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 8412843c29666fac-CDG

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3DESQCJNQ5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a82ecc21c6a4028efec42895f0720260452979e0f5dff2fa24f2b7ec982d3d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93743
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 06 Jan 2024 08:16:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 73ms
22ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 06 Jan 2024 07:22:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3216
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 06 Jan 2024 09:22:25 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 63ms
21ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fefd09307baf0332b143c3c14fb6851c10e354362510d85a0c43d7e3c479093c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 06 Jan 2024 08:16:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54345
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: mIe+7rHwOmc1h8ZV9NepnRQc39HSlpe+z8cqBYBUu3yjhb24oLsR7j4/dcwOS9kCYqUJuDJCLXypFHef0sbT5g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1008543156/ 3 KB
2 KB 108ms
60ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1008543156/?random=1704528961829&cv=11&fst=1704528961829&bg=ffffff&guid=ON&async=1&gtm=45He4130v71506129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&auid=279987347.1704528962&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a6c12c83fffe29c044e850a40049dac7929d3e1a63531d4f8577532844ac6c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1008543156/ 3 KB
2 KB 133ms
60ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1008543156/?random=1704528961831&cv=11&fst=1704528961831&bg=ffffff&guid=ON&async=1&gtm=45He4130v71506129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&label=3CIuCPmA3_sYELTL9OAD&hn=www.googleadservices.com&frm=0&tiba=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&value=0&bttype=purchase&auid=279987347.1704528962&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

418bf2148df3ca2470fc7c285de7f0dc54877530d4ed69843d8e37feb93df985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1677
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/20663921/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

22ms
22ms

Script
application/javascript

13.32.99.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Server: 13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-23.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 07:03:29 GMT
content-encoding: gzip
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:02:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 5990
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 73IBSwZFLc4gaiJnbX7dDEX7vyJYgcdjUcfW-0TEkQ-aKbsqMKEQ1w==

Redirect headers

date: Sat, 06 Jan 2024 08:16:01 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: 0LJOmNR8js5dGIDoFTwY11NXLcXqfDsHOPg3EASV3e2OVR9FyFxQTw==

GET
H2 200 embed.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame F015 52 KB
16 KB 62ms
60ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3356f0f5569f8ef558651670486b10b673b2bbce268a8f265812b3820ebad28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258661
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16407
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:25:00 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/4fd50162/www-embed-player.vflset/ Frame F015 322 KB
96 KB 63ms
61ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4956
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98534
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Jan 2025 06:53:25 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame F015 2 MB
771 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f889ab9b9138135d594a5da3ad215533462f6007ef0c8ce4c1ac6f9f0e5c4885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:24:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788601
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:24:58 GMT

GET
H2 204 notify-impression
nr-events.taboola.com/newsroom/1.0/diariodonordeste-diariodonordeste/ 0
228 B 171ms
29ms Image
text/plain 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nr-events.taboola.com/newsroom/1.0/diariodonordeste-diariodonordeste/notify-impression?page.url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&view.id=149606455803278111&page.template=home&page.dashboard=home
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: cache-fra-etou8220038-FRA
tbl-x-upstream: 10.45.4.241:80
date: Sat, 06 Jan 2024 08:16:01 GMT
via: 1.1 varnish
server: nginx
x-timer: S1704528962.986520,VS0,VE10
x-cache: MISS
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
accept-ranges: bytes
x-application-context: front-page-event-server:production
x-cache-hits: 0

GET
H2 200 www-player.css
www.youtube.com/s/player/4fd50162/ Frame DB8C 358 KB
46 KB 64ms
64ms Stylesheet
text/css 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:49:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5191
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47439
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Jan 2025 06:49:30 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame DB8C 52 KB
16 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3356f0f5569f8ef558651670486b10b673b2bbce268a8f265812b3820ebad28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258661
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16407
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:25:00 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/4fd50162/www-embed-player.vflset/ Frame DB8C 322 KB
96 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4956
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98534
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Jan 2025 06:53:25 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame DB8C 2 MB
771 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f889ab9b9138135d594a5da3ad215533462f6007ef0c8ce4c1ac6f9f0e5c4885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:24:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788601
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:24:58 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
303 B 107ms
34ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240104-7-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 267922
expires: 60

GET
H2 200 json Show response
trc.taboola.com/diariodonordeste-diariodonordeste/trc/3/ 40 KB
11 KB 821ms
806ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/diariodonordeste-diariodonordeste/trc/3/json?tim=09%3A16%3A01.903&lti=deflated&data=%7B%22id%22%3A8%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1704368680019%2C%22vi%22%3A1704528961901%2C%22cv%22%3A%2220240104-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A9307%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-a-home%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22cd%22%3A9275.203125%2C%22mw%22%3A1248%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2CBelow%20Homepage%20Thumbnails%3Dthumbnails-a-home%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240104-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fe194ee11d11bf375746aa8ea0ac85392fecda94bbde316ba41df049103b2a59

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 787
date: Sat, 06 Jan 2024 08:16:02 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.625625
x-fastly-to-nlb-rtt: 7265
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220038-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1704528962.927406,VS0,VE787
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DB8C 15 KB
15 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 118145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DB8C 15 KB
15 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 388710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 20:17:31 GMT

GET
H2 200 pmk-20220605.3.js Show response
pm-widget.taboola.com/diariodonordeste-diariodonordeste/ 79 KB
22 KB 69ms
22ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/diariodonordeste-diariodonordeste/pmk-20220605.3.js
Requested by: Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/diariodonordeste-diariodonordeste/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 85d47174e25b459f63b552a828429a8fdfc0c0f92c9506098ca5e3685b9d7ed0

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: pSbDLMfkakxCvOMNDWiYBlgszh1UGlZr
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 Jan 2024 08:16:01 GMT
x-amz-request-id: 9ZN9G3XWH5KXFX43
age: 173047
x-cache: HIT
content-length: 22194
x-amz-id-2: +rN46Tbl1spTR+r+x9AnsPSE8ifBQ1DUnBm/ZyLD6cWiOky+V5NvpaftMciPnItNEmUD9NNXZIU=
x-served-by: cache-fra-eddf8230107-FRA
last-modified: Fri, 29 Sep 2023 10:44:19 GMT
server: AmazonS3
x-timer: S1704528962.987113,VS0,VE0
etag: "d7fcc5be7a092b7e78615ca8b1975441"
vary: Accept-Encoding, ,Origin
access-control-allow-methods: GET,POST,PUT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 32

POST
H2 204 bulk-metrics Show response
trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/ 0
260 B 141ms
31ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240104-7-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
pragma: no-cache
date: Sat, 06 Jan 2024 08:16:02 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ 436 KB
137 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 11:32:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74628
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140253
x-xss-protection: 0
server: cafe
etag: 11435206252018266965
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 04 Jan 2025 11:32:13 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
222 B 29ms
29ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=249999724&t=pageview&_s=1&dl=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&ul=en-us&de=UTF-8&dt=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1670248417&gjid=2474971&cid=715184042.1704528962&tid=UA-41498495-1&_gid=296939820.1704528962&_r=1&_slc=1&gtm=45He4130n715XXKK2v71506129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1958390149

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
267 B 77ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3DESQCJNQ5&gtm=45je4130v871351496z871506129&_p=1704528961635&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=715184042.1704528962&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704528961&sct=1&seg=0&dl=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&dt=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&en=page_view&_fv=1&_ss=1&tfd=3485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3DESQCJNQ5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 88ms
30ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3DESQCJNQ5&cid=715184042.1704528962&gtm=45je4130v871351496z871506129&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3DESQCJNQ5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 80ms
31ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3DESQCJNQ5&cid=715184042.1704528962&gtm=45je4130v871351496z871506129&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1567762802

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 842108531251252 Show response
connect.facebook.net/signals/config/ 131 KB
34 KB 147ms
146ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/842108531251252?v=2.9.139&r=stable&domain=diariodonordeste.verdesmares.com.br

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8df4928a6d83ecb898c23be4498546932ca8866f2f6d5d4507d708d996432427

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 06 Jan 2024 08:16:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: c6WFwbUa7qVtuvXegGDcTJWPTCJd5LIIxWSJ/Eizte2pDfqK86WxvXYoRRm+bwaXOWowLWWXWb9g/OLW05vttA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ 359 B
475 B 188ms
178ms Script
application/javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=9&acc=82438&u=1&new=1&wst=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad1174bc478c9b4cb09057c396593697ffb86269deae828756c09f96835d7487

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Sat, 06 Jan 2024 08:16:02 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 8412843caacc9067-FRA
expires: Sat, 06 Jan 2024 09:16:02 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1008543156/ 42 B
455 B 80ms
33ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1008543156/?random=1704528961829&cv=11&fst=1704528000000&bg=ffffff&guid=ON&async=1&gtm=45He4130v71506129&u_w=1600&u_h=1200&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&frm=0&tiba=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_SUcqQ198fC4rurF9Y3FU-O1vYfOUqQ&random=1527430492&rmt_tld=0&ipr=y

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1008543156/ 42 B
154 B 65ms
34ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1008543156/?random=1704528961829&cv=11&fst=1704528000000&bg=ffffff&guid=ON&async=1&gtm=45He4130v71506129&u_w=1600&u_h=1200&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&frm=0&tiba=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_SUcqQ198fC4rurF9Y3FU-O1vYfOUqQ&random=1527430492&rmt_tld=1&ipr=y

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
362 B 57ms
29ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-41498495-1&cid=715184042.1704528962&jid=1670248417&gjid=2474971&_gid=296939820.1704528962&_u=YEBAAEAAAAAAACAAI~&z=1653357314

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 06 Jan 2024 08:16:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame F015
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
159 B

29ms
29ms

XHR
application/json

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE

Protocol

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb78163521beea3e3fb6de4db8a372aa54ca8802059320c05c851439b9a22058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 06 Jan 2024 08:16:02 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame F015 29 B
495 B 70ms
21ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:06:11 GMT
x-content-type-options: nosniff
age: 591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Jan 2024 08:21:11 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 84C0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
159 B

31ms
31ms

XHR
application/json

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz

Protocol

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c52aa6e62e0a6d916f3e2e9204370a95d04df4f9f5b56441b26e27210b7d7ae6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 06 Jan 2024 08:16:02 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 84C0 29 B
89 B 63ms
22ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:06:11 GMT
x-content-type-options: nosniff
age: 591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Jan 2024 08:21:11 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame DB8C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
159 B

29ms
29ms

XHR
application/json

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z

Protocol

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae48bd9ebc12cc04ab966589cbae4d4b8297f5a8e809480653aabe7decca22f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 06 Jan 2024 08:16:02 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame DB8C 29 B
89 B 56ms
22ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:06:11 GMT
x-content-type-options: nosniff
age: 591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Jan 2024 08:21:11 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 82ms
27ms Preflight
text/html 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 06 Jan 2024 08:16:02 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F015 86 KB
40 KB 36ms
36ms XHR
application/json+protobuf 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e1aeaf09ef1b611cdf60a20c17b08f6490c6c1d5aca5da6b6fd4f75a533fab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40760
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame F015 116 KB
33 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973d937f69f428e851085e61e90eccfbb4ba39dab2ccdb303fcf08fa3fbd9dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:24:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33708
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:24:59 GMT

GET
H2 200 1xEiQfu-UCiwbMaFnr-G2Uzcd5udG06umsh6raawdbQ.js Show response
www.google.com/js/th/ Frame F015 50 KB
20 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/1xEiQfu-UCiwbMaFnr-G2Uzcd5udG06umsh6raawdbQ.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7112241fbbe5028b06cc6859ebf86d94cdc779b9d1b4eae9ac87aada6b075b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:13:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 223339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19870
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 18:13:43 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/QapS58_46_U/ Frame F015 53 KB
53 KB 97ms
31ms Image
image/jpeg 2a00:1450:4001:82f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/QapS58_46_U/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e193e694bd5cb3b61e7c7a0a51f37e2422326b5363ee1081cd4904893f7ceee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53934
x-xss-protection: 0
server: sffe
etag: "1704401534"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 06 Jan 2024 08:21:02 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 22ms
21ms Image
text/plain 13.32.99.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=20663921&cs_fpcu=88e6f3f5ac09439ea6afd7262a827a22&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1704528962103&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&c8=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&c9=
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-23.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: NXqiMlaYhapFYaJyQR2cXA8nv_84-ilC8DIB0YQFbIZ59WmsBZejyA==
x-cache: Miss from cloudfront

GET
H2

200

/
www.google.de/pagead/1p-conversion/1008543156/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1008543156/?random=440983863&cv=11&fst=1704528961831&bg=ffffff&guid=ON&async=1&gtm=45He4130v71506129&gcd=11l1l1l1l1&dma_cps=sypham&d...
https://www.google.com/pagead/1p-conversion/1008543156/?random=440983863&cv=11&fst=1704528961831&bg=ffffff&guid=ON&async=1&gtm=45He4130v71506129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=120...
https://www.google.de/pagead/1p-conversion/1008543156/?random=440983863&cv=11&fst=1704528961831&bg=ffffff&guid=ON&async=1&gtm=45He4130v71506129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200...

42 B
108 B

36ms
36ms

Image
image/gif

2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1008543156/?random=440983863&cv=11&fst=1704528961831&bg=ffffff&guid=ON&async=1&gtm=45He4130v71506129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&label=3CIuCPmA3_sYELTL9OAD&hn=www.googleadservices.com&frm=0&tiba=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&value=0&auid=279987347.1704528962&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0pIa3JBWVEwYjNycDhyX3E0by1FaVVBWnZ4MjRCeVRUSmp3bTZsNE5sRl85QmVIeUs1Z05SYW5fUTFFVTJmeDNWakEtX0tIGldDaEFJZ0pIa3JBWVFfLXZZbE5MWTF2MFBFaTBBVDFEd1NyQm0xRmZ1Wm5XTnRCUTVJM0MyTXlUWERERHdPSWdRczJHUWNaU3dFRzkxNFJrejRYTXd6RHciEwiCkKSaqciDAxUgzTsCHUYXBiQ&is_vtc=1&ocp_id=QQyZZcLrOKCa78EPxq6YoAI&cid=CAQSKQAvHhf_ceoGRLAYSrrERDRdG0xVKk8bzZo_QrgfWqDY5-Ni6-OZB2fy&eitems=ChAIgJHkrAYQ_cuBsKO19_JTEh0AWMIr8MxxqXHxXkJiYyjn5S2h2-Yqbsj_Pa14Pg&random=1375013316&ipr=y

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1008543156/?random=440983863&cv=11&fst=1704528961831&bg=ffffff&guid=ON&async=1&gtm=45He4130v71506129&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&label=3CIuCPmA3_sYELTL9OAD&hn=www.googleadservices.com&frm=0&tiba=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&value=0&auid=279987347.1704528962&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0pIa3JBWVEwYjNycDhyX3E0by1FaVVBWnZ4MjRCeVRUSmp3bTZsNE5sRl85QmVIeUs1Z05SYW5fUTFFVTJmeDNWakEtX0tIGldDaEFJZ0pIa3JBWVFfLXZZbE5MWTF2MFBFaTBBVDFEd1NyQm0xRmZ1Wm5XTnRCUTVJM0MyTXlUWERERHdPSWdRczJHUWNaU3dFRzkxNFJrejRYTXd6RHciEwiCkKSaqciDAxUgzTsCHUYXBiQ&is_vtc=1&ocp_id=QQyZZcLrOKCa78EPxq6YoAI&cid=CAQSKQAvHhf_ceoGRLAYSrrERDRdG0xVKk8bzZo_QrgfWqDY5-Ni6-OZB2fy&eitems=ChAIgJHkrAYQ_cuBsKO19_JTEh0AWMIr8MxxqXHxXkJiYyjn5S2h2-Yqbsj_Pa14Pg&random=1375013316&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 39ms
29ms Preflight
text/html 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 06 Jan 2024 08:16:02 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 84C0 87 KB
40 KB 61ms
61ms XHR
application/json+protobuf 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a029e2549551bef98a5aa0b21c4bab1be59767ee01456219b4fc4ad5106552ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40989
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 84C0 116 KB
33 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973d937f69f428e851085e61e90eccfbb4ba39dab2ccdb303fcf08fa3fbd9dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:24:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33708
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:24:59 GMT

GET
H2 200 1xEiQfu-UCiwbMaFnr-G2Uzcd5udG06umsh6raawdbQ.js Show response
www.google.com/js/th/ Frame 84C0 50 KB
19 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/1xEiQfu-UCiwbMaFnr-G2Uzcd5udG06umsh6raawdbQ.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7112241fbbe5028b06cc6859ebf86d94cdc779b9d1b4eae9ac87aada6b075b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:13:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 223339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19870
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 18:13:43 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/OsCp2pYT2_A/ Frame 84C0 19 KB
19 KB 88ms
64ms Image
image/webp 2a00:1450:4001:82f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/OsCp2pYT2_A/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0cf50d044cad2c23d11f7fa39888aedfccfa55f337df706b54b2cca7cb736e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19206
x-xss-protection: 0
server: sffe
etag: "1704316711"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=300
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 06 Jan 2024 08:21:02 GMT

GET
DATA 200
OK truncated
/ Frame 84C0 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 u7eliXWL0OkdVRYpKJ1VkLAmDmYrBM3D1GuUM8-FEXi9sfs71fn4QMjS-meZukm2Uquh1KfR=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 84C0 2 KB
2 KB 75ms
25ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/u7eliXWL0OkdVRYpKJ1VkLAmDmYrBM3D1GuUM8-FEXi9sfs71fn4QMjS-meZukm2Uquh1KfR=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a3eee885775f74730ef43503e2a686731d4ef88baf70a6894a313789b81417b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:34:47 GMT
x-content-type-options: nosniff
age: 6075
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2148
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 07 Jan 2024 06:34:47 GMT

GET
DATA 200
OK truncated
/ Frame F015 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 nrraxF0s2jKOl6isMlIEzUjbDvkobeirl6UJxK8DnYrLXDJUOOIAbjNlRx3YC7xz3X-zTjr0OA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame F015 3 KB
3 KB 64ms
23ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/nrraxF0s2jKOl6isMlIEzUjbDvkobeirl6UJxK8DnYrLXDJUOOIAbjNlRx3YC7xz3X-zTjr0OA=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7f602f9a56289339e05c21b93cca562e0314d1eb293a8304ae5ce18803470992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 07:18:26 GMT
x-content-type-options: nosniff
age: 3456
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3157
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 07 Jan 2024 07:18:26 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame DB8C 116 KB
33 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973d937f69f428e851085e61e90eccfbb4ba39dab2ccdb303fcf08fa3fbd9dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:24:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33708
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:24:59 GMT

GET
H3 200 1xEiQfu-UCiwbMaFnr-G2Uzcd5udG06umsh6raawdbQ.js Show response
www.google.com/js/th/ Frame DB8C 50 KB
19 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/1xEiQfu-UCiwbMaFnr-G2Uzcd5udG06umsh6raawdbQ.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7112241fbbe5028b06cc6859ebf86d94cdc779b9d1b4eae9ac87aada6b075b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:13:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 223339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19870
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 18:13:43 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/2pR204OZkqw/ Frame DB8C 17 KB
17 KB 47ms
47ms Image
image/webp 2a00:1450:4001:82f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/2pR204OZkqw/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fa506cbf6bc4d331c1041a54489d78e9c9e3e79b17364444e86ac3455760775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16990
x-xss-protection: 0
server: sffe
etag: "1703873332"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 06 Jan 2024 10:16:02 GMT

GET
DATA 200
OK truncated
/ Frame DB8C 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 u7eliXWL0OkdVRYpKJ1VkLAmDmYrBM3D1GuUM8-FEXi9sfs71fn4QMjS-meZukm2Uquh1KfR=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame DB8C 2 KB
2 KB 24ms
24ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/u7eliXWL0OkdVRYpKJ1VkLAmDmYrBM3D1GuUM8-FEXi9sfs71fn4QMjS-meZukm2Uquh1KfR=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a3eee885775f74730ef43503e2a686731d4ef88baf70a6894a313789b81417b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:34:47 GMT
x-content-type-options: nosniff
age: 6075
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2148
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 07 Jan 2024 06:34:47 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 31ms
31ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-41498495-1&cid=715184042.1704528962&jid=1670248417&_u=YEBAAEAAAAAAACAAI~&z=48703169

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
31ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-41498495-1&cid=715184042.1704528962&jid=1670248417&_u=YEBAAEAAAAAAACAAI~&z=48703169

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 ingest.php Show response
events.newsroom.bi/ 50 B
867 B 125ms
33ms XHR
application/json 162.19.96.32
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=391
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.19.96.32 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy05.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-encoding: gzip
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 66

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 28ms
28ms Preflight
text/html 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 06 Jan 2024 08:16:02 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F015 90 B
134 B 30ms
30ms XHR
application/json+protobuf 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

323969430e3f1e853bbc008cad4898ce6022f5367058d3c9d7c9f0a8ba7f405a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 p-b9c201a0.js Show response
diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/ 12 KB
6 KB 564ms
446ms Script
text/javascript 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/p-b9c201a0.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

4228a95f9d422888250bb0c0805b910108a2f8b7bf16ca46b614ac8e3048dea5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/web-components.esm.js
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
x-cache-rule: YES with ttl: 3600.000 /apps/morpheus/web-components/dist/web-components/p-b9c201a0.js
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 05 Oct 2023 00:07:34 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 310
etag: W/"12356-1696464454000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/javascript
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:02 GMT

GET
H2 200 e8n0t8ubqm Show response
www.clarity.ms/tag/ 668 B
1 KB 208ms
111ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/e8n0t8ubqm
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5be4a626530d70eda6e7fa334a6e3d8711f348ed7959d709ba524040967950ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: -1
date: Sat, 06 Jan 2024 08:16:02 GMT
x-azure-ref: 20240106T081602Z-u1pmsrzpft1pbbn3hz2n52hw88000000042000000000n26e
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 668
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H2 200 p.gif
diariodonordeste.verdesmares.com.br/logger/ 43 B
731 B 1135ms
264ms Image
image/gif 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diariodonordeste.verdesmares.com.br/logger/p.gif?d=/2.16447/2.246

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

f3cd5c20a3884bd7cda8eb950adeba86736e8cbf6ae2fa7f84ece1ced383445c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains
x-cacheable: NO:Not-Cacheable
server: gocache
x-gocache-image: optimized
age: 0
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: MISS
content-type: image/gif
x-gocache-cachestatus: EXPIRED, EXPIRED
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Jan 2024 08:16:03 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 27ms
27ms Preflight
text/html 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 06 Jan 2024 08:16:02 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 84C0 90 B
134 B 31ms
30ms XHR
application/json+protobuf 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b99c4abee0d173f31b7eb99958efccb2a9f97792fbccaaf6a2684dc3ce59c0ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 113 KB
46 KB 459ms
459ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4346425991163586&correlator=4488370895547154&eid=31079956%2C31079963%2C31080116&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=1028625%2CSLB3&enc_prev_ius=%2F0%2F1&prev_iu_szs=1100x275%7C1100x110%7C728x90%7C1x1&ifi=1&didk=3484108123&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1704528962397&lmt=1704528962&adxs=250&adys=4464&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&vis=1&psz=1248x0&msz=1100x0&fws=0&ohw=0&ga_vid=715184042.1704528962&ga_sid=1704528962&ga_hid=249999724&ga_fc=true&dlt=1704528960877&idt=1268&prev_scp=test%3Dlazyload&adks=1189619270&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03d6f31f6ae34b7b0fbf7c43f6e29855b93337edf7daefe7ba846de4c7b971ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47400
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6545577c874dddcd4ced99dc6acf5bd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9B57 6 KB
3 KB 109ms
30ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6545577c874dddcd4ced99dc6acf5bd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 08:16:02 GMT
expires: Sun, 05 Jan 2025 08:16:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
12 KB 440ms
440ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4346425991163586&correlator=4488370895547154&eid=31079956%2C31079963%2C31080116&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=1028625%2CSLB1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1100x275%7C1100x110%7C728x90%7C1x1&ifi=2&didk=2191766400&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1704528962404&lmt=1704528962&adxs=250&adys=347&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&vis=1&psz=1416x0&msz=1416x0&fws=0&ohw=0&ga_vid=715184042.1704528962&ga_sid=1704528962&ga_hid=249999724&ga_fc=true&dlt=1704528960877&idt=1268&prev_scp=test%3Dlazyload&adks=3090499511&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4afefd035ecb62737c44709bb0ebee6cb021b5f9173c7bef7325dff54e3cfd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12603
x-xss-protection: 0
google-lineitem-id: 6430281516
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138457937216
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
17 KB 675ms
675ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4346425991163586&correlator=4488370895547154&eid=31079956%2C31079963%2C31080116&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=1028625%2CMP1&enc_prev_ius=%2F0%2F1&prev_iu_szs=360x360%7C360x720%7C300x250%7C1x1&ifi=3&didk=3952535971&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1704528962406&lmt=1704528962&adxs=1064&adys=2703&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&vis=1&psz=360x0&msz=360x0&fws=0&ohw=0&ga_vid=715184042.1704528962&ga_sid=1704528962&ga_hid=249999724&ga_fc=true&dlt=1704528960877&idt=1268&prev_scp=test%3Dlazyload&adks=3950260776&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5738f98721e6cfe08bdfe7f1076333ccf282e60bbf6638dae87deccfe5e1bd63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17729
x-xss-protection: 0
google-lineitem-id: 6465798122
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138460406334
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 55 KB
13 KB 1002ms
1002ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4346425991163586&correlator=4488370895547154&eid=31079956%2C31079963%2C31080116&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=1028625%2CRET1&enc_prev_ius=%2F0%2F1&prev_iu_szs=360x360%7C360x720%7C300x250%7C1x1&ifi=4&didk=4285333354&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1704528962408&lmt=1704528962&adxs=1064&adys=2415&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&vis=1&psz=360x0&msz=360x0&fws=0&ohw=0&ga_vid=715184042.1704528962&ga_sid=1704528962&ga_hid=249999724&ga_fc=true&dlt=1704528960877&idt=1268&prev_scp=test%3Dlazyload&adks=3153593229&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b05225caa438d75d7bc06834688617e47252e74674a6925cec166ec10a86d9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13657
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
18 KB 1570ms
1570ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4346425991163586&correlator=4488370895547154&eid=31079956%2C31079963%2C31080116&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=1028625%2CMP2&enc_prev_ius=%2F0%2F1&prev_iu_szs=360x360%7C360x720%7C300x250%7C1x1&ifi=5&didk=342283315&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1704528962410&lmt=1704528962&adxs=1064&adys=6151&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&vis=1&psz=360x0&msz=360x0&fws=0&ohw=0&ga_vid=715184042.1704528962&ga_sid=1704528962&ga_hid=249999724&ga_fc=true&dlt=1704528960877&idt=1268&prev_scp=test%3Dlazyload&adks=4215569697&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9a9922d324a7b568b7229256b6a5ef0b474a72e5f7ed32f3663a915ba3bbab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17923
x-xss-protection: 0
google-lineitem-id: 6450471822
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138460163305
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 63 KB
14 KB 1824ms
1824ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4346425991163586&correlator=4488370895547154&eid=31079956%2C31079963%2C31080116&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=1028625%2CSLB2&enc_prev_ius=%2F0%2F1&prev_iu_szs=1100x275%7C1100x110%7C728x90%7C1x1&ifi=6&didk=1316692529&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1704528962411&lmt=1704528962&adxs=250&adys=2327&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&vis=1&psz=1248x0&msz=1100x0&fws=0&ohw=0&ga_vid=715184042.1704528962&ga_sid=1704528962&ga_hid=249999724&ga_fc=true&dlt=1704528960877&idt=1268&prev_scp=test%3Dlazyload&adks=117215079&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61c355fcbe0d9a8c86e4e05da4bd3fd1d24947ae69ca3f19793654949bd84dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14080
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 56 KB
14 KB 1333ms
1332ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4346425991163586&correlator=4488370895547154&eid=31079956%2C31079963%2C31080116&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=1028625%2CRET2&enc_prev_ius=%2F0%2F1&prev_iu_szs=360x360%7C360x720%7C300x250%7C1x1&ifi=7&didk=1973987726&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1704528962413&lmt=1704528962&adxs=1064&adys=4632&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&vis=1&psz=360x0&msz=360x0&fws=0&ohw=0&ga_vid=715184042.1704528962&ga_sid=1704528962&ga_hid=249999724&ga_fc=true&dlt=1704528960877&idt=1268&prev_scp=test%3Dlazyload&adks=70853333&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e38036666bfe4a75be27a357445e727ef03e67e2e633442b095279e4dcbfb57e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13850
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
77 B 172ms
164ms Script
application/x-javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=9&id=13edff7565a874516ee84998a010%7C0&acc=82438&tit=Di%25E1rio%2520do%2520Nordeste%2520-%2520%25DAltimas%2520not%25EDcias%2520de%2520Fortaleza%252C%2520Cear%25E1%252C%2520Brasil&url=https%253A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&upd=1&new=1&h1=PONTOPODER
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8412843f5ca29067-FRA
content-length: 6
content-type: application/x-javascript

GET
H2

200

sync Show response
sync2.navdmp.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=85597320549
https://sync2.navdmp.com/sync?prtid=2&id=85597320549&google_gid=CAESEFuYNKr8of-DL3CMu2Mv8lE&google_cver=1

6 B
57 B

174ms
166ms

Script
application/javascript

2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync2.navdmp.com/sync?prtid=2&id=85597320549&google_gid=CAESEFuYNKr8of-DL3CMu2Mv8lE&google_cver=1
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 841284403d399067-FRA
content-length: 6
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync2.navdmp.com/sync?prtid=2&id=85597320549&google_gid=CAESEFuYNKr8of-DL3CMu2Mv8lE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
https://sync.navdmp.com/sync?img=1&mdia=955c6599-0c42-4c00-9981-797155aa0da3

43 B
129 B

173ms
164ms

Image
image/gif

2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?img=1&mdia=955c6599-0c42-4c00-9981-797155aa0da3
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
cf-ray: 84128440fdbc9067-FRA
content-length: 43
content-type: image/gif

Redirect headers

Date: Sat, 06 Jan 2024 08:16:02 GMT
Server: MT3 1237 600843f master iad iad-pixel-x20 config_version:"2224"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://sync.navdmp.com/sync?img=1&mdia=955c6599-0c42-4c00-9981-797155aa0da3
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Sat, 06 Jan 2024 08:16:01 GMT

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58727/
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

0
87 B

27ms
26ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
date: Sat, 06 Jan 2024 08:16:02 GMT
cache-control: no-store
content-type: text/html
server: ATS/9.1.10.94
content-length: 344
content-language: en

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 61ms
20ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=842108531251252&ev=PageView&dl=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&rl=&if=false&ts=1704528962441&sw=1600&sh=1200&v=2.9.139&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.2.1704528962441.1078757894&ler=empty&it=1704528962003&coo=false&tm=1&rqm=GET

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 06 Jan 2024 08:16:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 150
i.pravatar.cc/ 5 KB
6 KB 146ms
53ms Image
image/jpeg 2606:4700:3034::ac43:9a96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pravatar.cc/150?img=64
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9a96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2227f27555cfdda5ca407e3706a473660e40a64d3e026a961f24197066e55aa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 04:09:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1509116
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fQdMksGBmR7AJIwv%2BXx31JebOG7Rk4Q8m9Y38JyJckh8TFjkWG1OPbHUN3TngZYz%2FlKfB7aeDiaur40D0v5CSK2GXqdspUIkEfIOk7gvSSlrYn9TkGEDX86mqq23418dgVaeN1S6kLAtSd7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8412843ffc0ef1ac-CDG
alt-svc: h3=":443"; ma=86400
content-length: 5188
expires: Mon, 11 Dec 2023 04:24:39 GMT

GET
H2 200 PushnewsSubscriptionSDK.js Show response
cdn.pn.vg/push/ 35 KB
9 KB 29ms
29ms Script
application/javascript 2606:4700:20::681a:1ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/PushnewsSubscriptionSDK.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 951937c05b317683fa2696758cae75dbce123ba4539a17e6ee89c952b3175449

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
via: 1.1 36be2c773789c1382b13900c0a0f5724.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP64-C2
age: 6398
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 03 May 2023 17:43:50 GMT
server: cloudflare
etag: W/"d83660b1645b3c67ae586e71ccd92e33"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05VFO1%2BP0utXZiLFIaACyQL24N6E33C5iVrmgqHQnYr%2FhnMWrKmyJg%2FjQ43HzBQWpRM9o8nkjgj163R7ZY2aXxm615%2BitduRdl3UowYoy8acVoidH0plP55s9zLST24jXnbWE9cFJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 8412843f7dde36e0-FRA
x-amz-cf-id: qqZXBk1llKp53L19-jC8l9uPaYyQ1W5tnFZw8Mr7EssroLrLlRVH2w==

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame F015 4 KB
2 KB 88ms
40ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Jan 2024 08:16:02 GMT

GET
H2 200 24efd11c-063c-46de-9749-1636434fcb6c Show response
tags.premiumads.com.br/dfp/ 70 KB
24 KB 145ms
30ms Script
text/javascript 2606:4700:20::681a:e79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.premiumads.com.br/dfp/24efd11c-063c-46de-9749-1636434fcb6c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2d6a8ad45eda12bcd8172fa4afcc406e7aef22de7f74ca01f0c6a70fabd8fe82

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 329299
x-powered-by: ASP.NET
request-context: appId=cid-v1:7814785e-b65d-4def-8f8d-ccf729ea4107
cf-bgj: minify
last-modified: Tue, 02 Jan 2024 12:47:43 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdaTW3poFZr93Mqt%2BYv6KOjt4kRWmSDXQC0M6x87R4eVL4LrL%2B%2FFTEw5oGI48s6NrJL1jS63vvKBY6rbMlf0HaSyhhtDcMCcV1ZnycY3AWEjlcSAo%2BUfXPpqv2ZuX4OwCnajCZv9DAmZ6RFvwD0jEL6hCDs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=3600
cf-ray: 841284403bd33a97-FRA

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 84C0 4 KB
2 KB 106ms
62ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Jan 2024 08:16:02 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame DB8C 4 KB
2 KB 96ms
54ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Jan 2024 08:16:02 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame F015 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?yHmXrQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 QapS58_46_U Show response
www.youtube.com/embed/ Frame F015 93 KB
39 KB 88ms
88ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

474ab0bc28e77fb52b560cae9c6578f57f6de98e1fd5c75565fea0664a1f7b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 08:16:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame F015 28 B
54 B 34ms
32ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Goog-Request-Time: 1704528962508
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE
X-YouTube-Client-Version: 1.20240102.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtHQkZFZjFFc2o5YyjBmOSsBjIKCgJERRIEEgAgLA%3D%3D
X-YouTube-Ad-Signals: dt=1704528961958&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C391%2C220&vis=1&wgl=true&ca_type=image&bid=ANyPxKprqz3-_9wI_Pxv-mL5jAvoX33J1xV3FgFGU7y-1YldjVP0KICLQoLLe2XcXRJlfIVwyXhK1JApPp6J2Jg1-JlesdkdUg

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sat, 06 Jan 2024 08:16:02 GMT

GET
H3 200 iframe_api Show response
www.youtube.com/ 993 B
519 B 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0271e782d0e49674121fe3f5e703dfbff44ed8de8b8625a006eeb4a9702724d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sat, 06 Jan 2024 08:16:02 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 84C0 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?R0qdcw
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
www.youtube.com/ Frame DB8C 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?u3_4Ag
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 52ms
52ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/e8n0t8ubqm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-encoding: br
last-modified: Wed, 03 Jan 2024 15:51:12 GMT
etag: W/"0x8DC0C73CFCC02AC"
vary: Accept-Encoding
x-azure-ref: 20240106T081602Z-u1pmsrzpft1pbbn3hz2n52hw88000000042000000000n26v
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 927452cc-301e-003f-37f1-3ee678000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET cast_sender.js
www.gstatic.com/eureka/clank/120/ Frame F015 0
0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame DB8C 50 KB
14 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 02:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 07 Jan 2024 02:27:50 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/ 216 KB
67 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d772756f7f30b155def5b4c539d7883b69134c27e64be72d6e2fd98b37718843

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:12:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68492
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Jan 2025 08:12:02 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 84C0 50 KB
14 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 02:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 07 Jan 2024 02:27:50 GMT

OPTIONS log
play.google.com/ Frame 0
0

POST atr
www.youtube.com/api/stats/ Frame F015 0
0

POST log
play.google.com/ Frame F015 0
0

POST log_event
www.youtube.com/youtubei/v1/ Frame F015 0
0

GET
H3 200 www-player.css
www.youtube.com/s/player/4fd50162/ Frame F015 358 KB
46 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:49:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5192
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47439
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Jan 2025 06:49:30 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame F015 52 KB
16 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3356f0f5569f8ef558651670486b10b673b2bbce268a8f265812b3820ebad28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16407
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:25:00 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4fd50162/www-embed-player.vflset/ Frame F015 322 KB
96 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98534
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Jan 2025 06:53:25 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame F015 2 MB
770 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f889ab9b9138135d594a5da3ad215533462f6007ef0c8ce4c1ac6f9f0e5c4885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:24:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258664
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788601
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:24:58 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F015 15 KB
15 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 118146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F015 15 KB
15 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 388711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 20:17:31 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 78ms
24ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/24efd11c-063c-46de-9749-1636434fcb6c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:13:13 GMT
content-encoding: gzip
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront), 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 170
x-amz-server-side-encryption: AES256
etag: W/"d6937d02acbbf691a008906e9d0617e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: pUdrCjreMLbHjdw5ftttuJt7J-uf9nUbCBVHWZ6DBP7TntqhvW3lsw==

GET
H2 200 pbjs-min.js Show response
tags.premiumads.com.br/scripts/ 394 KB
119 KB 39ms
39ms Script
text/javascript 2606:4700:20::681a:e79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/24efd11c-063c-46de-9749-1636434fcb6c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

cf2e9bbdef32f1bd4e75dd8e1ecf2e7fa61697babb54f4d7e502445608b0d399

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
strict-transport-security: max-age=2592000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 363160
x-powered-by: ASP.NET
request-context: appId=cid-v1:7814785e-b65d-4def-8f8d-ccf729ea4107
last-modified: Thu, 30 Nov 2023 13:32:58 GMT
server: cloudflare
etag: W/"1da2391bb43c69d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzpwbpEngeWUbAN3YcdFbBoE7YKvV0ZQa%2F%2BILmX914bBVhGCktjSZVJacBz%2FWqm8mOnlfzOz7XsQlF%2BnL3evPaHTgDQdDEXxXx9nkDiY2O2jACZ555XN7%2Bg6NiE15hD0H1K9I3hdC8LvpOovGjRehNjO010%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=31536000
cf-ray: 841284408c043a97-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
80 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6Y13KJ1H5Q

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/24efd11c-063c-46de-9749-1636434fcb6c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a7324a3912412c94ac74cd9b3a3a9902c5953c8298beb942e6425ca3b881d52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81966
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 06 Jan 2024 08:16:02 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
80 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6Y13KJ1H5Q&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3b86bf552550270f53580eb9412958d8d3a18625b12bd5fca8fb3c95bbcf15f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81969
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 06 Jan 2024 08:16:02 GMT

GET
H3 200 OsCp2pYT2_A Show response
www.youtube.com/embed/ Frame 84C0 93 KB
39 KB 80ms
80ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dbc594233ff684799bd8a1df3ddcacc458b20cb4e5ed6485e830280ec7569a83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 08:16:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 84C0 28 B
54 B 38ms
35ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Goog-Request-Time: 1704528962662
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz
X-YouTube-Client-Version: 1.20240102.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtwMHNBV3dvTkNMUSjBmOSsBjIKCgJERRIEEgAgXQ%3D%3D
X-YouTube-Ad-Signals: dt=1704528961956&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C391%2C220&vis=1&wgl=true&ca_type=image&bid=ANyPxKrvaXNL8b2860iXUsId0Xsp8UjrJLoVUfGWEkh5Oi5jtrSU-gUv_3JjWxdP5PtX2HpsadQfawtcZCBQwzouHpjnJ5Gy5g

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sat, 06 Jan 2024 08:16:02 GMT

GET
H3 200 2pR204OZkqw Show response
www.youtube.com/embed/ Frame DB8C 94 KB
40 KB 73ms
72ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

947d9d271c25156cff95a51c2599e443394e75a0dacb8c9ef1d679661dcd5eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 08:16:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame DB8C 28 B
54 B 37ms
34ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Goog-Request-Time: 1704528962665
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z
X-YouTube-Client-Version: 1.20240102.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtVZkUzdFB5MzZSUSjBmOSsBjIKCgJERRIEEgAgLw%3D%3D
X-YouTube-Ad-Signals: dt=1704528961992&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C391%2C220&vis=1&wgl=true&ca_type=image&bid=ANyPxKqZbWbmxXt9LSAabDS-x7i51att57toOgY2irwZzH5JNde7XCOxzLRzyA09B56U6nP9BaH7oUnJ0eTj7HsVmjp8RhWhWg

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sat, 06 Jan 2024 08:16:02 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 84C0 28 B
54 B 35ms
34ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Goog-Request-Time: 1704528962710
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz
X-YouTube-Client-Version: 1.20240102.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtwMHNBV3dvTkNMUSjBmOSsBjIKCgJERRIEEgAgXQ%3D%3D
X-YouTube-Ad-Signals: dt=1704528961956&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C391%2C220&vis=1&wgl=true&ca_type=image&bid=ANyPxKrvaXNL8b2860iXUsId0Xsp8UjrJLoVUfGWEkh5Oi5jtrSU-gUv_3JjWxdP5PtX2HpsadQfawtcZCBQwzouHpjnJ5Gy5g

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sat, 06 Jan 2024 08:16:02 GMT

GET
H2 200 / Show response
id.navegg.com/uid/ 16 B
303 B 650ms
546ms XHR
application/json 2606:4700:10::6814:e180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.navegg.com/uid/

Requested by

Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:e180 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

558ffc306fcfed53467bbf376f405a03f22c4b47a02c4a446d05a769852585dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
server: cloudflare
cross-origin-opener-policy: same-origin
vary: Accept
allow: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
x-frame-options: DENY
cf-ray: 84128441c9b692b4-FRA
access-control-allow-headers: *
content-length: 16
access-control-allow-method: GET

GET
H2 200 explore-more.20240104-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 26 KB
8 KB 21ms
19ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20240104-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13f016fc35d3cf152e8f989d05935bb90c6d1073c83611f04e908eef09229064

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: OOh4HsR59TIhrSya6Xm.I0scTRIhPVyd
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 Jan 2024 08:16:02 GMT
x-amz-request-id: Z0HFJ5S4BZV34WB9
age: 162454
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7706
x-amz-id-2: HnopnK2Lseq0t7U+kJSt5Cw4OaU0n8dsxRkJ3nDowR+I04hGXuwYQ2iQQdoWm2Fd2PpfY0S/2e4=
x-served-by: cache-fra-etou8220038-FRA
last-modified: Thu, 04 Jan 2024 11:08:29 GMT
server: AmazonS3
x-timer: S1704528963.755479,VS0,VE0
etag: "a09e51c1496e0751b14b02309cd89e26"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 35
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 75151

GET
H2 200 feed-card-placeholder.20240104-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 21ms
21ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20240104-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40eb4494f963b2f531935eb893e7c70b1bd4d8883ca07fde4edb042c4af11387

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: fMi2KLEulvb_uusjzoVCBQ4IFfzO1Ulw
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 Jan 2024 08:16:02 GMT
x-amz-request-id: M57S5QXV1PXKNBKX
age: 162455
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: ggjGtwnj1WksZd82CjsC2OlYj84BWk5S+tBzDE5CScYqv90iHnaDESPly8ER+qLbIODyRfi/LQo=
x-served-by: cache-fra-etou8220038-FRA
last-modified: Thu, 04 Jan 2024 11:08:27 GMT
server: AmazonS3
x-timer: S1704528963.755565,VS0,VE0
etag: "4f50a068fa248996321f367dcf8c7f52"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 89
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 151190

GET
H2 200 userx.20240104-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 20ms
19ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20240104-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 682eea5c87bf67e804007deb37d6cc3e5eb7086374828b2af3edd3f3dda92da3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: gXOZGBIlMChbQZN6H7nE1LNB2AO93v3U
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 Jan 2024 08:16:02 GMT
x-amz-request-id: F1ZD2VYC8QFH971Y
age: 162482
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: gx4ng7+bTsAm4ODLdQe3sI+AzSKHBAMrUNH90IQJaZNVMTTJ9oG0UduFtSy3T3jsv9r7vhnmOPY=
x-served-by: cache-fra-etou8220038-FRA
last-modified: Thu, 04 Jan 2024 11:08:01 GMT
server: AmazonS3
x-timer: S1704528963.764742,VS0,VE0
etag: "68f394774f9800b001f1f78014cbbc4d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 60
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 35261

GET
H2 200 distance-from-article.20240104-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 21ms
20ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20240104-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e260c30045f1b05617f23476acdda8b93536de9e6446b757d7334250297c489

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: Qjywn6cL5rejK9hcls5CfyNwwPETx_4o
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 Jan 2024 08:16:02 GMT
x-amz-request-id: A7D32QHR9ZV52T20
age: 162449
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1132
x-amz-id-2: 2bB+XuiJm2PXVLITkoL2Y91LwGtlTENsoT/YOiRvkb1OkkGDql/3fRyTaYfvHLqbSaVl4ZJAUD0=
x-served-by: cache-fra-etou8220038-FRA
last-modified: Thu, 04 Jan 2024 11:08:34 GMT
server: AmazonS3
x-timer: S1704528963.765647,VS0,VE0
etag: "c5488a1b33b1d8b5475b133202fefc5b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 60
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 161883

GET
H2 200 article-detection.20240104-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 22ms
22ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20240104-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 65505f215e9d6c8317be522c00e041b7da5b7a22e8fb8a8d7485a76b691b16f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: rtc13dlxVVo9rGRt2uFsgEX7ziYl68I4
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 Jan 2024 08:16:02 GMT
x-amz-request-id: NAVHYEWK7F97QFN8
age: 162443
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1291
x-amz-id-2: Q1TIy38Of8/Ub7Xy/mSpZbGkaz9ja6BvZnrLmWtJlt0wGjAyXfQ2Yxbt/ySYmJzeiHyyQAS9q9M=
x-served-by: cache-fra-etou8220038-FRA
last-modified: Thu, 04 Jan 2024 11:08:40 GMT
server: AmazonS3
x-timer: S1704528963.765743,VS0,VE0
etag: "d1831c6c3ea7334404ec31ce08af0eaa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 58
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 161836

GET
H2 204 supply-feature
am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/ 0
230 B 80ms
32ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/supply-feature?route=AM:AM:V&tvi2=9516&tvi48=14791&tvi50=13315&lti=deflated&ri=a344a99cea3c5eea3dded8b0784982f2&sd=v2_2b5fd9074ac4fb74c868383a1c87e840_0b3d3427-6dae-4621-90f1-89b7534bcf99-tuctc9291c1_1704528961_1704528961_CNawjgYQ9aJBGO3C3-7NMSABKAEwODib4wlAh4oQSMLV4gNQ____________AVgAYABol9TM2v-Z45zBAXAA&ui=0b3d3427-6dae-4621-90f1-89b7534bcf99-tuctc9291c1&pi=/&wi=-1502375787747636427&pt=text&vi=1704528961901&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=09%3A16%3A02.745&id=8612&llvl=2&cv=20240104-7-RELEASE&
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 06 Jan 2024 08:16:02 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/ 0
230 B 80ms
33ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/abtests?route=AM:AM:V&tvi2=9516&tvi48=14791&tvi50=13315&lti=deflated&ri=a344a99cea3c5eea3dded8b0784982f2&sd=v2_2b5fd9074ac4fb74c868383a1c87e840_0b3d3427-6dae-4621-90f1-89b7534bcf99-tuctc9291c1_1704528961_1704528961_CNawjgYQ9aJBGO3C3-7NMSABKAEwODib4wlAh4oQSMLV4gNQ____________AVgAYABol9TM2v-Z45zBAXAA&ui=0b3d3427-6dae-4621-90f1-89b7534bcf99-tuctc9291c1&pi=/&wi=-1502375787747636427&pt=text&vi=1704528961901&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1704528962749%7D&tim=09%3A16%3A02.749&id=2304&llvl=2&cv=20240104-7-RELEASE&
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 06 Jan 2024 08:16:02 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 social
am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/ 0
230 B 67ms
34ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/social?route=AM:AM:V&tvi2=9516&tvi48=14791&tvi50=13315&lti=deflated&ri=a344a99cea3c5eea3dded8b0784982f2&sd=v2_2b5fd9074ac4fb74c868383a1c87e840_0b3d3427-6dae-4621-90f1-89b7534bcf99-tuctc9291c1_1704528961_1704528961_CNawjgYQ9aJBGO3C3-7NMSABKAEwODib4wlAh4oQSMLV4gNQ____________AVgAYABol9TM2v-Z45zBAXAA&ui=0b3d3427-6dae-4621-90f1-89b7534bcf99-tuctc9291c1&pi=/&wi=-1502375787747636427&pt=text&vi=1704528961901&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2Fimage%2Fcontentid%2Fpolicy%3A1.3065338%3A1616776792%2Fimage.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=09%3A16%3A02.806&id=8756&llvl=2&cv=20240104-7-RELEASE&
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 06 Jan 2024 08:16:02 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 bulk-metrics Show response
am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/ 0
259 B 54ms
33ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/bulk-metrics?tvi2=9516&tvi48=14791&tvi50=13315&route=AM%3AAM%3AV&lti=deflated&bulkSize=7
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240104-7-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
pragma: no-cache
date: Sat, 06 Jan 2024 08:16:02 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/ 0
230 B 47ms
32ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/abtests?route=AM:AM:V&tvi2=9516&tvi48=14791&tvi50=13315&lti=deflated&ri=a344a99cea3c5eea3dded8b0784982f2&sd=v2_2b5fd9074ac4fb74c868383a1c87e840_0b3d3427-6dae-4621-90f1-89b7534bcf99-tuctc9291c1_1704528961_1704528961_CNawjgYQ9aJBGO3C3-7NMSABKAEwODib4wlAh4oQSMLV4gNQ____________AVgAYABol9TM2v-Z45zBAXAA&ui=0b3d3427-6dae-4621-90f1-89b7534bcf99-tuctc9291c1&pi=/&wi=-1502375787747636427&pt=text&vi=1704528961901&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1704528962821%7D&tim=09%3A16%3A02.821&id=4916&llvl=2&cv=20240104-7-RELEASE&
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 06 Jan 2024 08:16:02 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3416677%3A1703965... 30 KB
30 KB 112ms
111ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3416677%3A1703965628/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cf6d2dfc4d43fa5bce8bd7597a4380ad828bf27903e32c5f7e1f43e43559569a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Sat, 06 Jan 2024 08:16:02 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3416677%3A1703965628/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age: 170412
edge-cache-tag: 429515064029270435860067559428883448171,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 429515064029270435860067559428883448171,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 1471
req-referer: https://diariodonordeste.verdesmares.com.br/
content-length: 30262
x-request-id: dc657bc1f90246792b6b1a96ad039e29
x-served-by: cache-iad-kcgs7200083-IAD, cache-iad-kjyo7100024-IAD, cache-lga21931-LGA, cache-iad-kjyo7100156-IAD, cache-fra-etou8220038-FRA
last-modified: Sat, 30 Dec 2023 21:10:28 GMT
server: nginx
surrogate-reporting: width=945,height=472,bytes=31293,owidth=945,oheight=630,obytes=41501,ef=(1,13,17,23,30)
x-timer: S1704528963.839337,VS0,VE89
etag: "c4ba89cf6326d79744d5a32bbae7ccca"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 2, 0

GET
H2 200 image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461517%3A1703967... 55 KB
56 KB 2460ms
2459ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461517%3A1703967108/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4a4e0537b2ee2c41074f40d513b4e7f604664a7b416ec6aa5918cb951a510a34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 2440
date: Sat, 06 Jan 2024 08:16:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461517%3A1703967108/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age: 559279
edge-cache-tag: 309079665126085207616900919020717571256,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 309079665126085207616900919020717571256,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, MISS, MISS
x-envoy-upstream-service-time: 2270
req-referer: https://diariodonordeste.verdesmares.com.br/
content-length: 56472
x-request-id: 352e60cffa294f5fc071b2f03f0086eb
x-served-by: cache-iad-kcgs7200022-IAD, cache-iad-kjyo7100175-IAD, cache-lga21978-LGA, cache-iad-kjyo7100152-IAD, cache-fra-etou8220038-FRA
last-modified: Sat, 30 Dec 2023 20:28:13 GMT
server: nginx
surrogate-reporting: width=504,height=252,bytes=23645,owidth=504,oheight=630,obytes=47263,ef=(1,13,17,23,30)
x-timer: S1704528963.839364,VS0,VE2440
etag: "9a458918241a0176bc86cb7052debdb2"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 0, 0

GET
H2 200 image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461674%3A1704042... 88 KB
89 KB 113ms
112ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461674%3A1704042006/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f2a2e8f514007dccaa32d4799f7e436a719695192d393fc2fc8dc3f9f7b4182f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Sat, 06 Jan 2024 08:16:02 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461674%3A1704042006/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age: 484588
edge-cache-tag: 568847774683264977179517097841069021626,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 568847774683264977179517097841069021626,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time: 1759
req-referer: https://diariodonordeste.verdesmares.com.br/
content-length: 90314
x-request-id: 3a4caa1a5b8d7b83b47cfc9cfe9e2eb5
x-served-by: cache-iad-kcgs7200107-IAD, cache-iad-kjyo7100114-IAD, cache-lax-kwhp1940056-LAX, cache-iad-kjyo7100175-IAD, cache-fra-etou8220038-FRA
last-modified: Sun, 31 Dec 2023 17:36:32 GMT
server: nginx
surrogate-reporting: width=1080,height=540,bytes=78898,owidth=1080,oheight=608,obytes=86465,ef=(1,13,17,23,30)
x-timer: S1704528963.839141,VS0,VE89
etag: "98a33c73dc136dae5585ee99c6772d01"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 3, 0

GET
H2 200 image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461742%3A1704049... 38 KB
39 KB 1041ms
1040ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461742%3A1704049455/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fa122b4c4091bbec3f072a7f918d4867b258fcd9dc45429205e08c760ac8a7c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 1021
date: Sat, 06 Jan 2024 08:16:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461742%3A1704049455/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age: 478097
edge-cache-tag: 540640554941236515457731475573455368371,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 540640554941236515457731475573455368371,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, MISS, MISS
x-envoy-upstream-service-time: 920
req-referer: https://diariodonordeste.verdesmares.com.br/
content-length: 39212
x-request-id: d58b7d3f94da3a29175243fee8eafa9a
x-served-by: cache-iad-kjyo7100062-IAD, cache-iad-kcgs7200083-IAD, cache-lga21945-LGA, cache-iad-kjyo7100131-IAD, cache-fra-etou8220038-FRA
last-modified: Sun, 31 Dec 2023 19:22:38 GMT
server: nginx
surrogate-reporting: width=776,height=388,bytes=32843,owidth=850,oheight=388,obytes=30891,ef=(1,13,17,23,30)
x-timer: S1704528963.839362,VS0,VE1021
etag: "a37aeb9952edf94e01f4d260dd55ee2e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 1, 0, 0

GET
H2 200 image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3462789%3A1704323992/ 10 KB
11 KB 109ms
109ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3462789%3A1704323992/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1546d1c528bca357bc27a1bbc55f93af4ac4f4c38ebbc6633e3d49d00c8aac27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Sat, 06 Jan 2024 08:16:02 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3462789%3A1704323992/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age: 203601
edge-cache-tag: 482618186716721075037580651620958846959,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 482618186716721075037580651620958846959,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time: 882
req-referer: https://diariodonordeste.verdesmares.com.br/
content-length: 10118
x-request-id: 340cbb44f9c1d58384529bf198ad0c17
x-served-by: cache-iad-kiad7000116-IAD, cache-iad-kjyo7100026-IAD, cache-lga21926-LGA, cache-iad-kcgs7200091-IAD, cache-fra-etou8220038-FRA
last-modified: Wed, 03 Jan 2024 23:38:42 GMT
server: nginx
surrogate-reporting: width=640,height=320,bytes=14485,owidth=640,oheight=360,obytes=15299,ef=(1,13,17,23,30)
x-timer: S1704528963.839141,VS0,VE89
etag: "c52b68ee43991ab3c480c49eecf97880"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 3, 0

GET
H2 200 8061f39996a95946bc65c455817c6549.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 21 KB
22 KB 22ms
19ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8061f39996a95946bc65c455817c6549.jpg
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c87ff6d9f193e16f8aad7a327ad0bd4d80c82d87f8f31113a453986c9e4a7f53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 06 Jan 2024 08:16:02 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8061f39996a95946bc65c455817c6549.jpg
age: 344324
edge-cache-tag: 409365345457401064480314170223247089344,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 409365345457401064480314170223247089344,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 175
req-referer: https://www.desired.de/
content-length: 21948
x-request-id: 6e278367b91b79c05adfee262a9096e2
x-served-by: cache-iad-kcgs7200063-IAD, cache-iad-kjyo7100030-IAD, cache-lax-kwhp1940099-LAX, cache-iad-kcgs7200141-IAD, cache-fra-etou8220038-FRA
last-modified: Mon, 01 Jan 2024 13:55:08 GMT
server: nginx
surrogate-reporting: width=1000,height=555,bytes=43329,owidth=1000,oheight=667,obytes=254314,ef=(1,13,17,23,30)
x-timer: S1704528963.883168,VS0,VE0
etag: "557a8e84294c2a2e1ec650659af67d72"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 1, 10

GET
H2 200 bff26ca2043fcdad50b49c26827b5fea.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_983%2Cx_1%2Cy_53/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 40 KB
41 KB 22ms
21ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_983%2Cx_1%2Cy_53/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bff26ca2043fcdad50b49c26827b5fea.jpg
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e03aca5c157d660d4cce27afff440611c207dea410e8501f2f6a7ad36f891241

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 06 Jan 2024 08:16:02 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_983%2Cx_1%2Cy_53/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bff26ca2043fcdad50b49c26827b5fea.jpg
age: 142358
edge-cache-tag: 616897544298183328405967919086765376001,539150318780654318198328931150754690277,29ecf9b93bbf306179626feeda1fab70
cache-tag: 616897544298183328405967919086765376001,539150318780654318198328931150754690277,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 1026
req-referer: https://ads.taboola.com/
content-length: 41142
x-request-id: 085826189b500b5e61a9e86b1c59cbc5
x-served-by: cache-iad-kcgs7200064-IAD, cache-iad-kiad7000162-IAD, cache-lax-kwhp1940110-LAX, cache-iad-kiad7000029-IAD, cache-fra-etou8220038-FRA
last-modified: Thu, 04 Jan 2024 16:43:25 GMT
server: nginx
surrogate-reporting: width=983,height=553,bytes=60246,owidth=984,oheight=656,obytes=125731,ef=(1,13,17,23,30)
x-timer: S1704528963.905516,VS0,VE1
etag: "ec23ae73d3c1e2bd1c4b0158379b1433"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2, 1

GET
H2 200 image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461667%3A1704041518/ 12 KB
13 KB 108ms
107ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461667%3A1704041518/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 591a6f2249175b59c7898d013012dafab250364e89e9846da7b70a1279c1244f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 88
date: Sat, 06 Jan 2024 08:16:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461667%3A1704041518/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age: 484633
edge-cache-tag: 351478104879753503296361941982153452732,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 351478104879753503296361941982153452732,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 947
req-referer: https://diariodonordeste.verdesmares.com.br/
content-length: 12332
x-request-id: 4ad12f636db711a3f184685ca34a0e27
x-served-by: cache-iad-kjyo7100026-IAD, cache-iad-kjyo7100151-IAD, cache-lax-kwhp1940062-LAX, cache-iad-kjyo7100056-IAD, cache-fra-etou8220038-FRA
last-modified: Sun, 31 Dec 2023 17:35:29 GMT
server: nginx
surrogate-reporting: width=945,height=525,bytes=37939,owidth=945,oheight=630,obytes=36353,ef=(1,13,17,23,30)
x-timer: S1704528963.929526,VS0,VE88
etag: "47657ae21ec01498e260e148caf79330"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 5, 1, 3, 0

GET
H2 200 image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3463640%3A1704485758/ 16 KB
17 KB 109ms
106ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3463640%3A1704485758/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 27cd9b0ab0ebb834262f420351769a6b90e9fed174f0ada73245c03cf22b7aeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 87
date: Sat, 06 Jan 2024 08:16:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3463640%3A1704485758/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age: 42348
edge-cache-tag: 294314663283871358115609815097900872957,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 294314663283871358115609815097900872957,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 1177
req-referer: https://diariodonordeste.verdesmares.com.br/
content-length: 16292
x-request-id: b68e095a2f8e83e295d2de4d3416a24c
x-served-by: cache-iad-kjyo7100125-IAD, cache-iad-kcgs7200107-IAD, cache-lax-kwhp1940028-LAX, cache-iad-kiad7000176-IAD, cache-fra-etou8220038-FRA
last-modified: Fri, 05 Jan 2024 20:30:16 GMT
server: nginx
surrogate-reporting: width=674,height=374,bytes=22545,owidth=674,oheight=450,obytes=25937,ef=(1,13,17,23,30)
x-timer: S1704528963.951757,VS0,VE87
etag: "fd4630dd46c4277c64b0d0537c27f10d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 6, 4, 0

GET
H2 200 image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3463609%3A1704481976/ 25 KB
26 KB 135ms
135ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3463609%3A1704481976/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d6dd422c02b56568cfe8b681583564c82e9d66802172dd23b52223fe543f70f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 116
date: Sat, 06 Jan 2024 08:16:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3463609%3A1704481976/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age: 42511
edge-cache-tag: 380042026552857649204390250911301229803,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 380042026552857649204390250911301229803,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 1111
req-referer: https://diariodonordeste.verdesmares.com.br/
content-length: 25416
x-request-id: 039742b757eef1849ef6f07a00fe72ab
x-served-by: cache-iad-kjyo7100116-IAD, cache-iad-kjyo7100102-IAD, cache-lax-kwhp1940043-LAX, cache-iad-kiad7000174-IAD, cache-fra-etou8220038-FRA
last-modified: Fri, 05 Jan 2024 20:22:48 GMT
server: nginx
surrogate-reporting: width=945,height=525,bytes=50858,owidth=945,oheight=630,obytes=61691,ef=(1,13,17,23,30)
x-timer: S1704528963.951881,VS0,VE116
etag: "a7e8d386b858d8cac824acb3c4dd043d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2, 3, 0

GET
H2 200 image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3062086%3A1639427171/ 16 KB
17 KB 1006ms
1006ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3062086%3A1639427171/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ec9050b28fe42939ab4eac1e2fde40f4c2547eafbd2e90669471a5cbb2feb18e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 975
date: Sat, 06 Jan 2024 08:16:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3062086%3A1639427171/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age: 1581635
edge-cache-tag: 494272922349653889408451702879491129519,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 494272922349653889408451702879491129519,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 960
req-referer: https://diariodonordeste.verdesmares.com.br/
content-length: 16356
x-request-id: 59933ac4c0e70cc1e6cfea7469c45d35
x-served-by: cache-iad-kiad7000111-IAD, cache-iad-kiad7000099-IAD, cache-iad-kcgs7200106-IAD, cache-fra-etou8220038-FRA
last-modified: Wed, 30 Aug 2023 01:59:58 GMT
server: nginx
surrogate-reporting: width=1120,height=622,bytes=28966,owidth=1120,oheight=630,obytes=32722
x-timer: S1704528963.957354,VS0,VE975
etag: "dd7b4e5ac8243b4e93f3f2f40936234e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 1

GET
H2 200 image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461817%3A1704081373/ 23 KB
24 KB 107ms
107ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461817%3A1704081373/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bde4a2a274471e86a801fae3031412222af0fc76d3f2f54149cd0561088ebb8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 88
date: Sat, 06 Jan 2024 08:16:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461817%3A1704081373/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age: 441520
edge-cache-tag: 492692888391147378587719743465215153794,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 492692888391147378587719743465215153794,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 1863
req-referer: https://diariodonordeste.verdesmares.com.br/
content-length: 23678
x-request-id: 33a2bfab1a7f52f4e20120558d128551
x-served-by: cache-iad-kjyo7100177-IAD, cache-iad-kcgs7200079-IAD, cache-lga21947-LGA, cache-iad-kiad7000043-IAD, cache-fra-etou8220038-FRA
last-modified: Mon, 01 Jan 2024 04:09:24 GMT
server: nginx
surrogate-reporting: width=940,height=523,bytes=39424,owidth=320,oheight=189,obytes=9491,ef=(1,13,17,23,30)
x-timer: S1704528963.038138,VS0,VE88
etag: "a0347ff7c79bae563774023e7816948e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 12, 0

GET
H2 200 20dc8f638604c80c05d5fffb4462adb0.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 24 KB
24 KB 19ms
19ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/20dc8f638604c80c05d5fffb4462adb0.png
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8f1f59c95dfcf2fd246bde25acbaf26931d91f51c3294440b449daef507f690b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 06 Jan 2024 08:16:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/20dc8f638604c80c05d5fffb4462adb0.png
age: 1702685
edge-cache-tag: 492672002463436056379111913346820704329,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 492672002463436056379111913346820704329,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 1097
req-referer: https://ads.taboola.com/
content-length: 24094
x-request-id: a7f801ce8fc1c64b2b69b596b95ff904
x-served-by: cache-iad-kjyo7100048-IAD, cache-iad-kcgs7200119-IAD, cache-lga21944-LGA, cache-iad-kiad7000061-IAD, cache-fra-etou8220038-FRA
last-modified: Sun, 17 Dec 2023 15:17:58 GMT
server: nginx
surrogate-reporting: width=1024,height=569,bytes=63705,owidth=1024,oheight=813,obytes=894103,ef=(1,13,17,23,30)
x-timer: S1704528963.059621,VS0,VE0
etag: "05f0614a5d664d342de5d74e2dd68c42"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 4, 4

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 28ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6Y13KJ1H5Q&gtm=45je4130v9119074088&_p=1704528961635&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=715184042.1704528962&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1704528962&sct=1&seg=0&dl=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&dt=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4337
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6Y13KJ1H5Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e45f87c2a182469dcec89bdc08616013.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 44 KB
45 KB 19ms
19ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e45f87c2a182469dcec89bdc08616013.png
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: db12dca722591dcf03aec653276d07d75a3f01e6e113963a301847eec5e0666a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 06 Jan 2024 08:16:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e45f87c2a182469dcec89bdc08616013.png
age: 1702685
edge-cache-tag: 328664003400482892081841506616339267746,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 328664003400482892081841506616339267746,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 1329
req-referer: https://ads.taboola.com/
content-length: 44936
x-request-id: 540165a2f337cc365223058155ff975d
x-served-by: cache-iad-kcgs7200144-IAD, cache-iad-kjyo7100119-IAD, cache-lga21953-LGA, cache-iad-kjyo7100023-IAD, cache-fra-etou8220038-FRA
last-modified: Sun, 17 Dec 2023 15:17:59 GMT
server: nginx
surrogate-reporting: width=1024,height=568,bytes=91402,owidth=1024,oheight=694,obytes=1112644,ef=(1,13,17,23,30)
x-timer: S1704528963.080579,VS0,VE0
etag: "918e62f292c70c35d4542e219365bd1a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2, 4

GET
H2 200 image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3462418%3A1704240821/ 24 KB
25 KB 107ms
107ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3462418%3A1704240821/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4b14796bcc6e5018785ee17ce96f35ff83fc2de83014a3cf2b58c1959e9ceb03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 88
date: Sat, 06 Jan 2024 08:16:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3462418%3A1704240821/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age: 287219
edge-cache-tag: 479430697556124989532756341973015679209,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 479430697556124989532756341973015679209,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time: 975
req-referer: https://diariodonordeste.verdesmares.com.br/
content-length: 24968
x-request-id: 06cd48732d67523120452906ff4c98d6
x-served-by: cache-iad-kiad7000089-IAD, cache-iad-kcgs7200039-IAD, cache-lga21969-LGA, cache-iad-kiad7000020-IAD, cache-fra-etou8220038-FRA
last-modified: Wed, 03 Jan 2024 00:22:05 GMT
server: nginx
surrogate-reporting: width=347,height=192,bytes=9224,owidth=347,oheight=630,obytes=41135,ef=(1,13,17,23,30)
x-timer: S1704528963.089347,VS0,VE88
etag: "146700dff3378eb6e0151bbc45d21c47"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 2, 0

GET
H2 200 image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461597%3A1703985469/ 21 KB
21 KB 109ms
108ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461597%3A1703985469/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 09c8b1f439673489e968bc76b00615e12d475455edb1f100f029a4f0432911ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Sat, 06 Jan 2024 08:16:03 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3461597%3A1703985469/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age: 542731
edge-cache-tag: 420645369432534874199751370266810835916,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 420645369432534874199751370266810835916,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time: 1002
req-referer: https://diariodonordeste.verdesmares.com.br/
content-length: 21070
x-request-id: d53900b90cb0b0abe641250fc196a74d
x-served-by: cache-iad-kjyo7100068-IAD, cache-iad-kcgs7200081-IAD, cache-lax-kwhp1940061-LAX, cache-iad-kjyo7100047-IAD, cache-fra-etou8220038-FRA
last-modified: Sun, 31 Dec 2023 01:28:41 GMT
server: nginx
surrogate-reporting: width=945,height=525,bytes=26968,owidth=945,oheight=630,obytes=32173,ef=(1,13,17,23,30)
x-timer: S1704528963.102727,VS0,VE89
etag: "2f6afed0103486142633e0295e306cf3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 13, 0

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
315 B 640ms
271ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://diariodonordeste.verdesmares.com.br
Date: Sat, 06 Jan 2024 08:16:03 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 331fbd2e-ff5e-4e7c-9de6-7c2166bce7b7 Show response
config.aps.amazon-adsystem.com/configs/ 564 B
840 B 98ms
29ms Script
application/javascript 18.165.183.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/331fbd2e-ff5e-4e7c-9de6-7c2166bce7b7
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.183.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-183-39.zrh55.r.cloudfront.net
Software: CloudFront /
Resource Hash: b9fd0e8576ea84ddc87bdb42eaeba3b53e1fc468bc6e3be6eaf07561846010db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 07:47:06 GMT
via: 1.1 a1822b92cbf5d3516743d4786d5b6020.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: ZRH55-P1
age: 1736
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: dv_qPsbc7RDDsv3vdEUvPzHAqLHvElqORXcv81aKcp03bDE65LEASA==

GET config
c.amazon-adsystem.com/cdn/prod/ 0
0

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 66ms
22ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
date: Sat, 06 Jan 2024 08:06:59 GMT
x-amz-cf-pop: FRA56-P6
age: 5218
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 96qW7Cl58uICK11og0ebwFx7V4uD6uRankpxXXQztTPpeIUDML6T_A==

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame F015 113 B
159 B 29ms
29ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52794d4496577500b1d2a45ad73fe7eaee33be207456558e177b226e942ae317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame F015 29 B
89 B 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:06:11 GMT
x-content-type-options: nosniff
age: 591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Jan 2024 08:21:11 GMT

POST atr
www.youtube.com/api/stats/ Frame DB8C 0
0

POST log_event
www.youtube.com/youtubei/v1/ Frame DB8C 0
0

GET
H3 200 www-player.css
www.youtube.com/s/player/4fd50162/ Frame DB8C 358 KB
46 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:49:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5192
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47439
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Jan 2025 06:49:30 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame DB8C 52 KB
16 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3356f0f5569f8ef558651670486b10b673b2bbce268a8f265812b3820ebad28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16407
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:25:00 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4fd50162/www-embed-player.vflset/ Frame DB8C 322 KB
96 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98534
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Jan 2025 06:53:25 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame DB8C 2 MB
770 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f889ab9b9138135d594a5da3ad215533462f6007ef0c8ce4c1ac6f9f0e5c4885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:24:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258664
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788601
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:24:58 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 34ms
27ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 06 Jan 2024 08:16:02 GMT
expires: Sat, 06 Jan 2024 08:16:02 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST atr
www.youtube.com/api/stats/ Frame 84C0 0
0

POST log
play.google.com/ Frame 84C0 0
0

POST log_event
www.youtube.com/youtubei/v1/ Frame 84C0 0
0

GET
H3 200 www-player.css
www.youtube.com/s/player/4fd50162/ Frame 84C0 358 KB
46 KB 20ms
20ms Stylesheet
text/css 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:49:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5192
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47439
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Jan 2025 06:49:30 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 84C0 52 KB
16 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3356f0f5569f8ef558651670486b10b673b2bbce268a8f265812b3820ebad28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16407
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:25:00 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4fd50162/www-embed-player.vflset/ Frame 84C0 322 KB
96 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98534
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Jan 2025 06:53:25 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 84C0 2 MB
770 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f889ab9b9138135d594a5da3ad215533462f6007ef0c8ce4c1ac6f9f0e5c4885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:24:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258664
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788601
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:24:58 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame F015 116 KB
33 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973d937f69f428e851085e61e90eccfbb4ba39dab2ccdb303fcf08fa3fbd9dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:24:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258664
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33708
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:24:59 GMT

GET
H3 200 8Hi5A8hOrTMN2tBLhmCcAO89l4B_aU1bigXouSWjw-4.js Show response
www.google.com/js/th/ Frame F015 50 KB
19 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/8Hi5A8hOrTMN2tBLhmCcAO89l4B_aU1bigXouSWjw-4.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f078b903c84ead330ddad04b86609c00ef3d97807f694d5b8a05e8b925a3c3ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 10:13:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 165728
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19796
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jan 2025 10:13:55 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/QapS58_46_U/ Frame F015 53 KB
53 KB 24ms
19ms Image
image/jpeg 2a00:1450:4001:82f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/QapS58_46_U/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e193e694bd5cb3b61e7c7a0a51f37e2422326b5363ee1081cd4904893f7ceee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
x-content-type-options: nosniff
age: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53934
x-xss-protection: 0
server: sffe
etag: "1704401534"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 06 Jan 2024 08:21:02 GMT

GET
DATA 200
OK truncated
/ Frame F015 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 nrraxF0s2jKOl6isMlIEzUjbDvkobeirl6UJxK8DnYrLXDJUOOIAbjNlRx3YC7xz3X-zTjr0OA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame F015 3 KB
3 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/nrraxF0s2jKOl6isMlIEzUjbDvkobeirl6UJxK8DnYrLXDJUOOIAbjNlRx3YC7xz3X-zTjr0OA=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7f602f9a56289339e05c21b93cca562e0314d1eb293a8304ae5ce18803470992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 07:18:26 GMT
x-content-type-options: nosniff
age: 3457
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3157
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 07 Jan 2024 07:18:26 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DB8C 15 KB
15 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 118147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DB8C 15 KB
15 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 388712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 20:17:31 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 84C0 15 KB
15 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 118147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 84C0 15 KB
15 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 388712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 20:17:31 GMT

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 83ms
30ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240104-7-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 06 Jan 2024 08:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 06 Jan 2024 06:41:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 Jan 2024 08:16:03 GMT

GET
H2 200 spa-detector.20240104-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 19ms
19ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20240104-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3122a2ad14078e833656ac1de950aa8a449c3705d95a21d7be14e88404baa0b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: dH7KykjsDOtMF4968naM8YrCtA.6n8jh
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 Jan 2024 08:16:03 GMT
x-amz-request-id: MVJ2BNQT5KRA585M
age: 162470
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 778
x-amz-id-2: Cw2CEUdGekkJs7bkleLkcnmuTWJB6DPNiPWae3rEpUn16rXMHetjXt+oNWtNrv30V72AOMrS0kQ=
x-served-by: cache-fra-etou8220038-FRA
last-modified: Thu, 04 Jan 2024 11:08:13 GMT
server: AmazonS3
x-timer: S1704528963.149171,VS0,VE0
etag: "3210ec7d0e68e288fb9d371bdb54a214"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 92
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 78281

GET
H2 204 supply-feature
am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/ 0
230 B 33ms
32ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/supply-feature?route=AM:AM:V&tvi2=9516&tvi48=14791&tvi50=13315&lti=deflated&ri=a344a99cea3c5eea3dded8b0784982f2&sd=v2_2b5fd9074ac4fb74c868383a1c87e840_0b3d3427-6dae-4621-90f1-89b7534bcf99-tuctc9291c1_1704528961_1704528961_CNawjgYQ9aJBGO3C3-7NMSABKAEwODib4wlAh4oQSMLV4gNQ____________AVgAYABol9TM2v-Z45zBAXAA&ui=0b3d3427-6dae-4621-90f1-89b7534bcf99-tuctc9291c1&pi=/&wi=-1502375787747636427&pt=text&vi=1704528961901&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=09%3A16%3A03.139&id=2306&llvl=2&cv=20240104-7-RELEASE&
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 06 Jan 2024 08:16:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/ 0
230 B 34ms
33ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/supply-feature?route=AM:AM:V&tvi2=9516&tvi48=14791&tvi50=13315&lti=deflated&ri=a344a99cea3c5eea3dded8b0784982f2&sd=v2_2b5fd9074ac4fb74c868383a1c87e840_0b3d3427-6dae-4621-90f1-89b7534bcf99-tuctc9291c1_1704528961_1704528961_CNawjgYQ9aJBGO3C3-7NMSABKAEwODib4wlAh4oQSMLV4gNQ____________AVgAYABol9TM2v-Z45zBAXAA&ui=0b3d3427-6dae-4621-90f1-89b7534bcf99-tuctc9291c1&pi=/&wi=-1502375787747636427&pt=text&vi=1704528961901&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=09%3A16%3A03.140&id=1496&llvl=2&cv=20240104-7-RELEASE&
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 06 Jan 2024 08:16:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/ 0
230 B 30ms
30ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/abtests?route=AM:AM:V&tvi2=9516&tvi48=14791&tvi50=13315&lti=deflated&ri=a344a99cea3c5eea3dded8b0784982f2&sd=v2_2b5fd9074ac4fb74c868383a1c87e840_0b3d3427-6dae-4621-90f1-89b7534bcf99-tuctc9291c1_1704528961_1704528961_CNawjgYQ9aJBGO3C3-7NMSABKAEwODib4wlAh4oQSMLV4gNQ____________AVgAYABol9TM2v-Z45zBAXAA&ui=0b3d3427-6dae-4621-90f1-89b7534bcf99-tuctc9291c1&pi=/&wi=-1502375787747636427&pt=text&vi=1704528961901&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1704528963140%7D&tim=09%3A16%3A03.140&id=8020&llvl=2&cv=20240104-7-RELEASE&
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 06 Jan 2024 08:16:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 p-dd84f628.entry.js Show response
diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/ 1 KB
1 KB 259ms
235ms Script
text/javascript 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/p-dd84f628.entry.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/p-b9c201a0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

944bd35271d7242c6a221a4ed3820216677357b9f9189a329de05fb0462df330

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/p-b9c201a0.js
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
x-cache-rule: YES with ttl: 3600.000 /apps/morpheus/web-components/dist/web-components/p-dd84f628.entry.js
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 05 Oct 2023 00:07:34 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 1042
etag: W/"1113-1696464454000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/javascript
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:03 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2B71 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDpk8VnGQxMwZUceduynTrPDVXeUvjY-0GZ4QmGmnCDoGCZBsZBccNOuTN1OYKBc-FSdCuXD7Ir5O96OJdCiOeN17Ggn2IK5wEPcXgMiTkcGujFPSutIgNNo8hLopQy5Gwvda6n4MaP8Fj_-pwgSWRzKEfocemKHmBVkH2Lfj1WjqRQwmXWTEXMkoQ9Av3i0AizGlx37ImsfBsn_1449kprDEOKVWGUUuq7ik1AOYV0-xIbZjb91Izkiff9UUwSssdvopjCtvlcgIda9DXF-4BoAJKJoCHtTkfaTKpm7QnY9YmtjbVjsBrgCTH1UO8TeIEyzjKXEn1V9qKuWldINQCufYNW3_kSLeN-D6veDeTvQkVYBZxTHk&sai=AMfl-YRRpNuxh1FwA_LVSsVAN9g93g2ecRHWuaQiLSKY_thCMoeQOOAwMs3Z8zqIgSEftL8ZzUcei6w9QuyuG-P66kynGs22wBlI8-RujOepo6n-eK_WIlg5IxsfrUun2A&sig=Cg0ArKJSzH8X5W4Qx_eSEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 508cfab9631f5b501a9991a62d93b669.js Show response
scripts.cleverwebserver.com/ 133 KB
48 KB 126ms
45ms Script
application/javascript 2606:4700:4400::6812:2a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/508cfab9631f5b501a9991a62d93b669.js
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41b4f3c1adc28a7630fdffd0fc14f9549a88989802f39105316de71aff81b2e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
x-amz-version-id: raIvHZ71nRsrgRsAdYsxjn9PQplprICh
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 03 Jan 2024 14:40:32 GMT
server: cloudflare
x-amz-request-id: 557BWS3WVGY0B1PN
age: 753
etag: W/"c1e2e8b2ade09583a4f45ea85c6ad165"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 841284447d26bba4-FRA
x-amz-id-2: CZKM3qZg6dWiqSIaGzG7pTkoBp4+MqgyTxp8vVKd6Qoq1EzdiwG4k9uBzpSxB+Z3l2Rn2AHgS6Q=
expires: Sat, 06 Jan 2024 08:46:03 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2B71 204 KB
65 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 08:16:03 GMT

POST
H2 204 bulk-metrics Show response
am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/ 0
259 B 32ms
32ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/bulk-metrics?tvi2=9516&tvi48=14791&tvi50=13315&route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240104-7-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
pragma: no-cache
date: Sat, 06 Jan 2024 08:16:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3CB3 0
0 59ms
57ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupxyD7aHam7ywsKncJQePlhSRqJcysEgoNtVduFHo4FiazOKlTAzdvaxHeV1YMcMk0xIEDHT1YBejXDvWlv4fFKpMp_KkEteCQkSwyk6pMUwdo5BakIOedoZJZcnOw1HuTJs4O_UgbjjbGInqda-yGYK6TKjWx-_ttis-ij_XWbzvFi1KQCuV0g80J3L1BOldkk2lWlUZ0yfddQnrZWpf7sYiqDEryOoR0tpK40y0lYHUp1y-DqW14cgCWOE7vrFVOV7nXNimCrLLPk2t-3fWq2Om7wwbITeqp7A-224bkmiF3P3Ik-Kr37EAliGxwLiQqOFGEtYcjS2V0jK2ZV2_Z_GNMyZjYSeheac_EEGyjT6XCGtt_Yirl91ocZg&sai=AMfl-YQ0PSIBTHoJrHtLICq1YbCuCrbOdls7rYnIDMDFDxjKblpO1Z4Gc7rrYeGp0PMzPQXERucWGT2dwcnUQsCEFSATpqs6zxxjyE-gFUg_eT0iBPNGNXdWUSCo37NIEOY&sig=Cg0ArKJSzN0sRL-yjS-CEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 3CB3 3 KB
2 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 15:03:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Jan 2024 15:03:37 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3CB3 204 KB
64 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 08:16:03 GMT

GET
H2 200 15860992148454504511
tpc.googlesyndication.com/simgad/ Frame 3CB3 69 KB
70 KB 70ms
22ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15860992148454504511

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ae6bacc33833f659a37e0f9a605a369d06a7dd9a40bb895405171e02bc150d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sun, 05 Jan 2025 03:13:09 GMT
date: Sat, 06 Jan 2024 03:13:09 GMT
x-content-type-options: nosniff
age: 18174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71014
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 20:50:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame F015 4 KB
2 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Jan 2024 08:16:03 GMT

GET
DATA 200
OK truncated
/ Frame 3CB3 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51a3bdfb4d0c7de637f694676ccf95ee47e81fe5c4907d93fdb4405bb1930919

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame DB8C 113 B
159 B 27ms
27ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d69787cb939711d66eddfb1ce5f10db7f67feff5ea4e300e919580f94dcc4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame DB8C 29 B
54 B 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:06:11 GMT
x-content-type-options: nosniff
age: 592
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Jan 2024 08:21:11 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame F015 0
11 B 19ms
19ms Image
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?20GgKA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/QapS58_46_U?si=w1b-prLAbEWh-qaE&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 84C0 113 B
159 B 27ms
27ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5b8d43afdab0ae0abc8a5d1baa45590ead685e1437c760848e677c2c7ae6880

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 84C0 29 B
54 B 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:06:11 GMT
x-content-type-options: nosniff
age: 592
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Jan 2024 08:21:11 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame DB8C 116 KB
33 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973d937f69f428e851085e61e90eccfbb4ba39dab2ccdb303fcf08fa3fbd9dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:24:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258664
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33708
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:24:59 GMT

GET
H3 200 1xEiQfu-UCiwbMaFnr-G2Uzcd5udG06umsh6raawdbQ.js Show response
www.google.com/js/th/ Frame DB8C 50 KB
19 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/1xEiQfu-UCiwbMaFnr-G2Uzcd5udG06umsh6raawdbQ.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7112241fbbe5028b06cc6859ebf86d94cdc779b9d1b4eae9ac87aada6b075b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:13:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 223340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19870
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 18:13:43 GMT

GET
H3 200 sddefault.webp
i.ytimg.com/vi_webp/2pR204OZkqw/ Frame DB8C 17 KB
17 KB 22ms
22ms Image
image/webp 2a00:1450:4001:82f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/2pR204OZkqw/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fa506cbf6bc4d331c1041a54489d78e9c9e3e79b17364444e86ac3455760775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
x-content-type-options: nosniff
age: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16990
x-xss-protection: 0
server: sffe
etag: "1703873332"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 06 Jan 2024 10:16:02 GMT

GET
DATA 200
OK truncated
/ Frame 2B71 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a85e9e21d0b556bf5358ac053cdc503875322e2c23c28e51247889e77529a06

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2B71 0
0 108ms
65ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGOm7o1jJab_HaAMhic40ijHMThOEMhx727A4v3wk3PmOsbgY5G3St8Sx0SCN7uhW9XFu1JvCTIqW2lU3YHNHkX3AP8Fquw0P4iHJYWe5zWsDS_IAbeasCVBnojFPpu9MzDKhHSSFNAh3Ocvrs0sf-DXSg7VSiWEWXy8D2HdrKs59GTZU3DI3gq5rWijBOkzIo9hme3d3_IMB2JdQDnFzNxDJqk4I0d-EotLZzQfLcLpK5xdLo8jZg4KiNr-dYtSfj_UgxwadCHXH40t3b6GSHVqS-yoO-2zCTRc30lmhWZaPVKU2E-7fP7GSN7nbWexRRi8x5y6GSlhw5gpXLnQ7lauRDlKpz5__chD4&sai=AMfl-YR2aOFpfPEa7X98HX3hfbgGcrsuaCoOrjETZgWBgEaYjEt-yjUAsri11knO-dqIwrWFMss_JkO6J1pWUYLz7zsjgkcCJnYaj4e7oxNCHsf9jOvp1U3YUIj8-iQEUA&sig=Cg0ArKJSzKH6HUs7Ww_SEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 06 Jan 2024 08:16:03 GMT

GET
DATA 200
OK truncated
/ Frame DB8C 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 u7eliXWL0OkdVRYpKJ1VkLAmDmYrBM3D1GuUM8-FEXi9sfs71fn4QMjS-meZukm2Uquh1KfR=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame DB8C 2 KB
2 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/u7eliXWL0OkdVRYpKJ1VkLAmDmYrBM3D1GuUM8-FEXi9sfs71fn4QMjS-meZukm2Uquh1KfR=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a3eee885775f74730ef43503e2a686731d4ef88baf70a6894a313789b81417b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:34:47 GMT
x-content-type-options: nosniff
age: 6076
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2148
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 07 Jan 2024 06:34:47 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 84C0 116 KB
33 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973d937f69f428e851085e61e90eccfbb4ba39dab2ccdb303fcf08fa3fbd9dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:24:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258664
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33708
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:24:59 GMT

GET
H3 200 1xEiQfu-UCiwbMaFnr-G2Uzcd5udG06umsh6raawdbQ.js Show response
www.google.com/js/th/ Frame 84C0 50 KB
19 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/1xEiQfu-UCiwbMaFnr-G2Uzcd5udG06umsh6raawdbQ.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7112241fbbe5028b06cc6859ebf86d94cdc779b9d1b4eae9ac87aada6b075b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:13:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 223340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19870
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 18:13:43 GMT

GET
H3 200 sddefault.webp
i.ytimg.com/vi_webp/OsCp2pYT2_A/ Frame 84C0 19 KB
19 KB 21ms
21ms Image
image/webp 2a00:1450:4001:82f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/OsCp2pYT2_A/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0cf50d044cad2c23d11f7fa39888aedfccfa55f337df706b54b2cca7cb736e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:02 GMT
x-content-type-options: nosniff
age: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19206
x-xss-protection: 0
server: sffe
etag: "1704316711"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=300
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 06 Jan 2024 08:21:02 GMT

GET
DATA 200
OK truncated
/ Frame 84C0 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 u7eliXWL0OkdVRYpKJ1VkLAmDmYrBM3D1GuUM8-FEXi9sfs71fn4QMjS-meZukm2Uquh1KfR=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 84C0 2 KB
2 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/u7eliXWL0OkdVRYpKJ1VkLAmDmYrBM3D1GuUM8-FEXi9sfs71fn4QMjS-meZukm2Uquh1KfR=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a3eee885775f74730ef43503e2a686731d4ef88baf70a6894a313789b81417b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:34:47 GMT
x-content-type-options: nosniff
age: 6076
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2148
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 07 Jan 2024 06:34:47 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3CB3 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGWl6RavH63gVqC9tANd56O6Av1aa9ah7Ge8wCSWqrdzHbZw2Dr06aml7tAYkqsu0drTn5P96_oUX824YxRnhsDM_tG9WW0v2laUmE_BeT_1veI0b7bqquHD0_7pfT9NdDoryChExOKyOKj9s70oqsJJo1XKxyeihTZcFteGqxfvSAr0e6XFcxp7rOgWAMB63xd61oKdV-WGpGbXCQc9y-GmX4xRAqLBGYa_Lnh9ImW8PZsDxBSh9pY_rmiU2LRWlBlVvOetedQAswmtfz-iE2tL7jcYtz9gBRW9CiA9Rm6xrtiOofAIm8aJ4V2RlAkOGsBdMf_MPdm0GKCBiN6yoShna42L0dCjv-IItJi2sjqYJsKlRbUHHlrOol7n7k&sai=AMfl-YR37zGZlUjCoS9IV9KgZGlzA-cRFWwiEmdCMf4qG9vw11ocvlgwxaOaf4thc4o572TIULG1fc-bS_SU5p_bppXFEu_vJb3YGcyEx8fODbYroZtTV5ovBN6FpDDuIgM&sig=Cg0ArKJSzG0xw-wHTa9YEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 06 Jan 2024 08:16:03 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame F015 50 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 02:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 07 Jan 2024 02:27:50 GMT

GET
H2 200 / Show response
ui.cleverwebserver.com/ 157 B
380 B 63ms
53ms Script
application/javascript 2606:4700:4400::6812:2a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.cleverwebserver.com/
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04f02fab244f6c8296bff99cb139dfdff18db5028dd5ace4512b5bb912bc8840

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cf-ray: 84128445be16bba4-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 200 p-06ec9229.js Show response
diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/ 1 KB
1 KB 235ms
235ms Script
text/javascript 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/p-06ec9229.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

f503828aae308bbda421228d89fff3f9f7f4580f27faaf02c774ce73f9e066f3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/p-dd84f628.entry.js
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
x-cache-rule: YES with ttl: 3600.000 /apps/morpheus/web-components/dist/web-components/p-06ec9229.js
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 05 Oct 2023 00:07:34 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 2794
etag: W/"1110-1696464454000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/javascript
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:03 GMT

GET
H2 200 p-ddd39b27.js Show response
diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/ 20 KB
7 KB 238ms
238ms Script
text/javascript 170.82.174.15
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/p-ddd39b27.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

76308542c656df00ba56ff7626a63a3161e8c42877ad873fa50844d25f77db50

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/apps/morpheus/web-components/dist/web-components/p-dd84f628.entry.js
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
x-cache-rule: YES with ttl: 3600.000 /apps/morpheus/web-components/dist/web-components/p-ddd39b27.js
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 05 Oct 2023 00:07:34 GMT
server: gocache
content-security-policy: frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age: 679
etag: W/"20496-1696464454000"
x-frame-options: SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache: HIT
content-type: text/javascript
x-gocache-cachestatus: HIT
cache-control: max-age=1296000
expires: Sun, 21 Jan 2024 08:16:03 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 6688 196 KB
55 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 04 Jan 2024 20:28:35 GMT
age: 128848
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 03 Jan 2025 20:28:35 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6688 15 KB
5 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 01 Jan 2024 17:21:05 GMT
age: 399298
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Dec 2024 17:21:05 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6688 95 KB
29 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 01 Jan 2024 16:37:47 GMT
age: 401896
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Dec 2024 16:37:47 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6688 5 KB
2 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 01 Jan 2024 13:56:42 GMT
age: 411561
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Dec 2024 13:56:42 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6688 40 KB
13 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 05 Jan 2024 15:53:13 GMT
age: 58970
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 04 Jan 2025 15:53:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6688 6 KB
779 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 06 Jan 2024 08:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 06 Jan 2024 06:42:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 Jan 2024 08:16:03 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6688 3 KB
3 KB 21ms
21ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:34:10 GMT
x-content-type-options: nosniff
server: cafe
age: 13313
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2886
x-xss-protection: 0
expires: Sun, 07 Jan 2024 04:34:10 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6688 344 B
466 B 20ms
20ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:48:36 GMT
x-content-type-options: nosniff
server: cafe
age: 37647
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 06 Jan 2024 21:48:36 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6688 0
0 28ms
28ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ4Hd4QowkIo9tkU8tVIT7jsBVW6aTiwVPx-_glvOZyyszRXVaIoKCjxoK0u-4rHH-XEWJobAvOac7GOn2rRLsMwg-cHg
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/17261481928543937071/ Frame 6688 42 KB
42 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17261481928543937071/2076313506083323656

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db92cec9cc96bb3412ebac3977db98309917f92e36ba3fcf65588b371e25831b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 21:02:25 GMT
date: Fri, 05 Jan 2024 21:02:25 GMT
x-content-type-options: nosniff
age: 40418
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42958
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 08:05:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 6688 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 674fa3622bd3708539a20b20cdbaa19ad64a1f24cf1fbc2c974fa1f96a9a6bb1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6688 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfca5f26c17a4b7be4d3b51e041523ef3e6ff6156bbea73c05acafbea83e95d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame DB8C 4 KB
2 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Jan 2024 08:16:03 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 84C0 4 KB
2 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Jan 2024 08:16:03 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame DB8C 0
11 B 24ms
19ms Image
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?XNksrQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/2pR204OZkqw?si=MfC7IcYJXjf9K59Z&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 84C0 0
11 B 20ms
20ms Image
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?O67Jkg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/OsCp2pYT2_A?si=09UN79M8_DXx4Usz&enablejsapi=1&origin=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6688 15 KB
16 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 16:39:21 GMT
x-content-type-options: nosniff
age: 56202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 16:39:21 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6688 15 KB
15 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 00:01:51 GMT
x-content-type-options: nosniff
age: 375252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 00:01:51 GMT

GET
H2

200

widescreen.html Show response
lp.cleverwebserver.com/betano/de/sports/sports_de/ Frame 3250
Redirect Chain

https://sender.cleverwebserver.com/group/49109?id=798620&ref=aHR0cHM6Ly9kaWFyaW9kb25vcmRlc3RlLnZlcmRlc21hcmVzLmNvbS5ici8%3D&ruri=&r=466705229&tok=33419711310201791433&t=1704528963&cmpId=&fb=0&wl=1&...
https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=798620&group=49109&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTJiXzI5MzFjXyZhZmZpZD00MzEmc2l0ZWlkPTExNT...

2 KB
890 B

130ms
121ms

Document
text/html

2606:4700:4400::6812:2a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=798620&group=49109&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTJiXzI5MzFjXyZhZmZpZD00MzEmc2l0ZWlkPTExNTImYWRpZD0yOTMxJmM9Q0FBQlhOTVNMQURBQURF&ref=aHR0cHM6Ly9kaWFyaW9kb25vcmRlc3RlLnZlcmRlc21hcmVzLmNvbS5ici8%3D&r=466705229
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b053bdbcb7f497d520c922dee59436cee21b900fb33a5b1392b24e5fae21b49c

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=28800
cf-cache-status: MISS
cf-ray: 84128446ef01bba4-FRA
content-encoding: br
content-type: text/html
date: Sat, 06 Jan 2024 08:16:03 GMT
expires: Sat, 06 Jan 2024 16:16:03 GMT
last-modified: Fri, 05 Jan 2024 16:16:02 GMT
server: cloudflare
vary: Accept-Encoding
x-amz-id-2: 0Q5B7nYLJMVfRB5UooVBM9rGnfIZ3KYAyc8752jZ1AJMp3lmPcBgMKQDrq0/Sya3FLylAqOZoco=
x-amz-request-id: SEXSPZQBQQFF7B6R

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 841284468ec4bba4-FRA
content-type: text/html
date: Sat, 06 Jan 2024 08:16:03 GMT
location: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=798620&group=49109&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTJiXzI5MzFjXyZhZmZpZD00MzEmc2l0ZWlkPTExNTImYWRpZD0yOTMxJmM9Q0FBQlhOTVNMQURBQURF&ref=aHR0cHM6Ly9kaWFyaW9kb25vcmRlc3RlLnZlcmRlc21hcmVzLmNvbS5ici8%3D&r=466705229
server: cloudflare

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46336d17bc0deae32fd48d3697163d7845b46f846ef4b247fd01358d7f349a20

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 655 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f312aead73c7059dc22bbff1a38210eaacd5e2d7beaaec586a32575c54bc35a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame DB8C 50 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 02:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 07 Jan 2024 02:27:50 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 84C0 50 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 02:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 07 Jan 2024 02:27:50 GMT

GET
H2 200 /
call.cleverwebserver.com/ 43 B
105 B 63ms
54ms Image
image/gif 2606:4700:4400::6812:2a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://call.cleverwebserver.com/?id=49109&c=DE&r=&l=127&b=Chrome&os=Win10&mob=0&v=1.60.17&ref=aHR0cHM6Ly9kaWFyaW9kb25vcmRlc3RlLnZlcmRlc21hcmVzLmNvbS5ici8%3D&ruri=&iv=-1&ctr=DE&sz=1200
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 84128446beddbba4-FRA
content-length: 43
content-type: image/gif

GET
H3 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6688 3 KB
3 KB 21ms
21ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:34:10 GMT
x-content-type-options: nosniff
server: cafe
age: 13313
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2886
x-xss-protection: 0
expires: Sun, 07 Jan 2024 04:34:10 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6688 344 B
368 B 20ms
20ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:48:36 GMT
x-content-type-options: nosniff
server: cafe
age: 37647
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 06 Jan 2024 21:48:36 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6688 0
0 64ms
64ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CgafiQwyZZZ3pA9CK7_UPtrGPwAruwbCiboH9sZCAEdzZHhABIN3Wrh5glYKAgJQHoAHy-MvQAsgBCakCEw_QOdxbsj7gAgCoAwHIAwqqBNcCT9BlbLGef1gLRfStKdjncleJpo3zJ5Rf263RTw3JWj0UGCJpS9O1-FBxCNzNbuaTjbvOe9L1ZUDzCTvOuKXWVzHcWJsRNQbR7u9wSE3AAt7oRQNt0zFqWY1XfVVhKOPFbWCWYQnuEmQNNVu8L2uYDGgpDGXNbPlV0kKLq2HHbyjMV7-jGGQKe5lAnOujqJ9tVBPG9e9wdGtQXjUuqIiqPBTeY7sWiQdDWThQCkIlNN-_Ol9F_zxoWfQFZbfoA_cxPw46dzWMszJYvlzolrginfgziXYhwrhet3Rlix8f5Qe8QpxQ8viwpgR_Gkt3I5AktKQ6Qp2ZmXL6WpYBcqGlu2e5uw4DpU2N9QnO6fcYA2D9n5CEVV3pJuvI71D4pCAWPOHAhP8CJVIOv5PXETJqs-8eu2KjAAxoRFKzjYCTXgOMwf2Bl2xKO6e2IrvNPdrpadhsVOF_48AE9-ueoZsE4AQBiAXXqKnVR5IFBAgEGAGSBQQIBRgEoAYugAf2hrSvAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEELfcDtIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYlrLCmqnIgwOaCSVodHRwczovL3d3dy5taWtlLWJlcmdtYW5uLWFrYWRlbWllLmRlgAoDyAsBogwIKgYKBLu7sQLiDRMIy-PCmqnIgwMVUMW7CB222AOouBPkA9gTDYgUBdAVAYAXAbIXHgocCAASFHB1Yi05MDQ1ODA3MDQyNjA0MDUzGOGeB7IYBRguIgEA&sigh=EtWoMGLjdXQ&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSPAAvHhf_nL2AF00fc8uyn-VH1kqWgHOmOPG4gXRhtEDUTx7Aj8jusO9o0njwzVHKFiYjh8UYkUvrskSuwBgB&template_id=484&cbvp=2
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 bg-1490x300.webp
lp.cleverwebserver.com/betano/de/sports/sports_de/imgs/ Frame 3250 40 KB
40 KB 45ms
45ms Image
binary/octet-stream 2606:4700:4400::6812:2a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cleverwebserver.com/betano/de/sports/sports_de/imgs/bg-1490x300.webp?v=33
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=798620&group=49109&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTJiXzI5MzFjXyZhZmZpZD00MzEmc2l0ZWlkPTExNTImYWRpZD0yOTMxJmM9Q0FBQlhOTVNMQURBQURF&ref=aHR0cHM6Ly9kaWFyaW9kb25vcmRlc3RlLnZlcmRlc21hcmVzLmNvbS5ici8%3D&r=466705229
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3ba5c932fea0dd2015bf65c241445b86fe14a0d6ba863f65f6f5585afbe1733

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=798620&group=49109&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTJiXzI5MzFjXyZhZmZpZD00MzEmc2l0ZWlkPTExNTImYWRpZD0yOTMxJmM9Q0FBQlhOTVNMQURBQURF&ref=aHR0cHM6Ly9kaWFyaW9kb25vcmRlc3RlLnZlcmRlc21hcmVzLmNvbS5ici8%3D&r=466705229
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Dec 2023 15:38:45 GMT
server: cloudflare
x-amz-request-id: 5WDRK5PX9R1HHDHH
age: 390
etag: "36d580ed1582db1c3722787924fc00d3"
vary: Accept-Encoding
content-type: binary/octet-stream
cache-control: public, max-age=28800
accept-ranges: bytes
cf-ray: 84128447bf80bba4-FRA
content-length: 41072
x-amz-id-2: cMCNFGZ0HfUPSsmvt7suAlqh+8dLRIu2roEbG9V0R28nImKkIAabqC0ak3/QEdBmQebaduMoqXo=
expires: Sat, 06 Jan 2024 16:16:03 GMT

GET
H2 200 rocket-loader.min.js Show response
lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 3250 12 KB
4 KB 35ms
35ms Script
application/javascript 2606:4700:4400::6812:2a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=798620&group=49109&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTJiXzI5MzFjXyZhZmZpZD00MzEmc2l0ZWlkPTExNTImYWRpZD0yOTMxJmM9Q0FBQlhOTVNMQURBQURF&ref=aHR0cHM6Ly9kaWFyaW9kb25vcmRlc3RlLnZlcmRlc21hcmVzLmNvbS5ici8%3D&r=466705229

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=798620&group=49109&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTJiXzI5MzFjXyZhZmZpZD00MzEmc2l0ZWlkPTExNTImYWRpZD0yOTMxJmM9Q0FBQlhOTVNMQURBQURF&ref=aHR0cHM6Ly9kaWFyaW9kb25vcmRlc3RlLnZlcmRlc21hcmVzLmNvbS5ici8%3D&r=466705229
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Dec 2023 14:09:38 GMT
server: cloudflare
etag: W/"6581a422-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 84128447bf83bba4-FRA
expires: Mon, 08 Jan 2024 08:16:03 GMT

POST
H2 204 bulk Show response
trc.taboola.com/diariodonordeste-diariodonordeste/log/3/ 0
338 B 31ms
31ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/diariodonordeste-diariodonordeste/log/3/bulk?tvi2=9516&tvi48=14791&tvi50=13315&route=AM%3AAM%3AV&lti=deflated&bulkSize=6
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240104-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 12
date: Sat, 06 Jan 2024 08:16:03 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7511
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220038-FRA
pragma: no-cache
server: nginx
x-timer: S1704528964.829242,VS0,VE12
content-type: image/gif
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 clever-core-other.js Show response
lp.cleverwebserver.com/ Frame 3250 1 KB
844 B 46ms
46ms Script
text/javascript 2606:4700:4400::6812:2a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cleverwebserver.com/clever-core-other.js?v=33
Requested by: Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a5e290f330a473df29695496b8d33d379cb2b17686b63f9356bb23e07f7bd86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cleverwebserver.com/betano/de/sports/sports_de/widescreen.html??id=798620&group=49109&tracker=aHR0cHM6Ly9nbWwtZ3JwLmNvbS9DLmFzaHg%2FYnRhZz1hXzExNTJiXzI5MzFjXyZhZmZpZD00MzEmc2l0ZWlkPTExNTImYWRpZD0yOTMxJmM9Q0FBQlhOTVNMQURBQURF&ref=aHR0cHM6Ly9kaWFyaW9kb25vcmRlc3RlLnZlcmRlc21hcmVzLmNvbS5ici8%3D&r=466705229
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:03 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 7VRZYXWQK13NXNP1
age: 73
cf-polished: origSize=1799
x-amz-id-2: BIJwvXBjlo5WX47NP/4Hbb7sS4A9mfBHPFCCv71kZuv0jgYsS3+c3nHzbEt8kd6DuRFgBkgeRpU=
cf-bgj: minify
last-modified: Mon, 18 Dec 2023 15:38:56 GMT
server: cloudflare
etag: W/"e5be82211892c5a612ab8274562f1ef2"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=28800
cf-ray: 84128447ffa6bba4-FRA
expires: Sat, 06 Jan 2024 16:16:03 GMT

GET
H2

200

index.html Show response
promos.betano.de/willkommenspaket/ Frame 2885
Redirect Chain

https://gml-grp.com/C.ashx?btag=a_1152b_2931c_&affid=431&siteid=1152&adid=2931&c=CAABXNMSLADAADE
https://gml-grp.com/C.ashx?btag=a_1152b_2931c_&affid=431&siteid=1152&adid=2931&c=CAABXNMSLADAADE&AutoR=1
https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

12 KB
4 KB

148ms
80ms

Document
text/html

2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Requested by

Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/clever-core-other.js?v=33

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ee44f8ba15e607e839769cecf095bbad4b1984b8ed10bc5d00ff1c2044011e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lp.cleverwebserver.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 33659
cache-control: public, max-age=900, immutable
cf-cache-status: DYNAMIC
cf-ray: 84128449ca9c1ad4-FRA
content-encoding: gzip
content-md5: uFN4f36vMGzzhOrcv8TbsA==
content-type: text/html; charset=utf-8
date: Sat, 06 Jan 2024 08:16:04 GMT
last-modified: Wed, 22 Nov 2023 09:55:40 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: bd2cf6b1-301e-0078-4830-24b1fa000000
x-ms-version: 2014-02-14

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 84128448f90737f1-FRA
content-type: text/html; charset=utf-8
date: Sat, 06 Jan 2024 08:16:04 GMT
location: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rrsRwody9dStXSIM2HOJLcsA%2B2vut1pH0hO8NH5cMcYXfdjdOboiCcPCkBDPvRBTo6iCT0WOeUIOzsnII3kxIsAYpe%2FVznlNmqKZIdncj3%2BK2sZvrwkUMWYcBVJyd0Old0AENrXJi50GFA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
315 B 124ms
124ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://diariodonordeste.verdesmares.com.br
Date: Sat, 06 Jan 2024 08:16:03 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 r4JQVZETZTeQtnzawJh5s2Wbw6I.js Show response
promos.betano.de/cdn-cgi/apps/head/ Frame 2885 4 KB
2 KB 47ms
45ms Script
application/javascript 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/cdn-cgi/apps/head/r4JQVZETZTeQtnzawJh5s2Wbw6I.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78882a11de1f82194b521c7a3729eec430b5e5487a978fd8b1059b7adfe8231a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-version-id: 3sraLaHyO3PY1q7UPyU188EJJRO793MA
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 08XC70AHJ9SA0ZR3
age: 63
content-length: 1344
x-amz-id-2: JARoRmKcwGU0MuNTjovf32N9faUoZCfb3QMoOLOrqqJymWDj35ojMvx1dxBRWHKFsuXsvUZ2HSM=
last-modified: Thu, 21 Dec 2023 12:52:13 GMT
server: cloudflare
etag: "30cf280ac36d10da9b831b91729cc23c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8412844a4b1c1ad4-FRA
expires: Sun, 05 Jan 2025 08:16:04 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ Frame 2885 86 KB
30 KB 22ms
20ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 9726764
x-cache: HIT, HIT
content-length: 30638
x-served-by: cache-lga21965-LGA, cache-fra-etou8220086-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1704528964.209230,VS0,VE0
etag: W/"28feccc0-15851"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 454, 24736

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ Frame 2885 42 KB
11 KB 30ms
28ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5017316
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDA8QzHb%2FvzSDsGpwqUM0yNdszMpXN2%2B4Mh9sXFVtssMhROkfDW%2FHo4F%2BCTcIeiPSQ4FlQTSIQIuYpg7mZ%2B%2FaLpbvQYmriROsquAHWywzQqO9Kp9MXO2TVwQzycLqTr2tABsBVzg%2Fl3qMV8%2BVjk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8412844a49ce39ce-FRA

GET
H2 200 Init.js Show response
promos.betano.de/willkommenspaket/ Frame 2885 2 KB
877 B 50ms
49ms Script
application/javascript 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/willkommenspaket/Init.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d776482d5387dd66a3354637a3ddf5261dc6f35298b1e67d3f25ddefd5154d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 132
content-md5: MU2fLrkr53Ix09vSPFEwZA==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Wed, 22 Nov 2023 09:55:41 GMT
server: cloudflare
etag: W/"0x8DBEB412FE1A984"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 7713a2d6-e01e-0054-3b2e-1d5d55000000
cache-control: public, max-age=900
x-ms-version: 2014-02-14
cf-ray: 8412844a4b1d1ad4-FRA
expires: Sat, 06 Jan 2024 08:31:04 GMT

GET
H2 200 Landing.js Show response
promos.betano.de/willkommenspaket/ Frame 2885 614 B
443 B 49ms
48ms Script
application/javascript 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/willkommenspaket/Landing.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f88d265d4f543754bfda9de4c9549fc41754bfbe3d9e2fb58011aa9d5f8a929

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 132
content-md5: IVOxqm2c5AfGSPYura3A9A==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Wed, 22 Nov 2023 09:55:41 GMT
server: cloudflare
etag: W/"0x8DBEB412FED1990"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 1712304a-701e-0069-5d2e-1d2b4e000000
cache-control: public, max-age=900
x-ms-version: 2014-02-14
cf-ray: 8412844a4b1f1ad4-FRA
expires: Sat, 06 Jan 2024 08:31:04 GMT

GET
H2 200 custom.js Show response
promos.betano.de/ Frame 2885 8 KB
3 KB 75ms
74ms Script
application/javascript 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/custom.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b16426ca00785ca2b259d4305d99b2e6e89a17cc9fa6af3aaa72ec7b16d587f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 315
content-md5: IACfhqsuxFK5etAGqh7MRA==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 20 Oct 2023 08:33:32 GMT
server: cloudflare
etag: W/"0x8DBD1473EA630C7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3b1a4872-201e-0006-1641-2321bd000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 8412844a4b211ad4-FRA
expires: Sat, 06 Jan 2024 08:21:04 GMT

GET
H2 200 tagline.png
promos.betano.de/willkommenspaket/ Frame 2885 219 KB
220 KB 53ms
53ms Image
image/png 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/tagline.png

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7987ed9a45cb8609048c1f88719a037c46d30d4b7101473326d12e5767a2aa7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 2k9YU1t/lIEgNgYbwdE88A==
age: 277
content-length: 224661
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Wed, 22 Nov 2023 09:55:41 GMT
server: cloudflare
etag: "0x8DBEB412FFF665B"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 1ac6895e-c01e-0021-55b2-213679000000
cache-control: public, max-age=900
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844a4b221ad4-FRA
expires: Sat, 06 Jan 2024 08:31:04 GMT

GET
H2 404 Rectangle.svg
promos.betano.de/willkommenspaket/ Frame 2885 215 B
215 B 74ms
73ms Image
application/xml 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/Rectangle.svg

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed13c4e75b93119acf64bd85bd8d95c456de931ae3b6314ae6cef324e386d186

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 108
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: e7f09ab1-601e-004a-2678-40b18d000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 8412844a4b251ad4-FRA
expires: Sat, 06 Jan 2024 08:21:04 GMT

GET
H2 404 bullet.svg
promos.betano.de/willkommenspaket/ Frame 2885 215 B
215 B 48ms
48ms Image
application/xml 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/bullet.svg

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d902496edd78890a7f6220c67568768e462dd2c0865d8adbc70506e07f68a3d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 45
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: 5fff9c61-001e-0011-1f78-4088b6000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 8412844adb921ad4-FRA
expires: Sat, 06 Jan 2024 08:21:04 GMT

GET
H2 404 banner1.png
promos.betano.de/willkommenspaket/ Frame 2885 215 B
215 B 42ms
41ms Image
application/xml 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/banner1.png

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86565c8aed1f7bbc5c896bfa99b332bd5b57e2e797ed54e2099de7931a0857d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 37
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: 4c2cad86-f01e-0005-4578-40c0d9000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 8412844adb9b1ad4-FRA
expires: Sat, 06 Jan 2024 08:21:04 GMT

GET
H2 404 banner2.png
promos.betano.de/willkommenspaket/ Frame 2885 215 B
215 B 49ms
48ms Image
application/xml 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/banner2.png

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e2d1f586c76a89dbc20290f84eba625d8c271e2e516479630ecdc019c9f70f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 37
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: d5132e12-c01e-0053-5b78-403136000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 8412844adb9c1ad4-FRA
expires: Sat, 06 Jan 2024 08:21:04 GMT

GET
H2 404 banner3.png
promos.betano.de/willkommenspaket/ Frame 2885 215 B
215 B 53ms
52ms Image
application/xml 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/banner3.png

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3266fa4ea51a7c0a7688f790e22a224b08de0fab8d273b5abb34bec1fea915a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 37
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: a8c33b86-f01e-003a-7178-40087a000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 8412844adb9d1ad4-FRA
expires: Sat, 06 Jan 2024 08:21:04 GMT

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame BD0D 196 KB
55 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 04 Jan 2024 20:28:35 GMT
age: 128849
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 03 Jan 2025 20:28:35 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame BD0D 15 KB
5 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 01 Jan 2024 17:21:05 GMT
age: 399299
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Dec 2024 17:21:05 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame BD0D 95 KB
28 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 01 Jan 2024 16:37:47 GMT
age: 401897
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Dec 2024 16:37:47 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame BD0D 5 KB
2 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 01 Jan 2024 13:56:42 GMT
age: 411562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Dec 2024 13:56:42 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame BD0D 40 KB
13 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 05 Jan 2024 15:53:13 GMT
age: 58971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 04 Jan 2025 15:53:13 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BD0D 6 KB
706 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=de

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 06 Jan 2024 07:44:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 Jan 2024 08:16:04 GMT

GET
H3 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BD0D 3 KB
3 KB 20ms
20ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:34:10 GMT
x-content-type-options: nosniff
server: cafe
age: 13314
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2886
x-xss-protection: 0
expires: Sun, 07 Jan 2024 04:34:10 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BD0D 344 B
368 B 25ms
25ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:48:36 GMT
x-content-type-options: nosniff
server: cafe
age: 37648
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 06 Jan 2024 21:48:36 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BD0D 0
0 28ms
28ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQQNHhCsK-gJG6QYIfSuIid2kBQoIN9wX_DLbHpL2p3J-9jk02zM7g8v9w--Ba7NL4s3a1GPEpYG-KZ4MNb-r0nCRumtA
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame BD0D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2db20c3c3c0373d7adc848738eff9bd98b7bbf0974f5a1ad18f2ad08d5de7220

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 2885 397 KB
115 KB 55ms
54ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aafda1ab2eb5f07a0b3b47fabf74b8f3b889ad07cfbcf82e626dc5f5aed23624

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118180
x-xss-protection: 0
last-modified: Sat, 06 Jan 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 06 Jan 2024 08:16:04 GMT

GET
H2 200 tags.js Show response
dd.betano.de/ Frame 2885 147 KB
27 KB 130ms
24ms Script
text/javascript 52.222.236.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.betano.de/tags.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-114.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

c54140eac6df64b97abf9bf21e88910bac89ddc973d871fcd33dca119b8b4c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront)
date: Sat, 06 Jan 2024 08:10:44 GMT
x-amz-cf-pop: FRA56-P4
age: 400
x-cache: Hit from cloudfront
content-length: 27331
last-modified: Wed, 29 Nov 2023 13:37:06 GMT
server: Apache
etag: "24cd6-60b4aa18fa3ca-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: qz506Y5_3gH-VNBfT-ioUAuAaRQjrCYLws3eR4xIQELe3pAFXOeVIA==
expires: Sat, 06 Jan 2024 09:09:24 GMT

GET
H2 404 Rectangle.svg
promos.betano.de/willkommenspaket/ Frame 2885 215 B
215 B 51ms
51ms Image
application/xml 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.de/willkommenspaket/Rectangle.svg

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed13c4e75b93119acf64bd85bd8d95c456de931ae3b6314ae6cef324e386d186

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 108
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: e7f09ab1-601e-004a-2678-40b18d000000
cache-control: public, max-age=300
x-ms-version: 2014-02-14
cf-ray: 8412844adb9e1ad4-FRA
expires: Sat, 06 Jan 2024 08:21:04 GMT

GET
H3 200 ns.html Show response
www.googletagmanager.com/ Frame 6C76 691 B
344 B 42ms
42ms Document
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-MN2KPC6

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/custom.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

322324fa010151740be0838f03098bfd56110282a027889ef8a8edd6541de27e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://promos.betano.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 322
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 08:16:04 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H2

200

main.js Show response
promos.betano.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame 7F8B
Redirect Chain

https://promos.betano.de/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://promos.betano.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
4 KB

27ms
26ms

Script
application/javascript

2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68a0f6c6022203c46e4dfded06a6bc3ca64b895839d39062351649dd97a2ad8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8412844b1bc41ad4-FRA

Redirect headers

date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 8412844aeba71ad4-FRA

GET
H2 200 css-betano.css
landingpages.kaizengaming.com/layout/ Frame 2885 266 B
562 B 108ms
54ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1bcda979c82fbdb001a058bbcd782235588ba0cf67ec17cb6b406c354049697

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: VV0mNMQdoST1edPAjk1m6w==
age: 1136
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:08 GMT
server: cloudflare
etag: W/"0x8DBA4A5D1339F5D"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 0d82a399-c01e-0031-3085-22f311000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8412844b4d051a6d-FRA

GET
H2 200 css-theme.css
landingpages.kaizengaming.com/de-sport/ Frame 2885 799 B
778 B 106ms
52ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/de-sport/css-theme.css
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0aa554b7453c36d605833a473df0e1825189dc64c064b472430bbc65078c9312

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: kJMidRkqsO72r6TQLkoSKQ==
age: 1136
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:35 GMT
server: cloudflare
etag: W/"0x8DC0D357C9A7985"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: a024c7cb-401e-002f-551f-3f1fc9000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8412844b4d041a6d-FRA

GET
H2 200 css-betano_worldcup.css
landingpages.kaizengaming.com/layout/ Frame 2885 3 KB
1 KB 105ms
51ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-betano_worldcup.css
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a24f4f105f56838f9beb801ad17aba77b0a225f6e207515d5be5f4bf500fbee4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: k3d6Yiaa8bmwIFFDC1yKKQ==
age: 1136
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D1452901"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: b930bf0d-a01e-0045-37a7-3cc7e1000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8412844b4d011a6d-FRA

GET
H2 200 css-iframe.css
landingpages.kaizengaming.com/layout/ Frame 2885 2 KB
900 B 109ms
55ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-iframe.css
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7392d426ac3da3071ebe16fa2ba3003e438842f8368aa9611b7fdcc48239024e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 39E7RXrp/bQVuYTQHPOHVg==
age: 1169
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:12 GMT
server: cloudflare
etag: W/"0x8DBA4A5D385763B"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 1799abcd-201e-0016-79f2-12e4d5000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8412844b4d061a6d-FRA

GET
H2 200 Theme.css
promos.betano.de/willkommenspaket/ Frame 2885 4 KB
1 KB 43ms
41ms Stylesheet
text/css 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/willkommenspaket/Theme.css

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d30e51042a424e480e0bda151a436d5a50f2e08d939fdb4a0e8553269de1d74a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 132
content-md5: iEQB/4Da+za49y9++eEi0A==
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Wed, 22 Nov 2023 09:55:41 GMT
server: cloudflare
etag: W/"0x8DBEB412FC9DF39"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 94cf8a15-301e-0057-012e-1dbc31000000
cache-control: public, max-age=900
x-ms-version: 2014-02-14
cf-ray: 8412844aebaa1ad4-FRA
expires: Sat, 06 Jan 2024 08:31:04 GMT

GET
H2 200 common.js Show response
landingpages.kaizengaming.com/layout/ Frame 2885 7 KB
2 KB 105ms
53ms Script
application/javascript 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/common.js
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a493de25e0c3a0d6e8cff6840a97dc93226c9d704102d957b1d4ddee13313aa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Tt1r+v6iV6U4snwCJhK1bQ==
age: 1169
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:08 GMT
server: cloudflare
etag: W/"0x8DBA4A5D12AEE0B"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 6715cd4f-701e-001b-2e9b-132c01000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8412844b4d071a6d-FRA

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BD0D 16 KB
16 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 17:38:05 GMT
x-content-type-options: nosniff
age: 398279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 17:38:05 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BD0D 15 KB
15 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://diariodonordeste.verdesmares.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 00:57:14 GMT
x-content-type-options: nosniff
age: 112730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 00:57:14 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame BD0D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

33ms
33ms

Image
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H3
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Redirect headers

date: Sat, 06 Jan 2024 08:16:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.google.de/pagead/1p-conversion/763238947/ Frame 6C76
Redirect Chain

https://www.googleadservices.com/pagead/conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&ocp_id=RAyZZfWZFvbJ78EPioGniAc&rando...
https://www.google.com/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=2121540118&sscte=1&crd=&pscrd=IhMI9cu4m6nIgwMV9uQ7...
https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=2121540118&sscte=1&crd=&pscrd=IhMI9cu4m6nIgwMV9uQ7A...

42 B
64 B

50ms
50ms

Image
image/gif

2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=2121540118&sscte=1&crd=&pscrd=IhMI9cu4m6nIgwMV9uQ7Ah2KwAlx&is_vtc=1&ocp_id=RAyZZfWZFvbJ78EPioGniAc&cid=CAQSKQAvHhf_2MmWAY00EEdSBjyqteAAU4Xunyjr9AisFAvhxyLG3FDb-fbo&random=805159610&ipr=y

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-MN2KPC6

Protocol

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.googletagmanager.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/763238947/?url=https%3A%2F%2Fpromos.betano.de%2F&guid=ON&script=0&data=&ct_cookie_present=false&random=2121540118&sscte=1&crd=&pscrd=IhMI9cu4m6nIgwMV9uQ7Ah2KwAlx&is_vtc=1&ocp_id=RAyZZfWZFvbJ78EPioGniAc&cid=CAQSKQAvHhf_2MmWAY00EEdSBjyqteAAU4Xunyjr9AisFAvhxyLG3FDb-fbo&random=805159610&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

activityi;dc_pre=CPubv5upyIMDFZHtOwIdHT0GTg;src=12738953;type=despo0;cat=despo0;ord=786226975;~oref=https%3A%2F%2Fpromos.betano.de%2F
12738953.fls.doubleclick.net/ Frame 15EA
Redirect Chain

https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=786226975;~oref=https%3A%2F%2Fpromos.betano.de%2F?
https://12738953.fls.doubleclick.net/activityi;dc_pre=CPubv5upyIMDFZHtOwIdHT0GTg;src=12738953;type=despo0;cat=despo0;ord=786226975;~oref=https%3A%2F%2Fpromos.betano.de%2F?

0
0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BD0D 0
0 64ms
64ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cjg2cQwyZZbjEOv-N7_UPzPaF8AeO6-OUdajY2rOzErnu8MiqARABIN3Wrh5glYKAgJQHoAGhwJjxKMgBAeACAKgDAcgDCqoEzgJP0HNbi9YadSaCH_wKD6h5onYx32I1CSwQvjym7NlSdYp92whG4j8qGYkXdWqDdss9rsHvtCm4M4Qc-RiK7r45m6PGEBGC7B6xVY4B2eST0F_XrEjMvkcoV0vWVUWTqAJExgr6o9QXVzcOBnTxRtmO6aM4Z-OaTR6vEG43ULmm-PNUwCQtVZQ1APCIk_gtDJHPMSN-N3ztGwTGuZ-crHjYQys0jS20UQDQITxMTCZeTyV1XfyNuRkcNhUN7hiVqBh8PqRtdSxlaUh-FnYV_CEJFvm8RiHPyjK2Z1aH0lX-HdwGqND7Ss5nlzmsM0wQv9sBF7nlVZhFUQPnauYbl4KI6mkuNdo6TRYpALpHT6hTxu29t-z82NymQTrimEngVhEHbKetrYmS9apdRZjYZHvijbIe2hl34ARtD4MbWTjJEGk2yDsf332eURJDrNMVwASLtriDxgTgBAGIBevkwK1NkgUECAQYAZIFBAgFGASAB538pKMEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQoosL0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlj6xsKaqciDA5oJgQJodHRwczovL3d3dy50ZW11LmNvbS9kZS9rdWlwZXIvdW4xLmh0bWw_c3Viaj1mZWVkLXVuJl9iZ19mcz0xJl9wX21hdDFfdHlwZT0xJl9wX2p1bXBfaWQ9NzI1Jl94X3ZzdF9zY2VuZT1hZGcmbG9jYWxlX292ZXJyaWRlPTc2fmRlfkVVUiZnb29kc19pZD02MDEwOTk1MjE1MDkwMjgmX3BfcmZzPTEmX3hfYWRzX3N1Yl9jaGFubmVsPW90aGVyJl94X2Fkc19jaGFubmVsPWdvb2dsZSZfeF9iZ19hZGlkPWdkMTQwNjg5Mi0xJnRvcGljX2NsYXNzaWZ5PTEyNIAKA8gLAaIMCCoGCgS7u7EC4g0TCJz8wpqpyIMDFf_GuwgdTHsBftgTDNAVAYAXAbIXHgocCAASFHB1Yi05MDQ1ODA3MDQyNjA0MDUzGOGeBw&sigh=O9oziRohQi4&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSOwAvHhf_CAGRBBIK36IhTwtl_qgmjZNW6DgLQmb6JSotPPS36hPE83NwcUN7z-2BEpjPsscQPPh1OhPdGAE&cbvp=2
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

POST
H2 200 84128449ca9c1ad4 Show response
promos.betano.de/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 7F8B 0
252 B 42ms
42ms XHR
text/plain 2606:4700:4400::ac40:9754
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.de/cdn-cgi/challenge-platform/h/g/jsd/r/84128449ca9c1ad4

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9754 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
server: cloudflare
cf-ray: 8412844b9c341ad4-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 slick.css
landingpages.kaizengaming.com/layout/ Frame 2885 2 KB
667 B 41ms
40ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/slick.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc0081d5d01c24bef68e2329cfc63cd65ba2516dceb940baeff08b09430e1e62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: WZ31BB/YyxPVIgu7I3iKsw==
age: 1169
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:12 GMT
server: cloudflare
etag: W/"0x8DBA4A5D32ED756"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 7bdf1e7a-201e-0006-64e3-1521bd000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8412844bad461a6d-FRA

GET
H2 200 slick-theme.css
landingpages.kaizengaming.com/layout/ Frame 2885 3 KB
1 KB 40ms
38ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/slick-theme.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed48c2c26ab144483ce6e6cfd207070eaa30dcd7cfe36c14b29d89b343e9df05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: UpLamLxcSvAJaktpLARRvQ==
age: 1169
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:12 GMT
server: cloudflare
etag: W/"0x8DBA4A5D316E60C"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 257fadc4-b01e-0066-19cf-155d22000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8412844bad471a6d-FRA

GET
H2 200 css-fonts.css
landingpages.kaizengaming.com/layout/ Frame 2885 4 KB
529 B 43ms
42ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-fonts.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7128e23958b3fda5c3c906893ed845791c82b203b643817c854c86f211efbb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: pvSNyxtpXpV4jwDcVBs+8g==
age: 767
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D1600014"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: c05df385-d01e-0060-7eac-166e9d000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8412844bad481a6d-FRA

GET
H2 200 css-common.css
landingpages.kaizengaming.com/layout/ Frame 2885 944 B
600 B 47ms
46ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-common.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8a0d356d644b4013aa75e86393844a21bdfaf2a4bd5e99c2ab05c0fe74e3101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 5eGR2sXfZgOapde0CV8YSg==
age: 1169
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D14E9D7C"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: f36275d2-d01e-0060-0d76-226e9d000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8412844bad491a6d-FRA

GET
H2 200 css-landing.css
landingpages.kaizengaming.com/layout/ Frame 2885 8 KB
2 KB 44ms
43ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-landing.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c71752822cfbdf7713731e936ebe7f93fe99c5984e0ddd3c6a8e185c17ff5048

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: JDqCfcVQtN58am64kAmqvg==
age: 1169
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D168B161"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 9e377160-101e-006f-6eac-2118f1000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8412844bad4a1a6d-FRA

GET
H2 200 css-desktop.css
landingpages.kaizengaming.com/layout/ Frame 2885 5 KB
1 KB 46ms
45ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-desktop.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf06e66d0b6d12c39860b7a3f1a724397a8bc0267423b64c6627ef0f52a7b27d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: AOVpmo2f/4Wn1SoTquvjVA==
age: 1136
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D1574ECA"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 72bda778-201e-0029-456f-222c76000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8412844bad4c1a6d-FRA

GET
H2 200 css-tablet.css
landingpages.kaizengaming.com/layout/ Frame 2885 4 KB
1 KB 47ms
47ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-tablet.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1172af7570acdb509d41b715ff6f8d2c0e06a3af29b54e76ae681571161e4d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Mr2IdhRK+4IeBy7KcyoBtQ==
age: 1136
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D18E0E3F"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 7744b549-401e-0062-5a99-16d025000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8412844bad4f1a6d-FRA

GET
H2 200 css-mobile.css
landingpages.kaizengaming.com/layout/ Frame 2885 3 KB
1 KB 45ms
45ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-mobile.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fea86661c5d80146c78c8e112e81c6ebcd3ac8c3f4d81c6fd3419532343c21a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: y0J3Tr1dgXYbzTPMrvAM5Q==
age: 1136
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D171FED7"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 6cddab82-201e-0016-6b35-23e4d5000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8412844bad511a6d-FRA

GET
H2 200 css-betano_theme.css
landingpages.kaizengaming.com/layout/ Frame 2885 8 KB
1 KB 44ms
44ms Stylesheet
text/css 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/layout/css-betano_theme.css
Requested by: Host: landingpages.kaizengaming.com
URL: https://landingpages.kaizengaming.com/layout/css-betano.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dad7cc652286fe3fcd072159ff6fdc30a62ba200d329d99cc1674f5183406584

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landingpages.kaizengaming.com/layout/css-betano.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: D6htD+uya4gpW6XLW/HaDw==
age: 767
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 13:27:09 GMT
server: cloudflare
etag: W/"0x8DBA4A5D13C50A6"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 916d0452-901e-0013-1080-12360e000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8412844bad531a6d-FRA

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2B71 42 B
404 B 117ms
60ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMHYeRVjC3v067Ay_2Q5FPFof_JrR5VK9rNWse2An63lmn6cWi7InfeO-dm-n1zpRJsz9iwyiWnVp06RXiqaHaaQfqv9keUV1MeHLxDp9EJ7MMz0D-yu9Bz1IT9HoR9417VzlcqLkJUJJ68HALwOJafA&sig=Cg0ArKJSzHoiwz1BDe3REAE&id=lidar2&mcvt=1032&p=292,250,402,1350&mtos=1032,1032,1032,1032,1032&tos=1032,0,0,0,0&v=20240103&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3090499511&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704528963181&rpt=193&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 2885 274 KB
91 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W0C280Z7PP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa2cdebb52c711e64ee4f3b826fb1ef67d65fa1a51152bf3bdb7675acb96f04b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92941
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 06 Jan 2024 08:16:04 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 2885 265 KB
86 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SJLCV23YJW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce0512a663731e2c442f141e7d6ac70f8aceae8eddafbe2111efbc175ece54fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88138
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 06 Jan 2024 08:16:04 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/ Frame 2885 3 KB
1 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/763238947/?random=1704528964442&cv=11&fst=1704528964442&bg=ffffff&guid=ON&async=1&gtm=45He4130v79977643&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&top=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br&hn=www.googleadservices.com&frm=2&tiba=BETANO%20MODE&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b910b05404830b824ac63660b831e5f19a648fdd44d898dc30c3f7c3b8cebc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1366
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 2885 52 KB
21 KB 20ms
20ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 06 Jan 2024 07:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1667
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 06 Jan 2024 09:48:17 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame 2885 41 KB
18 KB 108ms
48ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: e5fdb3ea4cc4cf6b0f77fce3b54d03d78a697bec33bb1a023b964e8be16aea5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 17883
x-amz-cf-id: 7ZZqqAP53qXnZR2Gn2sPBMs2kSpDmxFOJyziHg1zByzjjjxIsIolGg==

GET
H2

200

activityi;dc_pre=CKLov5upyIMDFVbLOwId17wD_A;src=12738953;type=despo0;cat=despo0;ord=5587437305606;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;u... Show response
12738953.fls.doubleclick.net/ Frame 9227
Redirect Chain

https://12738953.fls.doubleclick.net/activityi;src=12738953;type=despo0;cat=despo0;ord=5587437305606;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv...
https://12738953.fls.doubleclick.net/activityi;dc_pre=CKLov5upyIMDFVbLOwId17wD_A;src=12738953;type=despo0;cat=despo0;ord=5587437305606;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=...

605 B
439 B

63ms
63ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12738953.fls.doubleclick.net/activityi;dc_pre=CKLov5upyIMDFVbLOwId17wD_A;src=12738953;type=despo0;cat=despo0;ord=5587437305606;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

e9df9b7d4abebd1440d6025e48ff478ff7290dd4196936de3673ac95c9934294

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promos.betano.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 369
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 08:16:04 GMT
expires: Sat, 06 Jan 2024 08:16:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 08:16:04 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12738953.fls.doubleclick.net/activityi;dc_pre=CKLov5upyIMDFVbLOwId17wD_A;src=12738953;type=despo0;cat=despo0;ord=5587437305606;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CMnxv5upyIMDFYfIOwIddX8H_g;src=12738953;type=deaff0;cat=deaff0;ord=4592301623775;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;u... Show response
12738953.fls.doubleclick.net/ Frame 125B
Redirect Chain

https://12738953.fls.doubleclick.net/activityi;src=12738953;type=deaff0;cat=deaff0;ord=4592301623775;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv...
https://12738953.fls.doubleclick.net/activityi;dc_pre=CMnxv5upyIMDFYfIOwIddX8H_g;src=12738953;type=deaff0;cat=deaff0;ord=4592301623775;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=...

605 B
438 B

65ms
64ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12738953.fls.doubleclick.net/activityi;dc_pre=CMnxv5upyIMDFYfIOwIddX8H_g;src=12738953;type=deaff0;cat=deaff0;ord=4592301623775;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

a5d732b00bb4cd8b2099c786abeed20fe58f925be42120693f4c0c24c094b508

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promos.betano.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 368
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 08:16:04 GMT
expires: Sat, 06 Jan 2024 08:16:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 08:16:04 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12738953.fls.doubleclick.net/activityi;dc_pre=CMnxv5upyIMDFYfIOwIddX8H_g;src=12738953;type=deaff0;cat=deaff0;ord=4592301623775;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame 2885 81 KB
31 KB 146ms
32ms Script
application/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MN2KPC6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx00000a56da2566bc5e761-00646c8ee1-32957f68-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 2885 202 KB
53 KB 22ms
22ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fefd09307baf0332b143c3c14fb6851c10e354362510d85a0c43d7e3c479093c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 06 Jan 2024 08:16:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54345
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: mIe+7rHwOmc1h8ZV9NepnRQc39HSlpe+z8cqBYBUu3yjhb24oLsR7j4/dcwOS9kCYqUJuDJCLXypFHef0sbT5g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 2885 45 KB
13 KB 96ms
46ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 06 Jan 2024 08:16:04 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 45094FA349C745DDB6130F5BBBF3F231 Ref B: FRAEDGE1213 Ref C: 2024-01-06T08:16:04Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 mgsensor.js Show response
a.mgid.com/ Frame 2885 15 KB
5 KB 178ms
127ms Script
application/javascript 2606:4700:1::6813:844c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.mgid.com/mgsensor.js?d=1704528964456

Requested by

Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fab2f44ed2c54018f566702de911e32e0d0502e41768f5b16227576589f42e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: e5a642af-51b2-4d3b-9bfe-ca9d35d2f058
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 8412844c3ec45d85-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 iframe Show response
visuals.kaizengaming.com/scripts/ Frame 3AFC 3 KB
2 KB 111ms
56ms Document
text/html 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71cfca93fe4fc24092daa815de2b6d171e53d10418844a9cb61ae9c22d025096

Request headers

Referer: https://promos.betano.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
age: 727
cache-control: public, max-age=14400
cf-cache-status: DYNAMIC
cf-ray: 8412844c4b5e371c-FRA
content-encoding: gzip
content-md5: pRIJ2/N21dbBjDWXiJP+cQ==
content-type: text/html
date: Sat, 06 Jan 2024 08:16:04 GMT
expires: Sat, 06 Jan 2024 12:16:04 GMT
last-modified: Wed, 29 Mar 2023 06:31:05 GMT
server: cloudflare
vary: Accept-Encoding
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: f66bf41a-b01e-0048-4ac6-21c8e4000000
x-ms-version: 2011-08-18

GET
H2 200 index.html Show response
landingpages.kaizengaming.com/de-sport/ Frame 2885 11 KB
4 KB 120ms
61ms XHR
text/html 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://landingpages.kaizengaming.com/de-sport/index.html
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 199380fd1a8d8cdf246e72f2df0137277b6a7dbcdf63219ebae6606d8e182e09

Request headers

Accept: */*
Referer: https://promos.betano.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
content-md5: vDXYtocVpM49uPnBc9xNFw==
age: 148688
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: a01fb941-401e-002f-351e-3f1fc9000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8412844c5e829b77-FRA

GET
BLOB 200
OK 5db08361-cf94-4a45-9148-f139d0018fe3
https://promos.betano.de/ Frame 2885 597 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://promos.betano.de/5db08361-cf94-4a45-9148-f139d0018fe3
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length: 597
Content-Type: application/javascript

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ Frame 2885 2 KB
722 B 21ms
20ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 07:51:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 06 Jan 2024 08:51:00 GMT

GET
H3 200 a
www.googletagmanager.com/ Frame 2885 0
11 B 28ms
27ms Image
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-W0C280Z7PP&v=3&t=t&pid=819391497&cv=6&rv=4130&tc=21&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=promos.betano.de%2Fwillkommenspaket%2Findex.html&tdp=G-W0C280Z7PP;79569639;1;6;0&z=0

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 td
www.googletagmanager.com/ Frame 2885 0
15 B 28ms
27ms Image
image/gif 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=G-W0C280Z7PP&v=3&t=t&pid=819391497&cv=6&rv=4130&tc=21&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=promos.betano.de%2Fwillkommenspaket%2Findex.html&tdp=G-W0C280Z7PP;79569639;1;6;0&z=0
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:04 GMT
server: Golfe2
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ Frame 2885 0
11 B 37ms
36ms Image
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-W0C280Z7PP&v=3&t=t&pid=819391497&cv=6&rv=4130&tc=21&es=1&e=gtm.init&eid=0&h=Ag&tr=1ogtcrossdomain.1ogtreferralexclusion.1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ogtgooglesignals.1ccdgaregscope.1ccdemdownload.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdconversionmarking.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ccdautoredact.1ccdgalast&ti=2ogtcrossdomain.2ogtreferralexclusion.2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdconversionmarking.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ccdautoredact.2ccdgalast&z=0

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ Frame 2885 0
11 B 36ms
36ms Image
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-W0C280Z7PP&v=3&t=t&pid=819391497&cv=6&rv=4130&tc=21&es=1&e=gtag.config&eid=1&u=AAAAggAIAAAAACA&h=Ag&epr=1G.3G&tr=1gct&ti=1gct&z=0

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ Frame 2885 0
11 B 37ms
37ms Image
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-W0C280Z7PP&v=3&t=t&pid=819391497&cv=6&rv=4130&tc=21&es=1&e=*&eid=8&u=AAAAggAIAAAAACA&h=Ag&z=0

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ Frame 2885 0
11 B 35ms
34ms Image
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-W0C280Z7PP&v=3&t=t&pid=819391497&cv=6&rv=4130&tc=21&es=1&e=gtm.dom&eid=9&u=AAAAggAIAAAAACA&h=Ag&z=0

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 234568464078651 Show response
connect.facebook.net/signals/config/ Frame 2885 133 KB
35 KB 22ms
22ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/234568464078651?v=2.9.139&r=stable&domain=lp.cleverwebserver.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2dde0b31d408bd1b0551394d5cd58426cd483af5df5b3ee34cd5948cda536ae9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 06 Jan 2024 08:16:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35406
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 8QwwsoHxC6TFyKfAEeUtNnSm8QTSNjfDZnxoR2BP1P49xBcq1hW5l+2v7Y5hAeGYrNssF32qndBKw5dhCq4AKA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dc_pre=CKLov5upyIMDFVbLOwId17wD_A;src=12738953;type=despo0;cat=despo0;ord=5587437305606;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver...
adservice.google.com/ddm/fls/z/ Frame 9227 42 B
401 B 111ms
60ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKLov5upyIMDFVbLOwId17wD_A;src=12738953;type=despo0;cat=despo0;ord=5587437305606;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152

Requested by

Host: 12738953.fls.doubleclick.net
URL: https://12738953.fls.doubleclick.net/activityi;dc_pre=CKLov5upyIMDFVbLOwId17wD_A;src=12738953;type=despo0;cat=despo0;ord=5587437305606;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12738953.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CMnxv5upyIMDFYfIOwIddX8H_g;src=12738953;type=deaff0;cat=deaff0;ord=4592301623775;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver...
adservice.google.com/ddm/fls/z/ Frame 125B 42 B
107 B 111ms
61ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMnxv5upyIMDFYfIOwIddX8H_g;src=12738953;type=deaff0;cat=deaff0;ord=4592301623775;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152

Requested by

Host: 12738953.fls.doubleclick.net
URL: https://12738953.fls.doubleclick.net/activityi;dc_pre=CMnxv5upyIMDFYfIOwIddX8H_g;src=12738953;type=deaff0;cat=deaff0;ord=4592301623775;gtm=45He4130v79977643;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12738953.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/763238947/ Frame 2885 42 B
64 B 32ms
31ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/763238947/?random=1704528964442&cv=11&fst=1704528000000&bg=ffffff&guid=ON&async=1&gtm=45He4130v79977643&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&frm=2&tiba=BETANO%20MODE&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_ubvE-otCmrlFMK0cgRzEcn4lQM_C9NHtsVEwe3sHRT8UtQ1W&random=2988933683&rmt_tld=0&ipr=y

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/763238947/ Frame 2885 42 B
64 B 33ms
33ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/763238947/?random=1704528964442&cv=11&fst=1704528000000&bg=ffffff&guid=ON&async=1&gtm=45He4130v79977643&u_w=1600&u_h=1200&url=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&frm=2&tiba=BETANO%20MODE&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_ubvE-otCmrlFMK0cgRzEcn4lQM_C9NHtsVEwe3sHRT8UtQ1W&random=2988933683&rmt_tld=1&ipr=y

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
api-js.datadome.co/js/ Frame 2885 230 B
408 B 113ms
23ms XHR
application/json 18.192.108.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.datadome.co/js/
Requested by: Host: dd.betano.de
URL: https://dd.betano.de/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.192.108.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-108-144.eu-central-1.compute.amazonaws.com
Software: DataDome /
Resource Hash: 307a3313b3774df5f1cb9210a260a25c58397dcbe220e67e19dd8d6ca3ead6e7

Request headers

Referer: https://promos.betano.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:04 GMT
server: DataDome
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 230
expires: 0

GET
H2 200 spn_Sporting_CP2_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 19 KB
19 KB 59ms
51ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_Sporting_CP2_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2019d77fa19a331f0e33fb1e0f96103832fdaf49481ef54920e83b59ab68f1e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: mwHkbVJHeMadNj4jxLZolA==
age: 764
content-length: 19119
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:37 GMT
server: cloudflare
etag: "0x8DC0D357D9ECA52"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: d6be31be-d01e-005f-461e-3fa63e000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cde5c1a6d-FRA

GET
H2 200 spn_Benfica_2021_8_13_15_24_29_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 28 KB
28 KB 82ms
74ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_Benfica_2021_8_13_15_24_29_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aab3b7005f69e9d7c10a94d7f3657277d5c9dae9cfc6bde05617b003a56fa125

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: oEUX3HqfuPUvYFG+QZJ9tQ==
age: 764
content-length: 28849
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:36 GMT
server: cloudflare
etag: "0x8DC0D357D29ABCF"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 4b92f593-401e-0010-451e-3fd76a000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cde611a6d-FRA

GET
H2 200 spn_FC_Porto_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 24 KB
24 KB 81ms
73ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_FC_Porto_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 728165191b625a29fc0c1469f93cf17eb62f3595f379c977890974543f7d814d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: jSdk+PY50XexolMJPt5Q0Q==
age: 764
content-length: 24710
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:36 GMT
server: cloudflare
etag: "0x8DC0D357D5855F3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: c4485eba-101e-001d-1d1e-3f1fbe000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cde641a6d-FRA

GET
H2 200 spn_osfp210X210_b_b_2019_8_14_8_57_11_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 25 KB
25 KB 79ms
71ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_osfp210X210_b_b_2019_8_14_8_57_11_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abc9055dec46bd0fe46b5534dee9d9a6411491662f1403df81e6e238389b0b8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: JhbPFXjZywCGfmkqf6Kweg==
age: 764
content-length: 25859
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:37 GMT
server: cloudflare
etag: "0x8DC0D357D8D8ED3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 68585222-b01e-002b-051e-3f92ce000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cde661a6d-FRA

GET
H2 200 spn_Logo_Panathinaikos-01-3%201.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 19 KB
20 KB 79ms
72ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_Logo_Panathinaikos-01-3%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35eb8dfaab4bf3bac258cec08918ec16f4b23e8d47b5bbaa41fbd28f4660b1de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: XMp6ffG72oNhRO1DDx+D8g==
age: 764
content-length: 19885
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:36 GMT
server: cloudflare
etag: "0x8DC0D357D754F8B"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 92806083-301e-0078-5b1e-3fb1fa000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cde671a6d-FRA

GET
H2 200 spn_stxmn_xorigies_footer_210x210_paok_b_2019_8_14_8_59_31_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 19 KB
20 KB 59ms
52ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_stxmn_xorigies_footer_210x210_paok_b_2019_8_14_8_59_31_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51da5b73ff056af5a7b6661a72877729acae13288868cf5689e7933f283d8f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: ZWskDbpA4tguY75DycNraw==
age: 764
content-length: 19873
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:37 GMT
server: cloudflare
etag: "0x8DC0D357DA6DF70"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 92756cba-201e-0016-261e-3fe4d5000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cde681a6d-FRA

GET
H2 200 spn_apoel%20footer_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 18 KB
18 KB 77ms
70ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_apoel%20footer_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fda4c0c8d886d3dc37996a43e3733d5f8433d49283716ea9e7a7316cda7794ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: bqT5Gi69cDmYsDYa4bEKsQ==
age: 764
content-length: 18469
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:36 GMT
server: cloudflare
etag: "0x8DC0D357D122FAB"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 92f9bec8-e01e-0019-041e-3f92b9000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cde691a6d-FRA

GET
H2 200 spn_apollon-logo-210x210_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 23 KB
23 KB 80ms
73ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_apollon-logo-210x210_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21b1fdeba9c263ef576c174286f2d861a4ef9b8b5cb98f34cb568905fb899d86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: GASNhmiazNjE2gYaQyS6Dg==
age: 764
content-length: 23572
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:36 GMT
server: cloudflare
etag: "0x8DC0D357D195A91"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 88d11fd5-201e-0006-4a1e-3f21bd000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cde6a1a6d-FRA

GET
H2 200 spn_fcsb%20210x210%20(1)_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 22 KB
23 KB 59ms
53ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_fcsb%20210x210%20(1)_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a4aaeb80b8cab44b94d532c946cbaed2a25c8dead8dd54161340d3cc56bc308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: SBVluZQtT7yiLEiEDAA5aQ==
age: 764
content-length: 22894
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:36 GMT
server: cloudflare
etag: "0x8DC0D357D5F80D9"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: bb42a00e-501e-0041-651e-3f4ae6000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cde6b1a6d-FRA

GET
H2 200 spn_craiova%20fc%20logo_210x210%20(1)_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 18 KB
18 KB 79ms
72ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_craiova%20fc%20logo_210x210%20(1)_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62abee42f8de35bf84f870156e78a63ef9ac008a94e48924de6101eb335c1856

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: OKKcJspihS+zi860B9s0Bw==
age: 764
content-length: 18147
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:36 GMT
server: cloudflare
etag: "0x8DC0D357D42AE4F"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: a67eff77-001e-004c-691e-3f8232000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cde6d1a6d-FRA

GET
H2 200 spn_Sparta.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 5 KB
5 KB 56ms
50ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_Sparta.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62caffb569b2f4b4bf9f4c317c6dfc6ed155304a9bce20f0d12613053f1cc3c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: /0mt5FHZVIAjX94uZVR7dA==
age: 764
content-length: 5318
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:37 GMT
server: cloudflare
etag: "0x8DC0D357E0B108E"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 40a9d9a3-d01e-0012-401e-3f69d2000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cde701a6d-FRA

GET
H2 200 spn_FC%20Viktoria%20Plzen.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 17 KB
17 KB 77ms
72ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_FC%20Viktoria%20Plzen.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c69c7bb218bf8af15e2ae415862db1bd0d445c959be698fb58320d97dd1a5b5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: QZwghOjpQSeiH/VC0Pp+5g==
age: 764
content-length: 17257
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:36 GMT
server: cloudflare
etag: "0x8DC0D357D512B17"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 4f1533d9-a01e-0018-271e-3fcd65000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cde711a6d-FRA

GET
H2 200 spn_PFC%20Locomotiv.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 17 KB
17 KB 77ms
72ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_PFC%20Locomotiv.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b89e19aca89f180ba1e62c62495c5e4156f96cfa866b19cf0df0192452f477f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: n8zLW8cpLiU4kbUrGnwtDw==
age: 764
content-length: 17581
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:37 GMT
server: cloudflare
etag: "0x8DC0D357D9492A8"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: d5d169c9-601e-0075-061e-3f792e000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cde721a6d-FRA

GET
H2 200 spn_atleticologo_whiteoutline_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 15 KB
15 KB 77ms
71ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_atleticologo_whiteoutline_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c447157fa660c55a320f8c1735eacb754c4697c5ff98dd4140da21ffb9b1ba4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: exAxLiOKF1ZQ22Z4FzBs+g==
age: 764
content-length: 15119
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:36 GMT
server: cloudflare
etag: "0x8DC0D357D20AC77"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 41821f4f-601e-0065-251e-3fbc46000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cde741a6d-FRA

GET
H2 200 spn_logo_fluminense%20(1)_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 23 KB
23 KB 78ms
73ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_logo_fluminense%20(1)_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac7bb492fca6a4c1c72dacfff28d869d9a125529a085d29da9ff803b994688b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: 3yDwl8syJHaDX8oSywlAEw==
age: 764
content-length: 23395
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:36 GMT
server: cloudflare
etag: "0x8DC0D357D6DD690"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: ab366cec-901e-0071-441e-3ff429000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cde751a6d-FRA

GET
H2 200 spn_CHUNCHO_CLUB%20U%20DE%20CHILE%20210x210_b%201.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 15 KB
15 KB 78ms
73ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/spn_CHUNCHO_CLUB%20U%20DE%20CHILE%20210x210_b%201.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80a95fa030fd1df8c270f9c36ffa2c8e0f359ac337e57184d2923c5926d9ce2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: Jj6jwZ8PUpg8EK5z52QngQ==
age: 764
content-length: 15040
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:36 GMT
server: cloudflare
etag: "0x8DC0D357D3B355D"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: e0c7eed4-a01e-0055-101e-3f0289000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cde761a6d-FRA

GET
H2 200 FBCMELGAR.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 31 KB
31 KB 77ms
72ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/FBCMELGAR.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b222717d8498c895539da6ef8972866b03bcdd1b78f31e2028b31616fa1d3b5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: laAoZTUUiqFTjoKqlD93JA==
age: 763
content-length: 31523
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:37 GMT
server: cloudflare
etag: "0x8DC0D357DF4308E"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 7f6335e9-701e-000b-111e-3fe969000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cde771a6d-FRA

GET
H2 200 KOMETA.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 6 KB
6 KB 80ms
76ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/KOMETA.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 180bc0fd96460f6ba482df5d6e323af292a60993e19cc7aa183b5ab74574f2bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: X1Is2lD/8CCkI96L9PqC6Q==
age: 764
content-length: 6098
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:37 GMT
server: cloudflare
etag: "0x8DC0D357E025F49"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: f8575a5a-f01e-0048-591e-3f0f35000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cde791a6d-FRA

GET
H2 200 logo_pce2.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 9 KB
9 KB 79ms
74ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/logo_pce2.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47e965a46ae6785a0a3412ca35b96a6caf9da9e787d56b78b9fdbb1f129bc48f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: Wdb5g3cD4eZh2Tm0CyXe6A==
age: 763
content-length: 8998
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:37 GMT
server: cloudflare
etag: "0x8DC0D357E11ED51"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 6da9fa02-d01e-002d-631e-3fa171000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cfe891a6d-FRA

GET
H2 200 logo-betano.svg
landingpages.kaizengaming.com/de-sport/ Frame 2885 22 KB
6 KB 78ms
74ms Image
image/svg+xml 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/logo-betano.svg
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3072f755bf99acdaa34415da49f58e8e83ae33d63231854a6d290dd09d5c2500

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: /8PMtJkMzUjtMFEegZIHcw==
age: 763
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:36 GMT
server: cloudflare
etag: W/"0x8DC0D357D0B04CC"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 5421f5e0-901e-005e-3e1e-3ff9e2000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
cf-ray: 8412844cfe8b1a6d-FRA

GET
H2 200 awd_egr-award-2022-operator-of-the-year.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 4 KB
5 KB 78ms
74ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2022-operator-of-the-year.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 882e474b6c38b47acb0ec38ce9e095a84624ea2b8a1d1a122c2d17d3d26c47b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: aXcrchTaRow4V+J4yNZSjQ==
age: 763
content-length: 4512
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:37 GMT
server: cloudflare
etag: "0x8DC0D357DCE37B5"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 4bf87d9b-801e-0052-101e-3f6eea000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cfe8c1a6d-FRA

GET
H2 200 awd_egr-award-2022-sports-betting-operator.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 5 KB
5 KB 79ms
75ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2022-sports-betting-operator.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c9314b73430fd751f94a5091a3e108f0a455d74279bf56a08dca769c746b2bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: eXjGNE64RFjnYc6aOBQYqw==
age: 763
content-length: 4692
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:37 GMT
server: cloudflare
etag: "0x8DC0D357DDC8D6A"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 62c812a1-201e-004b-301e-3fee51000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cfe8d1a6d-FRA

GET
H2 200 awd_egr-award-2021-football-betting-operator.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 6 KB
6 KB 77ms
74ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2021-football-betting-operator.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71f82d8de2cbd83902d319f2d4f3b35ac739742a884b1aa5e3ce48fbeb54abbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: QL48N56WPpNnD2BJCbdfrQ==
age: 763
content-length: 6010
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:35 GMT
server: cloudflare
etag: "0x8DC0D357C70627F"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 582428ec-a01e-0037-1d1e-3fc0ae000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cfe8e1a6d-FRA

GET
H2 200 awd_egr-award-2021-customer-services.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 4 KB
5 KB 77ms
73ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2021-customer-services.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e244ed2d3d2e650e8a423eec17d1792502c9b95fbc956c19a8fb8a8b93a9e4a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: p3VebR5AVw3QzT/Awp05+w==
age: 763
content-length: 4583
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:35 GMT
server: cloudflare
etag: "0x8DC0D357C68746C"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: f8575aa4-f01e-0048-111e-3f0f35000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cfe8f1a6d-FRA

GET
H2 200 awd_egr-award-2019-mobile-operator.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 6 KB
6 KB 79ms
75ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/awd_egr-award-2019-mobile-operator.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 495ad399c1caa9c72a5b1fad6051aaa739d0df20f5623afe10bb3dc4c6c2ff3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: 44fs+40EJE8j1DmLrNorsQ==
age: 763
content-length: 6296
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:35 GMT
server: cloudflare
etag: "0x8DC0D357C5DA09A"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: b8e64844-201e-0039-751e-3fe91e000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cfe901a6d-FRA

GET
H2 200 awd_sbc-awards.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 6 KB
6 KB 78ms
75ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/awd_sbc-awards.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cd1efd147d00fc5bce9fd0cee40ed69acff80b89889375878a0570da83c986e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: +S8h4H5YiK6h8Y4RwrAOJQ==
age: 763
content-length: 6301
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:35 GMT
server: cloudflare
etag: "0x8DC0D357C90DDF5"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: f92ac04a-701e-0034-041e-3f21ca000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cfe911a6d-FRA

GET
H2 200 icon-ios.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 6 KB
6 KB 78ms
75ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/icon-ios.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd3d318d6fad54a4131b5c1008853f1a01dd13aeb6ec114d11fbefad59f266ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: j0GjjlDNvp6PdAbk4d+Rqg==
age: 763
content-length: 5932
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:35 GMT
server: cloudflare
etag: "0x8DC0D357CD6B62E"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: ef51eb6a-001e-002e-1a1e-3f4015000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cfe921a6d-FRA

GET
H2 200 icon-android.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 6 KB
6 KB 93ms
90ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/icon-android.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bb753343c3b0af0b9dfa273b033712833caedfa19b95e0d4b64b8cb14d7eeec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: Xcsdo6ehQR3VQfTMT595Zw==
age: 763
content-length: 5944
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:35 GMT
server: cloudflare
etag: "0x8DC0D357CC0244B"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 88d12075-201e-0006-5e1e-3f21bd000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cfe941a6d-FRA

GET
H2 200 icon-instagram.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 2 KB
2 KB 79ms
76ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/icon-instagram.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5e7a155078e632cfbebf8f8aaee8ea5edd6fb350cdbcd61c227736fe374cdaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: AUubypnMN2JeRlPkf9zpnQ==
age: 763
content-length: 2235
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:35 GMT
server: cloudflare
etag: "0x8DC0D357CCFD966"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: fe389188-f01e-0005-7b1e-3fc0d9000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cfe961a6d-FRA

GET
H2 200 icon-facebook.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 1 KB
2 KB 78ms
75ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/icon-facebook.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83b71ec4344fb3116e6ed880f9d1ba1bb3520f6e6445adce7fda816a68e75ffc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: DmyyMSlBYTT52o9Zn45TeA==
age: 763
content-length: 1446
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:35 GMT
server: cloudflare
etag: "0x8DC0D357CC72817"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: d0d8e63b-a01e-0045-4f1e-3fc7e1000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cfe971a6d-FRA

GET
H2 200 icon-youtube.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 2 KB
2 KB 77ms
75ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/icon-youtube.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c29b70533eedd12590ae5c9cf58d6e95063f4f23ef666343e5ba6bf602b62e75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: Io37aBC4ERo7T8rJ2LvIeQ==
age: 763
content-length: 1674
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:36 GMT
server: cloudflare
etag: "0x8DC0D357CEC5DCD"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 6d7ac1bb-d01e-0002-241e-3facba000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cfe981a6d-FRA

GET
H2 200 icon-linkedin.png
landingpages.kaizengaming.com/de-sport/ Frame 2885 2 KB
2 KB 78ms
76ms Image
image/png 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landingpages.kaizengaming.com/de-sport/icon-linkedin.png
Requested by: Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b65aa9d90fcec9cf44a72ddccfa72e53a10784427249050194b4c5bad3dddc03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: HIT
content-md5: T9Bl2/9ajIjSJ/Oj1zQkFw==
age: 763
content-length: 1615
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 04 Jan 2024 14:57:35 GMT
server: cloudflare
etag: "0x8DC0D357CDDBA00"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: ec3085e7-f01e-0077-4d1e-3fc796000000
cache-control: public, max-age=900, immutable
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8412844cfe9a1a6d-FRA

GET
H2 200 64ee070c262380ef28e936b2 Show response
visuals.kaizengaming.com/a/ Frame 3AFC 64 KB
21 KB 56ms
54ms Script
application/javascript 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 841fb12bda2901d5ff4479a2ad11317c213838cfc2afc21236c12301ace03625

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: public, s-maxage=10
cf-ray: 8412844cdbce371c-FRA
request-context: appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb

GET
H2 204 137000673.js Show response
bat.bing.com/p/action/ Frame 2885 0
116 B 44ms
44ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/137000673.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sat, 06 Jan 2024 08:16:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F18161FC20A7475B9569FC6785696B5F Ref B: FRAEDGE1213 Ref C: 2024-01-06T08:16:04Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame 2885 0
285 B 112ms
112ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=137000673&Ver=2&mid=a3f43784-06a3-4be3-8068-128af88996be&sid=d5f468f0ac6b11ee9feb65c0eb516fb3&vid=d5f465f0ac6b11eebd96e94b4a0b5348&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=BETANO%20MODE&p=https%3A%2F%2Flp.cleverwebserver.com%2F&r=&lt=425&evt=pageLoad&ifm=1&sv=1&rn=759196

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 06 Jan 2024 08:16:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BF1749229C694C3DAC25453734F041B0 Ref B: FRAEDGE1213 Ref C: 2024-01-06T08:16:04Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 2885 0
54 B 20ms
20ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=234568464078651&ev=PageView&dl=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&rl=https%3A%2F%2Flp.cleverwebserver.com%2F&if=true&ts=1704528964619&sw=1600&sh=1200&v=2.9.139&r=stable&a=tmgoogletagmanager&ec=0&o=4126&ler=other&it=1704528964542&coo=false&rqm=GET

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 06 Jan 2024 08:16:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

main.js Show response
visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame C754
Redirect Chain

https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
4 KB

26ms
26ms

Script
application/javascript

2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Requested by

Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=

Protocol

Server

2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7438e1988be31810a7af4da24dc0a635ec150ec617c21a29bc29c052395f3b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8412844d3c04371c-FRA

Redirect headers

date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 8412844cfbdc371c-FRA

GET
H2 200 59013e41-1b63-4d8e-a887-ea6d3795d988.js Show response
tr.snapchat.com/config/de/ Frame 2885 177 B
445 B 125ms
33ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/de/59013e41-1b63-4d8e-a887-ea6d3795d988.js?v=3.8.0-2401042024

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

fbbf479d0654ab21cdf6c236527d72ecb1b181f500d291463cbf625b3fdacc39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://promos.betano.de/
Origin: https://promos.betano.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://promos.betano.de
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 59AE 0
201 B 125ms
34ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&u_scsid=58e0978e-1071-4ffc-9618-9768253616f8&u_sclid=06441328-3dcd-49b1-b924-0f256af753f8

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://promos.betano.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 06 Jan 2024 08:16:04 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 p
tr.snapchat.com/ Frame 2885 68 B
296 B 124ms
34ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=59013e41-1b63-4d8e-a887-ea6d3795d988&ev=PAGE_VIEW&intg=gtm&pids=59013e41-1b63-4d8e-a887-ea6d3795d988&u_c1=4c4f322f-d512-498b-a2b3-ec6ab57b27f8&u_sclid=06441328-3dcd-49b1-b924-0f256af753f8&u_scsid=58e0978e-1071-4ffc-9618-9768253616f8&bt=1d53c387&d_bvs=%5B%5D&huah=true&if=true&m_dcl=424&m_ic=true&m_pi=419&m_pl=0&m_pv=2&m_rd=753&m_sh=1200&m_sl=0&m_sw=1600&pl=https%3A%2F%2Flp.cleverwebserver.com%2F&rf=https%3A%2F%2Flp.cleverwebserver.com%2F&trackId=92e9e09c-7f44-4714-9eff-584dae894559&ts=1704528964624&v=3.8.0-2401042024

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/ Frame 2885
Redirect Chain

https://s2.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=534384445301&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.d...
https://track.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=534384445301&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betan...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=534384445301&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos....

121 B
724 B

31ms
31ms

Script
text/javascript

37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=534384445301&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9d1d32f6fd1ed2900029c8afdf804a635950357b2c472d542333a1f6e4aa123e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 194
expires: -1

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=betano.de%7CSportsbook&ADFdivider=%7C&ord=534384445301&ADFtpmode=2&itm=eyJ2YXIxIjoidW5kZWZpbmVkIn0&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/ Frame 2885
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=188935869466&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2F...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=188935869466&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspak...

125 B
725 B

31ms
31ms

Script
text/javascript

37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=188935869466&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fabdfc96498ef947e3b5cd8084d0cc9280886a8b549a047fc576342407f34850

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 196
expires: -1

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2776363&ADFPageName=DE%20Affilaite%20Remarketing&ADFdivider=%7C&ord=188935869466&ADFtpmode=2&loc=https%3A%2F%2Fpromos.betano.de%2Fwillkommenspaket%2Findex.html%3Fbtag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&CPref=https%3A%2F%2Flp.cleverwebserver.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 document.000000CF16561F.js Show response
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/published/5643592/7988958/ Frame 3AFC 177 KB
27 KB 38ms
38ms Script
application/javascript 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/published/5643592/7988958/document.000000CF16561F.js
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09487307b29147d8a84d33e3a8bfff43d9da2260bfb39b8cf4ca75a32b239ff7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: rIrlDQ43Y2HScKgRpGejWA==
age: 329
x-ms-lease-status: unlocked
last-modified: Thu, 16 Nov 2023 15:35:17 GMT
server: cloudflare
etag: W/"0x8DBE6B9A2912048"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 63e075c3-201e-005a-711a-1db334000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2011-08-18
cf-ray: 8412844d3c0e371c-FRA
expires: Sun, 05 Jan 2025 08:10:35 GMT

GET
H2 200 animated-creative.381532d5d5de3962867f.js Show response
visuals.kaizengaming.com/scripts/ Frame 3AFC 156 KB
53 KB 32ms
32ms Script
application/javascript 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/scripts/animated-creative.381532d5d5de3962867f.js
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc9005440b3e7c7663e35ea9a5654e1895509c8e9b0712f3902881aebf706c89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 7/+J+TpFL/6K7/yG6MNwEg==
age: 329
x-ms-lease-status: unlocked
last-modified: Tue, 14 Nov 2023 09:16:12 GMT
server: cloudflare
etag: W/"0x8DBE4F258FA183A"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3ad2981a-d01e-002c-0621-24397c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2011-08-18
cf-ray: 8412844d3c0f371c-FRA
expires: Sun, 05 Jan 2025 08:10:35 GMT

POST
H2 200 8412844c4b5e371c Show response
visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame C754 0
254 B 55ms
55ms XHR
text/plain 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/h/g/jsd/r/8412844c4b5e371c
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 8412844dbc49371c-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 19ms
19ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240104-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 Jan 2024 08:16:04 GMT
x-amz-request-id: 9T8G4R1J257WC6ZV
age: 316
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1347
x-amz-id-2: EtXJZix6twxSRBOalXcDTYlF3ZXZJ0GOcu33LsL8+Qu9Bt435W8ywVX2VgQgr71/qWQ468QSryk=
x-served-by: cache-fra-etou8220038-FRA
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
server: AmazonS3
x-timer: S1704528965.764848,VS0,VE0
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
vary: Accept-Encoding
content-type: application/javascript
abp: 99
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 2220

GET
H2 200 1x1.gif
a.mgid.com/ Frame 2885 43 B
107 B 118ms
118ms Image
image/gif 2606:4700:1::6813:844c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.mgid.com/1x1.gif?id=714661&type=c&tg=&r=https%3A%2F%2Flp.cleverwebserver.com%2F&nv=0&clid=&d=1704528964756

Requested by

Host: promos.betano.de
URL: https://promos.betano.de/willkommenspaket/index.html?btag=a_1152b_2931c_CAABXNMSLADAADE&utm_medium=431&utm_source=2&siteid=1152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promos.betano.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 8412844dcfd85d85-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2 200 / Show response
pips.taboola.com/ 4 B
135 B 23ms
22ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230107-FRA
date: Sat, 06 Jan 2024 08:16:04 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 508ms
107ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=0b3d3427-6dae-4621-90f1-89b7534bcf99-tuctc9291c1&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 06 Jan 2024 08:16:05 GMT
cache-control: no-store
server: nginx

POST
H2 200 p
tr6.snapchat.com/ Frame 2885 0
42 B 142ms
33ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://promos.betano.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
DATA 200
OK truncated
/ Frame 3AFC 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK 96f9e4b5-a726-4e7d-a7a3-3f1e98c9c0a7 Show response
https://visuals.kaizengaming.com/ Frame ABFC 668 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://visuals.kaizengaming.com/96f9e4b5-a726-4e7d-a7a3-3f1e98c9c0a7
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/animated-creative.381532d5d5de3962867f.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length: 668
Content-Type

GET
H2 200 font
visuals.kaizengaming.com/fs/api/v2/ Frame 3AFC 3 KB
4 KB 43ms
43ms Font
font/woff 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2F4391e467-37b3-4742-bea0-3fd8d7724a46.woff&t=%20EGIJNRSTZ
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5bdb0f95a5fc715945054849bad72aabd1c2b07a1f3f91cabbe94a7bb34592f

Request headers

Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Origin: https://visuals.kaizengaming.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 13 Dec 2023 09:36:16 GMT
server: cloudflare
age: 2068788
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-disposition: attachment; filename=4391e467-37b3-4742-bea0-3fd8d7724a46-subset.woff
cf-ray: 8412844ebcdc371c-FRA
expires: Sun, 05 Jan 2025 08:16:04 GMT

GET
H2 200 font
visuals.kaizengaming.com/fs/api/v2/ Frame 3AFC 17 KB
17 KB 50ms
50ms Font
font/woff 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2F043e3f84-365c-4321-9c90-7c1294855724.woff&t=%2008ACDEHILNSTVabcdefghilnorstuz%E2%82%AC
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8723212fbb226459e31e2097a6a538470ac81deed2a03ff5901e8373fe3a14f

Request headers

Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Origin: https://visuals.kaizengaming.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:04 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 13 Dec 2023 09:36:18 GMT
server: cloudflare
age: 2068786
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-disposition: attachment; filename=043e3f84-365c-4321-9c90-7c1294855724-subset.woff
cf-ray: 8412844efd02371c-FRA
expires: Sun, 05 Jan 2025 08:16:04 GMT

GET
H2 200 font
visuals.kaizengaming.com/fs/api/v2/ Frame 3AFC 6 KB
6 KB 41ms
41ms Font
font/woff 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2Fb2261d2b-270d-4a56-995b-9f25df05ffcd.woff&t=%20%25-012ABEFINORSTUW%E2%82%AC
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31d72fec0d094979f31ebcd9aac51ec649fff1a4e1e13f99a595eb12ad665555

Request headers

Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Origin: https://visuals.kaizengaming.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:05 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 13 Dec 2023 09:36:19 GMT
server: cloudflare
age: 2068786
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-disposition: attachment; filename=b2261d2b-270d-4a56-995b-9f25df05ffcd-subset.woff
cf-ray: 8412844f4d47371c-FRA
expires: Sun, 05 Jan 2025 08:16:05 GMT

POST
H2 200 p
tr.snapchat.com/ Frame 2885 0
92 B 34ms
34ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://promos.betano.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 06 Jan 2024 08:16:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://promos.betano.de
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 font
visuals.kaizengaming.com/fs/api/v2/ Frame 3AFC 5 KB
5 KB 55ms
54ms Font
font/woff 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e3174ae6448e1179cf13c84%2F0ff439d2-b12a-430f-bbee-4de7ec22a2af.woff&t=%20ACDEHIKLMNOPRSTW
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5ff38a1a47c5041ece416c0afe61562ac2b914f02e5df0ecd4e51d11b0ddcee

Request headers

Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
Origin: https://visuals.kaizengaming.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:05 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 13 Dec 2023 09:36:26 GMT
server: cloudflare
age: 2068779
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-disposition: attachment; filename=0ff439d2-b12a-430f-bbee-4de7ec22a2af-subset.woff
cf-ray: 8412844f8d76371c-FRA
expires: Sun, 05 Jan 2025 08:16:05 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 87C0 334 KB
334 KB 73ms
69ms Image
image/webp 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F3cca6a95-2ccc-4b24-b704-2a20f97d11af.jpg&w=1213&h=1765&q=99&f=webp&rt=contain
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c12b04b2276fa80a6649200e12ec4e78f3fb11bf0e21d2d2c6a215cdde0b3dcf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Sat, 06 Jan 2024 08:16:05 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Jan 2024 10:27:45 GMT
api-supported-versions: 2.0
server: cloudflare
age: 78500
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 84128450ce83371c-FRA
content-length: 341852
expires: Sun, 07 Jan 2024 08:16:05 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 87C0 56 KB
56 KB 48ms
44ms Image
image/webp 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fe77d9c26-6f64-4321-aa40-30bf97eaa85e.png&w=264&h=327&q=99&f=webp&rt=contain
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fd70d02d7616b90b93fbcf03f7df1c82e387831b164f744c179721924bc5335

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Sat, 06 Jan 2024 08:16:05 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Jan 2024 11:14:18 GMT
api-supported-versions: 2.0
server: cloudflare
age: 75707
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 84128450ce85371c-FRA
content-length: 56928
expires: Sun, 07 Jan 2024 08:16:05 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 87C0 30 KB
30 KB 71ms
67ms Image
image/webp 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F251cd259-6273-46b5-bbf2-d9de173c45ee.png&w=217&h=217&q=99&f=webp&rt=contain
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a05fe1eb798dc87fa29108b3ed49352b3f891fec5732c0320f7d7c5cfeedd97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Sat, 06 Jan 2024 08:16:05 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Jan 2024 10:27:45 GMT
api-supported-versions: 2.0
server: cloudflare
age: 78500
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 84128450ce86371c-FRA
content-length: 30628
expires: Sun, 07 Jan 2024 08:16:05 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 87C0 13 KB
13 KB 51ms
48ms Image
image/webp 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fd8aa5a9f-d88c-48e4-816d-106a562da729.png&w=133&h=185&q=99&f=webp&rt=contain
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f3a18c01abb2d09ff95420fe629d9d6962376b864a43be5321315cf5674357f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Sat, 06 Jan 2024 08:16:05 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Jan 2024 10:27:45 GMT
api-supported-versions: 2.0
server: cloudflare
age: 78500
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 84128450ce87371c-FRA
content-length: 13040
expires: Sun, 07 Jan 2024 08:16:05 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 87C0 11 KB
11 KB 57ms
54ms Image
image/webp 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fc0d9d4c9-d111-4df6-949b-4916fa35a25c.png&w=125&h=120&q=99&f=webp&rt=contain
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 044161f81ce1fac7a4fad00b81c1797ef53b6420dcb3ee5023d0ac7773e06984

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Sat, 06 Jan 2024 08:16:05 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Jan 2024 10:27:45 GMT
api-supported-versions: 2.0
server: cloudflare
age: 78500
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 84128450ce88371c-FRA
content-length: 11302
expires: Sun, 07 Jan 2024 08:16:05 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 87C0 6 KB
7 KB 52ms
49ms Image
image/webp 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F6fa76e81-1a2f-4336-a8b6-1baee8c06025.png&w=90&h=37&q=99&f=webp&rt=contain
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c4474c8a08e668d7fdb8ecbfeda8bbd14f9a70424c2d4c2fdcb7f8a23538f7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Sat, 06 Jan 2024 08:16:05 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Jan 2024 10:27:45 GMT
api-supported-versions: 2.0
server: cloudflare
age: 78500
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 84128450ce8a371c-FRA
content-length: 6620
expires: Sun, 07 Jan 2024 08:16:05 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 87C0 16 KB
16 KB 72ms
69ms Image
image/webp 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Ff9124f75-1c52-4bea-af06-084d845e611d.png&w=162&h=164&q=99&f=webp&rt=contain
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f198cc70c0dbefa53f75b5b8af85af5a92c12c00e727b24399a58d0f671c7426

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Sat, 06 Jan 2024 08:16:05 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Jan 2024 10:27:45 GMT
api-supported-versions: 2.0
server: cloudflare
age: 78500
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 84128450ce8b371c-FRA
content-length: 16182
expires: Sun, 07 Jan 2024 08:16:05 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 87C0 28 KB
28 KB 55ms
52ms Image
image/webp 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Fcb9e21a8-9abc-4102-a538-be570b2404b3.png&w=356&h=254&q=99&f=webp&rt=contain
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f7c2d68eca71c2a9797c36fd965569ae502682df8e24ddf6fa8c21f6acc3f74

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Sat, 06 Jan 2024 08:16:05 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Jan 2024 10:27:45 GMT
api-supported-versions: 2.0
server: cloudflare
age: 78500
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 84128450ce8c371c-FRA
content-length: 29032
expires: Sun, 07 Jan 2024 08:16:05 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 87C0 172 KB
173 KB 58ms
55ms Image
image/webp 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F532cefbc-9131-47e7-b840-a3e13b61dfe8.png&w=604&h=697&q=99&f=webp&rt=contain
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af6634af0785dfa1f6342dc216e635ffe9dbd92feb81d0a1783fecd3b37e67ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Sat, 06 Jan 2024 08:16:05 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Jan 2024 10:27:46 GMT
api-supported-versions: 2.0
server: cloudflare
age: 78499
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 84128450ce8d371c-FRA
content-length: 176540
expires: Sun, 07 Jan 2024 08:16:05 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 87C0 7 KB
7 KB 72ms
70ms Image
image/webp 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2Ff1514e3a-d99a-4082-a246-cf6c57fa525d.png&w=150&h=80&q=99&f=webp&rt=contain
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1674c641b55359d221317d2a0a580c317148ed50753954cb477734f615157e74

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Sat, 06 Jan 2024 08:16:05 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Jan 2024 10:56:04 GMT
api-supported-versions: 2.0
server: cloudflare
age: 76801
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 84128450ce90371c-FRA
content-length: 6958
expires: Sun, 07 Jan 2024 08:16:05 GMT

GET
H2 200 optimize
visuals.kaizengaming.com/io/api/image/ Frame 87C0 8 KB
8 KB 69ms
66ms Image
image/webp 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetano-stoiximan%2F5e3174ae9562931f344ad1a5%2Fimages%2F7a763a39-7916-445d-8fae-a6216e685905.png&w=174&h=69&q=99&f=webp&rt=contain
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa2fe840687db705e1e27dfa93fa8c233e3a460045892a6a094402b59b085330

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
date: Sat, 06 Jan 2024 08:16:05 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Jan 2024 10:56:04 GMT
api-supported-versions: 2.0
server: cloudflare
age: 76801
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 84128450ce92371c-FRA
content-length: 7696
expires: Sun, 07 Jan 2024 08:16:05 GMT

GET
H2 200 a81fba0d-00f3-4513-ae96-d2e9de4e35c9.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 87C0 462 B
433 B 55ms
53ms Image
image/svg+xml 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/a81fba0d-00f3-4513-ae96-d2e9de4e35c9.svg
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4be6e57f964287d22addfd30806f4fc69fc1560fdb5f9c649beb85d1f72075db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:05 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: db1RviXCYsfCGJyPhdZBgQ==
age: 151
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB98082775296F"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 155afce1-101e-0041-653e-148d37000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 84128450ce94371c-FRA
expires: Sat, 06 Jan 2024 12:13:34 GMT

GET
H2 200 e97b0b38-2076-4e93-b438-b20020972f61.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 87C0 712 B
516 B 54ms
51ms Image
image/svg+xml 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/e97b0b38-2076-4e93-b438-b20020972f61.svg
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fbb415ea8b4660ac89a8992303f64daddc2ccc2337b91f2cc8ee8c2c08df747

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:05 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Wj2Rm4rI4ts1bvK6/OwKuA==
age: 151
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB9808278220AD"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: d7f80551-b01e-0015-4c4e-23c260000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 84128450ce95371c-FRA
expires: Sat, 06 Jan 2024 12:13:34 GMT

GET
H2 200 6d5c7812-5f89-45cd-ab6d-c542e499b1fa.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 87C0 716 B
801 B 68ms
65ms Image
image/svg+xml 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/6d5c7812-5f89-45cd-ab6d-c542e499b1fa.svg
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 515132f19d1446bd5902d4654f2cf236fed020ad67553ead26982588351949d4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:05 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: wOI1kvcZ2lxVvarwrZkpVw==
age: 151
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB980827807321"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: aea690bf-801e-001e-745c-14390b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 84128450ce97371c-FRA
expires: Sat, 06 Jan 2024 12:13:34 GMT

GET
H2 200 44fd3f8b-5a25-42a7-a98f-996de4abd146.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 87C0 699 B
516 B 53ms
51ms Image
image/svg+xml 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/44fd3f8b-5a25-42a7-a98f-996de4abd146.svg
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e2407c604b7d77289bd9c43e9bbcc41f39378761bc7450b7b151e681729aa94

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:05 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 6T5iHY4kR/cqRXlJfcIgeg==
age: 151
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB980827A0A29B"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 5f5eb61b-501e-000d-7080-131d07000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 84128450ce98371c-FRA
expires: Sat, 06 Jan 2024 12:13:34 GMT

GET
H2 200 50881c1d-287e-498a-abef-0967eee64053.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 87C0 705 B
525 B 49ms
47ms Image
image/svg+xml 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/50881c1d-287e-498a-abef-0967eee64053.svg
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db66baeede40115b8e53c9b5bdbd4403e4fd749493ea0074d86234e15c082ad9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:05 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: OGNNML/bbmYzG3WVI4K2vw==
age: 151
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB98082797A2B0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 4348f4a3-001e-005d-6b15-24df57000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 84128450ce9a371c-FRA
expires: Sat, 06 Jan 2024 12:13:34 GMT

GET
H2 200 68caeb64-8770-4732-8cdc-b287d26e232f.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 87C0 711 B
782 B 48ms
46ms Image
image/svg+xml 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/68caeb64-8770-4732-8cdc-b287d26e232f.svg
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca53f71166b7b496394a852d6266cfd9c7e8800b3890e7074ad8e6f219958208

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:05 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: H8vQZgECIVhMUK6iBn/x3A==
age: 151
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB9808278D9165"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 11f5f813-f01e-0059-6d3d-235250000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 84128450ce9e371c-FRA
expires: Sat, 06 Jan 2024 12:13:34 GMT

GET
H2 200 c7fea8b5-896d-4d27-bcfc-3d8e40cc4ee2.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 87C0 713 B
523 B 56ms
55ms Image
image/svg+xml 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/c7fea8b5-896d-4d27-bcfc-3d8e40cc4ee2.svg
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09a3e0af0b633adb17d10b1e76da6da24a474166ae0d23c14e70d61ee4d5a39d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:05 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: PGPRbIvWC6EgP2XMl5G9Xw==
age: 151
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB9808279A137F"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 6d014e49-a01e-0054-2530-159a84000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 84128450ce9f371c-FRA
expires: Sat, 06 Jan 2024 12:13:34 GMT

GET
H2 200 d5e4cd03-efef-48fe-94f1-4867b321bfec.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 87C0 701 B
521 B 51ms
50ms Image
image/svg+xml 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/d5e4cd03-efef-48fe-94f1-4867b321bfec.svg
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b3f188627e15b360d1350f38b9fc396fc21fde8a6286bc43133a5b2a26638eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:05 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: kbsYe45EOgyN0lklvpvsrA==
age: 151
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB9808279B4BE1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 9cbbf2d1-b01e-0005-5eb9-210708000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 84128450cea3371c-FRA
expires: Sat, 06 Jan 2024 12:13:34 GMT

GET
H2 200 4d170477-b2d8-4716-ba89-5383a384fb5e.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 87C0 701 B
517 B 71ms
70ms Image
image/svg+xml 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/4d170477-b2d8-4716-ba89-5383a384fb5e.svg
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c694b35a7330040aa87ab8631c4cd208848c931022413ae1cd36211d3be18d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:05 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: CP5dckuzFGRJ6dKK7x8ltA==
age: 151
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 12:08:19 GMT
server: cloudflare
etag: W/"0x8DB980827905047"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 297bf6b8-001e-0062-4058-1417f4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 84128450cea4371c-FRA
expires: Sat, 06 Jan 2024 12:13:34 GMT

GET
H2 200 721e32ef-455d-42fa-8428-1ae5fb319ab9.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 87C0 2 KB
1 KB 70ms
69ms Image
image/svg+xml 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/721e32ef-455d-42fa-8428-1ae5fb319ab9.svg
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b03448143098de5b03500bf34c10210735d29421ef85ddd0d06213eea451fd49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:05 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: dIIZsAgREGCk+L7z+CtKvA==
age: 428
x-ms-lease-status: unlocked
last-modified: Thu, 10 Aug 2023 10:33:34 GMT
server: cloudflare
etag: W/"0x8DB998D3FC6613A"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: bb2a52d8-b01e-003a-7c32-23cfab000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 84128450deac371c-FRA
expires: Sat, 06 Jan 2024 12:08:57 GMT

GET
H2 200 7d019101-6c40-47bf-b456-9289e9bf3d69.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 87C0 454 B
505 B 78ms
77ms Image
image/svg+xml 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/7d019101-6c40-47bf-b456-9289e9bf3d69.svg
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1003881ad0defce4d7bd1955eed2bd8acedde9f766c08473d49157082ac3994

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:05 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Fe9zUTUCieFRBF6mOTWgjw==
age: 149
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 09:01:14 GMT
server: cloudflare
etag: W/"0x8DB97EE04CD7BF6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: ffbd2e9f-601e-0016-3f14-242304000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 84128450deaf371c-FRA
expires: Sat, 06 Jan 2024 12:13:36 GMT

GET
H2 200 f32d22d9-d683-4c02-9855-0e5fcd20e25b.svg
visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/ Frame 87C0 2 KB
1 KB 65ms
64ms Image
image/svg+xml 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visuals.kaizengaming.com/accounts/betano-stoiximan/5e3174ae9562931f344ad1a5/images/f32d22d9-d683-4c02-9855-0e5fcd20e25b.svg
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c337470bc1e9446492c2dbb7a54343960f4ae88e51115502008f4c7f05a1f00

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 06 Jan 2024 08:16:05 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 52m6i3E5yoDqe8bIckaoJg==
age: 428
x-ms-lease-status: unlocked
last-modified: Tue, 08 Aug 2023 09:01:14 GMT
server: cloudflare
etag: W/"0x8DB97EE04CF5095"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: d16e2380-401e-003e-7e04-2442ac000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2011-08-18
cf-ray: 84128450deb1371c-FRA
expires: Sat, 06 Jan 2024 12:08:57 GMT

GET
H2 200 dw-check.html Show response
experiences.mrf.io/marfeelpass/statics/ Frame 7AAB 3 KB
1 KB 141ms
48ms Document
text/html 2606:4700:3033::6815:325a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://experiences.mrf.io/marfeelpass/statics/dw-check.html?v=5
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=391
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1429
alt-svc: h3=":443"; ma=86400
cache-control: max-age=86400, s-maxage=2592000
cf-cache-status: HIT
cf-ray: 84128451ca48f0b7-CDG
content-encoding: gzip
content-type: text/html
date: Sat, 06 Jan 2024 08:16:05 GMT
last-modified: Thu, 23 Nov 2023 12:08:24 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-envoy-upstream-service-time: 2

POST
H2 200 get-consent Show response
disclaimer-api.goadopt.io/api/tag/ 140 B
839 B 432ms
424ms XHR
application/json 2606:4700:20::681a:1e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://disclaimer-api.goadopt.io/api/tag/get-consent
Requested by: Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9211112d22ac897d5f930ce7465819ec0ca8df5ed1f20d81ea549cbf55e9eb21

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 06 Jan 2024 08:16:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
request-context: appId=cid-v1:
server: cloudflare
etag: W/"8c-npER5KW1+RlGWutHeM0x8U5L0hA"
vary: Origin
access-control-max-age: 5
content-type: application/json; charset=utf-8
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBTTDTJREWmtvhvHc5Rzm2qywQIcfh7So%2F5%2BZsmMqq93daWESqvrDlvPulrY2CK1V%2FZ7rA55BWXWVLNa%2BJ8ITwNUlduhVuhopb6cedvOM%2BcWqUc56TNKA64YnZBFYtPtSjCKG0if88twTtp7CNIv3%2F0s9Q%2BH7iY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 84128451489a5d96-FRA
access-control-allow-headers: Accept,Accept-Charset,Accept-Encoding,Authorization,Content-Type,Cookie,Set-Cookie,User-Agent,X-XSRF-TOKEN,adopt-lang,traceparent,tracestate,request-id

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 73ms
71ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb6ca11122edd60bca8ef69663d73d5d5999919b0f69566c307daa663d315425

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12248
x-xss-protection: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7ECD10C0EFAF4E9EA0C5E650DFE2C41A&RedC=c.clarity.ms&MXFR=187AE444B48364440044F7BAB0836A56
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7ECD10C0EFAF4E9EA0C5E650DFE2C41A&MUID=1668188008C36AE808FF0B7E09116B25

42 B
441 B

54ms
54ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7ECD10C0EFAF4E9EA0C5E650DFE2C41A&MUID=1668188008C36AE808FF0B7E09116B25
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:05 GMT
last-modified: Tue, 12 Dec 2023 19:03:29 GMT
server: Microsoft-IIS/10.0
etag: "e8d91e42d2dda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 46F21CFD664044328D821D159AA4B7B9 Ref B: FRAEDGE1213 Ref C: 2024-01-06T08:16:05Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7ECD10C0EFAF4E9EA0C5E650DFE2C41A&MUID=1668188008C36AE808FF0B7E09116B25
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 200 ingest.php
events.newsroom.bi/ 2 B
795 B 34ms
32ms Ping
application/json 162.19.96.32
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=391
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.19.96.32 , France, ASN16276 (OVH, FR),
Reverse DNS: haproxy05.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 06 Jan 2024 08:16:05 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2

POST
H2 200 /
visuals.kaizengaming.com/tr/v2/pixel/ Frame 3AFC 0
81 B 53ms
53ms Ping
text/plain 2606:4700:4400::ac40:934d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://visuals.kaizengaming.com/tr/v2/pixel/
Requested by: Host: visuals.kaizengaming.com
URL: https://visuals.kaizengaming.com/a/64ee070c262380ef28e936b2?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=&container=.creative
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:934d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://visuals.kaizengaming.com/scripts/iframe?did=5dfcfbaa9ed3c30001234cf0&deeplink=on&preload=off&responsive=on&background=Transparent&a=64ee070c262380ef28e936b2&redirecturl=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 06 Jan 2024 08:16:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 841284514f0e371c-FRA
content-length: 0
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Jan 2024 08:16:05 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6CEA 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 34070
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 05 Jan 2024 22:48:15 GMT
expires: Sat, 04 Jan 2025 22:48:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4556 829 B
560 B 30ms
29ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8838e15b6fadfbd8d941d27396f275db6960d978da0c41a70ee746e0182332a5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PqrYlbSwjgFwM-OcBywJiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-PqrYlbSwjgFwM-OcBywJiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 08:16:05 GMT
expires: Sat, 06 Jan 2024 08:16:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4556 0
0 103ms
58ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401020101&jk=4346425991163586&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 6CEA 39 KB
15 KB 65ms
22ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 11:09:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jan 2025 11:09:43 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6CEA 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?JAQ6RA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
315 B 248ms
248ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://diariodonordeste.verdesmares.com.br
Date: Sat, 06 Jan 2024 08:16:06 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
58ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401020101&jk=4346425991163586&bg=!7e6l7qHNAAY3kmNgF5I7ADQBe5WfOEBKwB0p_6l-ShCQAHIXvZLLu1Nud2VEu_gsggf6ovSDF7VkYX3vZQEq_Se5c9SzAgAAAEhSAAAAAmgBBwoAHRfbZPTJJ8drlYGnZiPlSpMFUDLhcu1V76Jww_KWmQLDW0Xzl4MbfL6Hdy-a7lzsJHVvxcQtu4GGHnUtYfAXJl5BXurvsMWnjzU0--aDcp3qFa53u8zO6gdReq_j4YjBpvsiTWWhZzPaSrayZ20fm_Ivvt9Mjmyx5CoV5o9owhPzNNh3TQIzEvdMNc3n24SJ_91WmV99ijBwL8Zl3Uc-RC1a1DQn-7WGkF1YYCxoY7fhdKHR8DicW5X3c-66nkr5m7w6to-uM5RrLq2TAzVB88N-0y4wHi2h8sa2r-fhZDEgNNbYYH1z3qBjmbp71nDPrWGy-yA4b8m5M66Od7eDeBTucXUJ3W1dtAvxnz_c3CNozeUFMFkhzUDUPPitBvK3sl5DEy35i-u6zl_ovPOqlkUafScuk2NzZpVdPb_lnp_qA0xrSwHWbraAAL82ACIqbOCSxRxwwk3NLYCRlIZ4yQI30Yd4ZOxuA6-jhqkiBHPyM3sAhHnDECChNn_-o6fUDc2iI8pNQ_82JgpICuG41SVHskpuGruqhWRX7oWJlTP3HfnpyHWJRjFQs1e8P-FRSLv9x4KMwwfdmGLfzLO16jk2oQpgZJ2I5piPE9_EhCEY4ymhKclDejsuxbdE1V9M_xql7tRbUv1ALXAiJgf9CY2J5HazFRn4y6g82FomJFXhsnNoGuJ9wq457TNkG5YLzPMvZcILN-i4O087_Nla3YduiuM-6s5Y5T2ML7i3f6qVy3YOKESES5WjvgNWQ2hUOhF2NtMhMhIHUA2ZITJjYiHjYttw_894r9Ym_QiKbKQm7-60Ex04qdU9VsxC_oGOo1rR7XruUGi8AqCwdEBvnUdWKC72eGX1IobtOPPzkL0DaisaKkqs8v_YsTxt3tosVDAgv6C3w_PGOvN-30DOwlEx87FNT_mzP0iQTw_onn482Q2L4iAl8O7Wq0hPtSZOG4rx_TksJukJYnBsZglKv3KRjUg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 46575 Show response
tag.navdmp.com/u/ 497 B
438 B 161ms
160ms Script
application/javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/46575
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:07 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 06 Apr 2023 18:41:30 GMT
server: cloudflare
etag: W/"642f125a-1f1"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 8412845fcbdf9067-FRA
expires: Sat, 06 Jan 2024 09:16:07 GMT

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 11 KB
4 KB 187ms
70ms Script
text/javascript 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/24efd11c-063c-46de-9749-1636434fcb6c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: q9b9clsZLLfdBtwdmheOfdbmJj61AqqK
date: Sat, 06 Jan 2024 08:16:07 GMT
content-encoding: br
last-modified: Wed, 16 Aug 2023 09:22:55 GMT
x-amz-request-id: C52HQWYNTJPCY3CH
etag: "ee3af1e29ac1607ef3d41c515d1e05ad"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 3418
x-amz-id-2: zs886llTgpA1jx1HSCyxeNY74GAbKdW9STGHIOL+oe5oRLVPCaVk7bALZvh7yh2UMnnJ2ttmq0Y=

GET
H2 200 usr Show response
usr.navdmp.com/ 1 KB
793 B 171ms
171ms Script
application/javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=46575&u=1&new=1&wst=0&wct=1&wla=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a87380192a041bbfab8d61325cb01a89d926fad05b7c26bcd25e79f9d983cd41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Sat, 06 Jan 2024 08:16:07 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 84128460cc719067-FRA
expires: Sat, 06 Jan 2024 09:16:07 GMT

GET
H/1.1 200
OK fpc Show response
at.teads.tv/ 0
358 B 145ms
56ms Fetch
text/plain 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_13576&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=471b531&
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Jan 2024 08:16:07 GMT
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://diariodonordeste.verdesmares.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Sat, 06 Jan 2024 08:16:07 GMT

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
80 B 162ms
161ms Script
application/x-javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&id=13edff756583c91ad987565c4e10%7C0&acc=46575&tit=Di%25E1rio%2520do%2520Nordeste%2520-%2520%25DAltimas%2520not%25EDcias%2520de%2520Fortaleza%252C%2520Cear%25E1%252C%2520Brasil&url=https%253A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&upd=1&new=1&h1=PONTOPODER
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 84128461ed059067-FRA
content-length: 6
content-type: application/x-javascript

GET
H2

200

sync Show response
sync.navdmp.com/
Redirect Chain

https://ad.sxp.smartclip.net/sync?type=red&dsp=75
https://ad.sxp.smartclip.net/sync?type=red&dsp=75&ang_testid=1
https://sync.navdmp.com/sync?prtid=25&sclid=10a22f79-480c-9965-1b09-ed0f1ec14df7

6 B
57 B

159ms
159ms

Script
application/javascript

2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.navdmp.com/sync?prtid=25&sclid=10a22f79-480c-9965-1b09-ed0f1ec14df7
Protocol: H2
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 841284628d549067-FRA
content-length: 6
content-type: application/javascript

Redirect headers

date: Sat, 06 Jan 2024 08:16:08 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.navdmp.com/sync?prtid=25&sclid=10a22f79-480c-9965-1b09-ed0f1ec14df7
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

sync Show response
sync.navdmp.com/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D&_test=ZZkMSAAMcpSnFwBU
https://sync.navdmp.com/sync?prtid=17&tubid=ZZkMSAAMcpSnFwBU&_test=ZZkMSAAMcpSnFwBU

6 B
57 B

161ms
160ms

Script
application/javascript

2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.navdmp.com/sync?prtid=17&tubid=ZZkMSAAMcpSnFwBU&_test=ZZkMSAAMcpSnFwBU
Protocol: H2
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 841284633dc09067-FRA
content-length: 6
content-type: application/javascript

Redirect headers

x-served-by: cache-fra-etou8220046-FRA
pragma: no-cache
date: Sat, 06 Jan 2024 08:16:08 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1704528968.176157,VS0,VE0
x-cache: HIT
location: https://sync.navdmp.com/sync?prtid=17&tubid=ZZkMSAAMcpSnFwBU&_test=ZZkMSAAMcpSnFwBU
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sync Show response
sync.navdmp.com/
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=95&redirectUri=https%3A//sync.navdmp.com/sync%3Fprtid%3D21%26dynid%3D%5Bssb_sync_pid%5D&gdpr=0
https://sync.navdmp.com/sync?prtid=21&dynid=9000244689617039543

6 B
57 B

159ms
158ms

Script
application/javascript

2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.navdmp.com/sync?prtid=21&dynid=9000244689617039543
Protocol: H2
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 84128463fe3c9067-FRA
content-length: 6
content-type: application/javascript

Redirect headers

location: https://sync.navdmp.com/sync?prtid=21&dynid=9000244689617039543
date: Sat, 06 Jan 2024 08:16:07 GMT
content-length: 0

GET
H2

200

sync Show response
sync.navdmp.com/
Redirect Chain

https://sync.crwdcntrl.net/map/c=15478/tp=NVEG/tpid=85597320549?https%3A//sync.navdmp.com/sync%3Fprtid%3D38%26lotid%3D%24%7Bprofile_id%7D
https://sync.navdmp.com/sync?prtid=38&lotid=

6 B
57 B

158ms
158ms

Script
application/javascript

2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.navdmp.com/sync?prtid=38&lotid=
Protocol: H2
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 84128462dd8a9067-FRA
content-length: 6
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:08 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.navdmp.com/sync?prtid=38&lotid=
cache-control: no-cache
x-server: 10.45.16.100
content-length: 0
expires: 0

GET
H2 200 31435 Show response
tags.bluekai.com/site/ 62 B
218 B 235ms
161ms Script
image/gif 2.23.197.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/31435?id=85597320549&redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D18%26blkid%3D%24_BK_UUID
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-197-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ec412c4a31f9b4110f2b32c733be5292e43c0460373b1e3e61b9241679f730e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sat, 06 Jan 2024 08:16:08 GMT
content-length: 62
content-type: image/gif

GET
H2 200 cm Show response
trc.taboola.com/sg/navegg/1/ 43 B
369 B 28ms
27ms Script
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/sg/navegg/1/cm
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c37e5682407d07e7974304b5334721abfcaaf80533aa565ee3a2f66de1f6676f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Sat, 06 Jan 2024 08:16:07 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7413
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220038-FRA
pragma: no-cache
server: nginx
x-timer: S1704528968.984704,VS0,VE9
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 usermatch.gif Show response
beacon.krxd.net/ 0
339 B 142ms
45ms Script
text/plain 34.240.241.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/usermatch.gif?partner=navegg&partner_uid=13edff75657c2e26ef74d27cd410
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.241.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-241-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by: beacon-n021-dub-prod.krxd.net
date: Sat, 06 Jan 2024 08:16:08 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1704528968
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=822&dpuuid=85597320549&redir=https%3A//sync.navdmp.com/sync%3Fid%3D85597320549%26adID%3D%24%7BDD_UUID%7D%26img%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=822&dpuuid=85597320549&redir=https%3A//sync.navdmp.com/sync%3Fid%3D85597320549%26adID%3D%24%7BDD_UUID%7D%26img%3D1
https://sync.navdmp.com/sync?id=85597320549&adID=80582435497752200693996765479654130297&img=1

43 B
95 B

272ms
272ms

Image
image/gif

2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?id=85597320549&adID=80582435497752200693996765479654130297&img=1
Protocol: H2
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:08 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
cf-ray: 841284634dc99067-FRA
content-length: 43
content-type: image/gif

Redirect headers

dcs: dcs-prod-irl1-1-v054-04bfcd41e.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Sat, 06 Jan 2024 08:16:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: +I57jDipTdw=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://sync.navdmp.com/sync?id=85597320549&adID=80582435497752200693996765479654130297&img=1
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://secure.adnxs.com/getuid?https://sync.navdmp.com/sync?appNx=$UID&img=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsync.navdmp.com%2Fsync%3FappNx%3D%24UID%26img%3D1
https://sync.navdmp.com/sync?appNx=5146746622001865410&img=1

43 B
95 B

160ms
160ms

Image
image/gif

2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?appNx=5146746622001865410&img=1
Protocol: H2
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:08 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
cf-ray: 84128462cd7d9067-FRA
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:08 GMT
an-x-request-uuid: 2da7ab0c-eadb-41ac-863b-5505e8faf824
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.navdmp.com/sync?appNx=5146746622001865410&img=1
x-proxy-origin: 217.114.218.20; 217.114.218.20; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
149 B 144ms
46ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=u7695wg&ttd_tpi=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 08:16:08 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fsync.navdmp.com%2Fsync%3Fprtid%3D36%26uid%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1

0
316 B

28ms
28ms

Image
text/plain

81.17.55.173
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1
Protocol: HTTP/1.1
Server: 81.17.55.173 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://diariodonordeste.verdesmares.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:07 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1
pragma: no-cache
date: Sat, 06 Jan 2024 08:16:08 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 27ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3DESQCJNQ5&gtm=45je4130v871351496&_p=1704528961635&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=715184042.1704528962&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1704528961&sct=1&seg=0&dl=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&dt=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&_s=2&tfd=9709
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3DESQCJNQ5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 08:16:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://diariodonordeste.verdesmares.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
315 B 121ms
121ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://diariodonordeste.verdesmares.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://diariodonordeste.verdesmares.com.br
Date: Sat, 06 Jan 2024 08:16:09 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.gstatic.com
URL: https://www.gstatic.com/eureka/clank/120/cast_sender.js

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=esYxfI1C6yTIsSzg&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&lact=553&cl=595207588&mos=0&volume=100&cbr=Chrome&cbrver=120.0.6099.129&c=WEB_EMBEDDED_PLAYER&cver=1.20240102.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=de_DE&cr=DE&len=3239&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C153837%2C23126%2C53633%2C84737%2C25688%2C9542%2C1088%2C6271%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C5877%2C2251%2C859%2C1094%2C9513%2C125%2C4558%2C1360%2C8594%2C2008%2C4552%2C4713%2C2233%2C2800%2C233%2C5184%2C1491%2C4473&muted=0&docid=QapS58_46_U

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Domain: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br&pubid=331fbd2e-ff5e-4e7c-9de6-7c2166bce7b7

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=a5XnTsacpLaJQLvP&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&lact=732&cl=595207588&mos=0&volume=100&cbr=Chrome&cbrver=120.0.6099.129&c=WEB_EMBEDDED_PLAYER&cver=1.20240102.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=de_DE&cr=DE&len=885&fexp=v1%2C23858057%2C125239%2C21348%2C2602%2C73492%2C54572%2C73455%2C176963%2C53633%2C84737%2C25688%2C9542%2C1088%2C6271%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C5877%2C2251%2C859%2C1094%2C4014%2C5499%2C4683%2C1360%2C8594%2C2008%2C4552%2C2886%2C531%2C443%2C1780%2C1306%2C2800%2C233%2C6675%2C4473%2C1016&muted=0&docid=2pR204OZkqw

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=3wJftp3hWwCQi8FU&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&lact=813&cl=595207588&mos=0&volume=100&cbr=Chrome&cbrver=120.0.6099.129&c=WEB_EMBEDDED_PLAYER&cver=1.20240102.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=de_DE&cr=DE&len=3339&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C632%2C72823%2C153851%2C23112%2C53633%2C84737%2C25688%2C9541%2C1089%2C6271%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C758%2C5119%2C2251%2C859%2C1094%2C9513%2C3616%2C1067%2C1360%2C8594%2C2008%2C4552%2C1900%2C5046%2C3033%2C1987%2C5%2C4683%2C4473&muted=0&docid=OsCp2pYT2_A

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Domain: 12738953.fls.doubleclick.net
URL: https://12738953.fls.doubleclick.net/activityi;dc_pre=CPubv5upyIMDFZHtOwIdHT0GTg;src=12738953;type=despo0;cat=despo0;ord=786226975;~oref=https%3A%2F%2Fpromos.betano.de%2F?

Verdicts & Comments Add Verdict or Comment

214 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

74 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 17:30:15	Name: X-AB Value: dc4e3509882e40c68a170453af779220
diariodonordeste.verdesmares.com.br/	1970-01-20 17:38:53	Name: __goc_session__ Value: lzterkxhndkggoxdbpdhakuosvwqvfeo
.verdesmares.com.br/	1970-01-20 19:38:24	Name: _gcl_au Value: 1.1.279987347.1704528962
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Elp0Si96gR8
.youtube.com/	1970-01-20 21:48:00	Name: VISITOR_INFO1_LIVE Value: UfE3tPy36RQ
.navdmp.com/	1970-01-21 02:14:45	Name: ac3 Value: 1
.verdesmares.com.br/	1970-01-20 17:30:15	Name: _gid Value: GA1.3.296939820.1704528962
.verdesmares.com.br/	1970-01-20 17:28:49	Name: _gat_UA-41498495-1 Value: 1
diariodonordeste.verdesmares.com.br/	1970-01-21 02:50:24	Name: _scor_uid Value: 88e6f3f5ac09439ea6afd7262a827a22
.doubleclick.net/	1970-01-21 02:50:24	Name: IDE Value: AHWqTUnXxlAYa3-hNtK-1mJsh2qjthbL5OP70F4KUOwjn5w42JX30GcIhfcy5i8B
.verdesmares.com.br/	1969-12-31 23:59:59	Name: ___nrbic Value: %7B%22previousVisit%22%3A1704528962%2C%22currentVisitStarted%22%3A1704528962%2C%22sessionId%22%3A%224ba1baf1-9a37-49c0-a1dd-ebfcef3fecf5%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//diariodonordeste.verdesmares.com.br/%22%2C%22referrer%22%3A%22%22%7D
.verdesmares.com.br/	1970-01-20 21:50:50	Name: ___nrbi Value: %7B%22firstVisit%22%3A1704528962%2C%22userId%22%3A%22d0158a97-3fc2-48ac-a3b7-5835a1340103%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1704528962%2C%22timesVisited%22%3A1%7D
.verdesmares.com.br/	1970-01-20 21:50:50	Name: compass_uid Value: d0158a97-3fc2-48ac-a3b7-5835a1340103
events.newsroom.bi/	1970-01-20 21:48:00	Name: 391_u Value: d0158a97-3fc2-48ac-a3b7-5835a1340103
events.newsroom.bi/	1969-12-31 23:59:59	Name: 391_s Value: 4ba1baf1-9a37-49c0-a1dd-ebfcef3fecf5
events.newsroom.bi/	1970-01-20 18:12:00	Name: 391_lv Value: null
events.newsroom.bi/	1970-01-20 18:12:00	Name: 391_ut Value: 0
.verdesmares.com.br/	1970-01-21 02:14:24	Name: nvg82438 Value: 13edff7565a874516ee84998a010\|0_7
.verdesmares.com.br/	1970-01-20 19:38:24	Name: _fbp Value: fb.2.1704528962441.1078757894
.yahoo.com/	1970-01-21 02:14:46	Name: A3 Value: d=AQABBEIMmWUCEGtQzdtuRLUzfTLSFtJ1iLkFEgEBAQFdmmWiZeANyiMA_eMAAA&S=AQAAAl15kWii628J7X18Ws1oI04
www.clarity.ms/	1970-01-21 02:14:24	Name: CLID Value: 199ecf5fc97141169415db3264c3d265.20240106.20250105
.verdesmares.com.br/	1970-01-21 02:14:24	Name: _clck Value: 5nlnlk%7C2%7Cfi6%7C0%7C1466
.mathtag.com/	1970-01-21 02:54:44	Name: uuid Value: 955c6599-0c42-4c00-9981-797155aa0da3
diariodonordeste.verdesmares.com.br/	1970-01-20 18:12:00	Name: _pbjs_userid_consent_data Value: 3524755945110770
diariodonordeste.verdesmares.com.br/	1970-01-21 02:14:24	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D0b3d3427-6dae-4621-90f1-89b7534bcf99-tuctc9291c1
.verdesmares.com.br/	1970-01-21 03:04:48	Name: _ga_6Y13KJ1H5Q Value: GS1.1.1704528962.1.0.1704528962.0.0.0
.verdesmares.com.br/	1970-01-21 03:04:48	Name: _ga Value: GA1.1.715184042.1704528962
diariodonordeste.verdesmares.com.br/	1970-01-20 17:28:52	Name: nvggid Value: null
.verdesmares.com.br/	1970-01-20 17:30:15	Name: _clsk Value: ybw9dl%7C1704528963557%7C1%7C1%7Cq.clarity.ms%2Fcollect
diariodonordeste.verdesmares.com.br/	1970-01-20 18:12:00	Name: clever-last-tracker-49109 Value: 1
gml-grp.com/	1970-01-21 03:04:48	Name: CEK Value: a
.gml-grp.com/	1970-01-20 17:28:50	Name: __cf_bm Value: Zy4Zk1th1Q7fPq7OrerqAdD1xk7yocUJA6gdOB5qels-1704528963-1-AQMi2obKdPc52h6/rfMtukTvOvcrJlRaFbFWvPmJn97JQbojd5ymW6NZPyX0u/n6cJCS3+l7Ax1+oamYLJnnW5k=
.gml-grp.com/	1969-12-31 23:59:59	Name: _cfuvid Value: byuwPJEPGNfaB3SSHbLUb22F_a8ZWBmPSxy8hI0qqI8-1704528963975-0-604800000
gml-grp.com/	1970-01-20 19:38:24	Name: XYZ Value: 120&0&148&&&&0&1&&4d5a7d62-b150-4662-8527-6f002edc86ad&&a_1152b_2931&
gml-grp.com/	1970-01-20 19:38:24	Name: A_2931 Value: a=2931&r=0&fv=0&lv=0&vc=0&fc=20240106&lc=20240106081604&cc=1
gml-grp.com/	1970-01-20 19:38:24	Name: PM_11 Value: id=0aca3712-0711-4c23-b4eb-bbac1fe5bae1&c=CAABXNMSLADAADE&s=1152&ad=2931&md=0&pm=11&d=20240106081604&ip=0&r=0&ref=https%3A%2F%2Flp.cleverwebserver.com%2F&RedirectParams=btag%3Da_1152b_2931c_CAABXNMSLADAADE%26utm_medium%3D431%26utm_source%3D2%26siteid%3D1152&cip=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjY=
.betano.de/	1970-01-20 18:12:00	Name: btag Value: a_1152b_2931c_CAABXNMSLADAADE
.betano.de/	1970-01-20 17:28:50	Name: __cf_bm Value: sRFKea9L7UGJeMA5385U6760XngLScEggsM6.X456U4-1704528964-1-ASqzZ/MYHw/+LO5jDW4A5J7crouI9p4IsqvAYVGBGOtGf8ZFS3xZdLTpidu116UivHaud9KmUlIFaVF4uXQ3NWQ=
.betano.de/	1969-12-31 23:59:59	Name: _cfuvid Value: ZFHMYx6Kpjs7i7dtNGfv2jdA54YmVvjs2pjjedRQ_GE-1704528964181-0-604800000
.verdesmares.com.br/	1970-01-21 02:50:24	Name: __gads Value: ID=092abc2e1c7b4be1:T=1704528962:RT=1704528962:S=ALNI_MZnu0Cn9O-lLuPs1LfdfNqHBbkKlg
.verdesmares.com.br/	1970-01-21 02:50:24	Name: __gpi Value: UID=00000d3a2025bf12:T=1704528962:RT=1704528962:S=ALNI_MYeeQT2ZlOJc8tQbWymXqXKj-fREQ
.verdesmares.com.br/	1970-01-21 03:04:48	Name: _ga_3DESQCJNQ5 Value: GS1.1.1704528961.1.0.1704528964.57.0.0
.doubleclick.net/	1970-01-20 17:28:52	Name: DSID Value: NO_DATA
.kaizengaming.com/	1970-01-20 17:28:50	Name: __cf_bm Value: BNHTBNRM78Q3J6rH7nujB_G60aEIJxGyrjrFNn__kMc-1704528964-1-AUB4bvQ0YHLiEgjWKqKaSSREeH8v7tg4zwwJaLSNToxudlBbcXHoI07pl9jiIDTfwT9IUrE7yA6TlTpdPOfRCIk=
.kaizengaming.com/	1969-12-31 23:59:59	Name: _cfuvid Value: oUznQKk.R384W1rcXoX5_l7Rj.1HILdAJTulKQWPcRQ-1704528964396-0-604800000
.betano.de/	1970-01-21 02:14:24	Name: cf_clearance Value: D.OUWWTI9H8pq4HCWnRze0KLyWEtOjdd3CvhOqeaqyM-1704528964-0-2-f16d0d37.73d6ee16.a66c52d7-0.2.1704528964
.mgid.com/	1970-01-20 17:28:50	Name: __cf_bm Value: hRdvkzsonFpq0VEi_8V6xsSdyCdYX3mubqWzL64XLVo-1704528964-1-Ad3Uag8cBGYvcUKoocK2ZVvX8q4a2GyV8/UiqfIkC3CkFl2iQnJNjg6byJXTm1h9ejZHdLfGILTkDZNwYZUBBgI=
.bing.com/	1970-01-21 02:50:24	Name: MUID Value: 1668188008C36AE808FF0B7E09116B25
.snapchat.com/	1970-01-21 02:50:24	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ3AMAgDsIuQKEsDPWeFcQXHz04wrO6Sp9iCnUeiFfJ+dT1N2c6Z5YptcYjRHyuZzQEyAAAA
.adform.net/	1970-01-20 18:13:27	Name: C Value: 1
.adform.net/	1970-01-20 18:55:12	Name: receive-cookie-deprecation Value: 1
.kaizengaming.com/	1970-01-21 02:14:24	Name: cf_clearance Value: _O52ZXPnpe94x7v7ogSvPkt7O1N8bhxT0degny4KjGg-1704528964-0-2-f16d0d37.73d6ee16.a66c52d7-0.2.1704528964
.adform.net/	1970-01-20 18:55:12	Name: uid Value: 5238049986051978947
.c.bing.com/	1970-01-20 17:38:53	Name: MR Value: 0
.c.bing.com/	1970-01-21 02:50:24	Name: SRM_B Value: 1668188008C36AE808FF0B7E09116B25
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 02:50:24	Name: MUID Value: 1668188008C36AE808FF0B7E09116B25
.c.clarity.ms/	1970-01-20 17:38:53	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 17:28:49	Name: ANONCHK Value: 0
.goadopt.io/	1970-01-20 18:55:12	Name: VisitorId Value: caaa8fde-f3f4-49da-9db4-c4e303793633
.verdesmares.com.br/	1970-01-20 18:55:12	Name: AdoptVisitorId Value: MYQzA4DMBMFMFpIGZIBZ6oJzRPbAjdYVWJABiQHZMkA2JJIA
.navdmp.com/	1970-01-21 03:04:48	Name: nid Value: 13edff756526a8a055f6aee61210\|2\|36
.verdesmares.com.br/	1970-01-21 02:14:24	Name: nvg46575 Value: 13edff756583c91ad987565c4e10\|2_7
.sxp.smartclip.net/	1970-01-20 18:12:00	Name: uuid Value: 10a22f79-480c-9965-1b09-ed0f1ec14df7
.sxp.smartclip.net/	1970-01-20 18:12:00	Name: psyn Value: 19728.75
.adnxs.com/	1970-01-20 19:38:24	Name: uuid2 Value: 5146746622001865410
.adnxs.com/	1970-01-21 03:04:48	Name: XANDR_PANID Value: 9SYAL6miaTABdxCeiVBHxlXjvLAe1TgxJMWoTx5Hf8HoYiXmZXkMPm0_Skcmi3Spht7M9gwGhB5cceWK70LVP1lstfc_GmDpgNTpFw5qkMA.
.krxd.net/	1970-01-20 21:48:00	Name: _kuid_ Value: QBOX40HP
.demdex.net/	1970-01-20 21:48:00	Name: demdex Value: 80582435497752200693996765479654130297
.everesttech.net/	1970-01-21 02:14:24	Name: everest_g_v2 Value: g_surferid~ZZkMSAAMcpSnFwBU
.dpm.demdex.net/	1970-01-20 21:48:00	Name: dpm Value: 80582435497752200693996765479654130297
.smartadserver.com/	1970-01-21 02:15:51	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 02:15:51	Name: pbw Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/	1970-01-21 02:59:03	Name: pid Value: 9000244689617039543

30 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://diariodonordeste.verdesmares.com.br/ Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
other	warning	URL: https://diariodonordeste.verdesmares.com.br/(Line 4451) Message: Unrecognized feature: 'web-share'.
security	error	URL: about:blank Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: about:blank Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: about:blank Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js(Line 9) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
javascript	error	URL: https://diariodonordeste.verdesmares.com.br/ Message: Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br&pubid=331fbd2e-ff5e-4e7c-9de6-7c2166bce7b7' from origin 'https://diariodonordeste.verdesmares.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br&pubid=331fbd2e-ff5e-4e7c-9de6-7c2166bce7b7 Message: Failed to load resource: net::ERR_FAILED
security	error	URL: https://cdn.taboola.com/libtrc/userx.20240104-7-RELEASE.es6.js(Line 2) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js(Line 9) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js(Line 9) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js(Line 9) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js(Line 9) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js(Line 9) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js(Line 9) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js(Line 9) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js(Line 9) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
network	error	URL: https://promos.betano.de/willkommenspaket/Rectangle.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://promos.betano.de/willkommenspaket/banner1.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://promos.betano.de/willkommenspaket/bullet.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://promos.betano.de/willkommenspaket/banner2.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://promos.betano.de/willkommenspaket/Rectangle.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://promos.betano.de/willkommenspaket/banner3.png Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://connect.facebook.net/signals/config/234568464078651?v=2.9.139&r=stable&domain=lp.cleverwebserver.com(Line 127) Message: Unrecognized feature: 'attribution-reporting'.
security	error	URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=391(Line 1) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://tpc.googlesyndication.com/sodar/sodar2.js(Line 31) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://tpc.googlesyndication.com/sodar/sodar2.js(Line 31) Message: The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security	error	URL: https://diariodonordeste.verdesmares.com.br/ Message: Refused to execute script from 'https://tags.bluekai.com/site/31435?id=85597320549&redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D18%26blkid%3D%24_BK_UUID' because its MIME type ('image/gif') is not executable.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors http://polopoly.verdesmares.com.br default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN ALLOW-FROM http://polopoly.verdesmares.com.br

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12738953.fls.doubleclick.net
6545577c874dddcd4ced99dc6acf5bd2.safeframe.googlesyndication.com
a.mgid.com
a.teads.tv
ad.sxp.smartclip.net
adservice.google.com
am-trc-events.taboola.com
api-js.datadome.co
at.teads.tv
bat.bing.com
beacon.krxd.net
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c2.taboola.com
call.cleverwebserver.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.navdmp.com
cdn.pn.vg
cdn.taboola.com
cds.taboola.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
code.jquery.com
config.aps.amazon-adsystem.com
connect.facebook.net
dd.betano.de
diariodonordeste.verdesmares.com.br
disclaimer-api.goadopt.io
dpm.demdex.net
events.newsroom.bi
experiences.mrf.io
fonts.googleapis.com
fonts.gstatic.com
gml-grp.com
googleads.g.doubleclick.net
gum.criteo.com
i.pravatar.cc
i.ytimg.com
id.navegg.com
images.taboola.com
jnn-pa.googleapis.com
landingpages.kaizengaming.com
lp.cleverwebserver.com
match.adsrvr.org
nr-events.taboola.com
pagead2.googlesyndication.com
pips.taboola.com
pixel.mathtag.com
play.google.com
pm-widget.taboola.com
promos.betano.de
q.clarity.ms
region1.analytics.google.com
region1.google-analytics.com
s2.adform.net
sb.scorecardresearch.com
sc-static.net
scripts.cleverwebserver.com
sdk.mrf.io
secure.adnxs.com
securepubads.g.doubleclick.net
sender.cleverwebserver.com
ssbsync.smartadserver.com
static.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.navdmp.com
sync.smartadserver.com
sync2.navdmp.com
tag.goadopt.io
tag.navdmp.com
tags.bluekai.com
tags.premiumads.com.br
tpc.googlesyndication.com
tr.snapchat.com
tr6.snapchat.com
track.adform.net
trc-events.taboola.com
trc.taboola.com
ui.cleverwebserver.com
ups.analytics.yahoo.com
usr.navdmp.com
visuals.kaizengaming.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
12738953.fls.doubleclick.net
c.amazon-adsystem.com
play.google.com
www.gstatic.com
www.youtube.com
104.75.89.75
108.138.1.25
13.32.99.23
141.226.224.32
141.226.228.48
142.250.181.226
142.250.185.226
143.204.207.250
151.101.193.44
151.101.2.49
151.101.65.44
162.19.96.32
170.82.174.15
18.165.183.39
18.192.108.144
184.30.20.207
185.89.210.212
2.23.197.190
20.231.53.73
2001:4860:4802:32::36
2001:4860:4802:34::178
216.58.206.38
23.35.229.56
2606:4700:10::6814:e180
2606:4700:1::6813:844c
2606:4700:20::681a:1ab
2606:4700:20::681a:1e8
2606:4700:20::681a:e79
2606:4700:3033::6815:325a
2606:4700:3033::ac43:9fa2
2606:4700:3034::ac43:9a96
2606:4700:4400::6812:2a64
2606:4700:4400::ac40:934d
2606:4700:4400::ac40:9754
2606:4700::6810:5814
2606:4700::6810:df3
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:808::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::200a
2a00:1450:4001:827::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82f::2016
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9b
2a02:2638:3::c
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::649
2a06:98c1:3120::3
3.33.220.150
3.75.62.37
34.240.241.48
34.250.183.118
35.186.194.101
35.190.43.134
37.157.2.249
37.157.5.132
52.222.236.114
54.170.105.58
68.219.88.97
81.17.55.171
81.17.55.173
004faa933546e8b32fa2563c5c180b980dde2d81247683d8d14d4ee66969f188
0271e782d0e49674121fe3f5e703dfbff44ed8de8b8625a006eeb4a9702724d7
03d6f31f6ae34b7b0fbf7c43f6e29855b93337edf7daefe7ba846de4c7b971ec
044161f81ce1fac7a4fad00b81c1797ef53b6420dcb3ee5023d0ac7773e06984
04f02fab244f6c8296bff99cb139dfdff18db5028dd5ace4512b5bb912bc8840
050125150d4fde5f0db366518c41e3f2226be0957f3078037bdb6785f1165b54
05c7441247d8f700e8d12fa47d6b88f7e028ef9b28bc9549e713c854ba3add81
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09487307b29147d8a84d33e3a8bfff43d9da2260bfb39b8cf4ca75a32b239ff7
09a3e0af0b633adb17d10b1e76da6da24a474166ae0d23c14e70d61ee4d5a39d
09c8b1f439673489e968bc76b00615e12d475455edb1f100f029a4f0432911ea
0aa554b7453c36d605833a473df0e1825189dc64c064b472430bbc65078c9312
0b05225caa438d75d7bc06834688617e47252e74674a6925cec166ec10a86d9b
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0e2407c604b7d77289bd9c43e9bbcc41f39378761bc7450b7b151e681729aa94
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455
1172af7570acdb509d41b715ff6f8d2c0e06a3af29b54e76ae681571161e4d5e
13f016fc35d3cf152e8f989d05935bb90c6d1073c83611f04e908eef09229064
1546d1c528bca357bc27a1bbc55f93af4ac4f4c38ebbc6633e3d49d00c8aac27
1674c641b55359d221317d2a0a580c317148ed50753954cb477734f615157e74
1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e
174311aeecbe9b3ac728199fefbf349859785250c49c45951b6f3b180668c4ce
180bc0fd96460f6ba482df5d6e323af292a60993e19cc7aa183b5ab74574f2bf
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
199380fd1a8d8cdf246e72f2df0137277b6a7dbcdf63219ebae6606d8e182e09
1b3f188627e15b360d1350f38b9fc396fc21fde8a6286bc43133a5b2a26638eb
1b89e19aca89f180ba1e62c62495c5e4156f96cfa866b19cf0df0192452f477f
1cfca5f26c17a4b7be4d3b51e041523ef3e6ff6156bbea73c05acafbea83e95d
1e55ff825d7664e533f64f8430a9782e343bf2b4f000dd7e230a6b01a7495a61
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
1fa506cbf6bc4d331c1041a54489d78e9c9e3e79b17364444e86ac3455760775
2019d77fa19a331f0e33fb1e0f96103832fdaf49481ef54920e83b59ab68f1e2
21b1fdeba9c263ef576c174286f2d861a4ef9b8b5cb98f34cb568905fb899d86
2227f27555cfdda5ca407e3706a473660e40a64d3e026a961f24197066e55aa2
270014f86c9f5d70a4c39e74f1e16c3209ff44dc0737ae0aea02762bbc182be4
27cd9b0ab0ebb834262f420351769a6b90e9fed174f0ada73245c03cf22b7aeb
27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3
297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2a5e290f330a473df29695496b8d33d379cb2b17686b63f9356bb23e07f7bd86
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d6a8ad45eda12bcd8172fa4afcc406e7aef22de7f74ca01f0c6a70fabd8fe82
2db20c3c3c0373d7adc848738eff9bd98b7bbf0974f5a1ad18f2ad08d5de7220
2dde0b31d408bd1b0551394d5cd58426cd483af5df5b3ee34cd5948cda536ae9
2e260c30045f1b05617f23476acdda8b93536de9e6446b757d7334250297c489
2e52de34ed636085ead8598c90ef5ac802d5cd018542099e4d15e6aad41c07ea
2f9dfe3bc1c7da5c87b21ccc2e81cce4e37e1cca9f085d70d8682747219e18bd
3072f755bf99acdaa34415da49f58e8e83ae33d63231854a6d290dd09d5c2500
307a3313b3774df5f1cb9210a260a25c58397dcbe220e67e19dd8d6ca3ead6e7
3122a2ad14078e833656ac1de950aa8a449c3705d95a21d7be14e88404baa0b3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
316d109b2e29015436e85e9b265d4259d42d0abf661d3268db746f4a8493a5b8
31d72fec0d094979f31ebcd9aac51ec649fff1a4e1e13f99a595eb12ad665555
322324fa010151740be0838f03098bfd56110282a027889ef8a8edd6541de27e
323969430e3f1e853bbc008cad4898ce6022f5367058d3c9d7c9f0a8ba7f405a
3319df8b9c28451700b6dc398868f64e5554b3cb164d188bf6f0cac6b6e39793
33b9412580991bedd119a35b9cdeade7f98aa46f1e30cc8cf3c107b60c44aed9
3470ec5a8c42a5266093ffc43138e26da1e0c7990e6316f76e9a18a650ef3d7c
35eb8dfaab4bf3bac258cec08918ec16f4b23e8d47b5bbaa41fbd28f4660b1de
36480d8320f3027e1959409b9618093a71366fafdbd8481f2fa570f30e8680a2
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3b34383246d1feb438171b37cc5e2dce02114953d3a9749952980c10566321ab
3b86bf552550270f53580eb9412958d8d3a18625b12bd5fca8fb3c95bbcf15f2
3b910b05404830b824ac63660b831e5f19a648fdd44d898dc30c3f7c3b8cebc7
3d2162445b314f8b5187e9aab513f7f65b8a6f1ae2c911ad812a66b66e9d8975
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f78db732fd67cee6fbe4b219ebfec4f4ddefa9d83080fe6019a291071609f33
3f7c2d68eca71c2a9797c36fd965569ae502682df8e24ddf6fa8c21f6acc3f74
4038a2a1b34c21f1acd08f84cb08d341feafc9be8ea2c4596885c1255f3f2bbe
40eb4494f963b2f531935eb893e7c70b1bd4d8883ca07fde4edb042c4af11387
410ad554317ffeddb3df5c2a550c2b315881de9b01aa8f77f5d8081fef722cbf
418bf2148df3ca2470fc7c285de7f0dc54877530d4ed69843d8e37feb93df985
41b4f3c1adc28a7630fdffd0fc14f9549a88989802f39105316de71aff81b2e4
41f23834d77768418c29a6e4578dc5fe673e053d0341e8d1ad2074f764bd208d
4228a95f9d422888250bb0c0805b910108a2f8b7bf16ca46b614ac8e3048dea5
42586418372ab46eed4fd53154766fb5ebade0afea824d47f882eae085a2ee7d
437c424ae2c33178b013590e4fc99f8584edc9893d9276067ef9f9c774d68f9f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46336d17bc0deae32fd48d3697163d7845b46f846ef4b247fd01358d7f349a20
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
474ab0bc28e77fb52b560cae9c6578f57f6de98e1fd5c75565fea0664a1f7b06
47b7b61d4a719998ac12bf2e12279a9175c971e617eb6544766cf8c5f0369459
47e965a46ae6785a0a3412ca35b96a6caf9da9e787d56b78b9fdbb1f129bc48f
494ef673cae9df9d1c8e677e6c24c99241f709a9ef150373687ad20d18500881
495ad399c1caa9c72a5b1fad6051aaa739d0df20f5623afe10bb3dc4c6c2ff3d
4a4e0537b2ee2c41074f40d513b4e7f604664a7b416ec6aa5918cb951a510a34
4b14796bcc6e5018785ee17ce96f35ff83fc2de83014a3cf2b58c1959e9ceb03
4be6e57f964287d22addfd30806f4fc69fc1560fdb5f9c649beb85d1f72075db
4c337470bc1e9446492c2dbb7a54343960f4ae88e51115502008f4c7f05a1f00
4c9314b73430fd751f94a5091a3e108f0a455d74279bf56a08dca769c746b2bd
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4e1aeaf09ef1b611cdf60a20c17b08f6490c6c1d5aca5da6b6fd4f75a533fab6
4e2d1f586c76a89dbc20290f84eba625d8c271e2e516479630ecdc019c9f70f4
4f3a18c01abb2d09ff95420fe629d9d6962376b864a43be5321315cf5674357f
4fbb415ea8b4660ac89a8992303f64daddc2ccc2337b91f2cc8ee8c2c08df747
515132f19d1446bd5902d4654f2cf236fed020ad67553ead26982588351949d4
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
51a3bdfb4d0c7de637f694676ccf95ee47e81fe5c4907d93fdb4405bb1930919
51da5b73ff056af5a7b6661a72877729acae13288868cf5689e7933f283d8f22
5276824bcd884e7f39035f625c3748a07c3c10748054717a4b202e5071eec07d
52794d4496577500b1d2a45ad73fe7eaee33be207456558e177b226e942ae317
52a29b757bfaf927dcb60fc3ed65d05560152bdc2b12227e5c53344237d1bed3
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5471308ad1a101670136d6ac7024729d228d6b9d965329b9c2b5657068ba4011
558ffc306fcfed53467bbf376f405a03f22c4b47a02c4a446d05a769852585dc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56f1771460ce21136cc8f9fb9c00c1d43b755edd5197e1f55f2b0e9780c1e3c5
5738f98721e6cfe08bdfe7f1076333ccf282e60bbf6638dae87deccfe5e1bd63
591a6f2249175b59c7898d013012dafab250364e89e9846da7b70a1279c1244f
5a6c12c83fffe29c044e850a40049dac7929d3e1a63531d4f8577532844ac6c3
5a82ecc21c6a4028efec42895f0720260452979e0f5dff2fa24f2b7ec982d3d1
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5be4a626530d70eda6e7fa334a6e3d8711f348ed7959d709ba524040967950ed
5c088c360f079039bda4967beba79b1caaf126da534ac7f7e2b6baf34acdf263
5c447157fa660c55a320f8c1735eacb754c4697c5ff98dd4140da21ffb9b1ba4
5c694b35a7330040aa87ab8631c4cd208848c931022413ae1cd36211d3be18d1
5d75e6b6bc5bbfa6fa2afd985daae315db41763f30c3981aae7958a3437e1988
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c355fcbe0d9a8c86e4e05da4bd3fd1d24947ae69ca3f19793654949bd84dde
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a
62abee42f8de35bf84f870156e78a63ef9ac008a94e48924de6101eb335c1856
62caffb569b2f4b4bf9f4c317c6dfc6ed155304a9bce20f0d12613053f1cc3c1
65505f215e9d6c8317be522c00e041b7da5b7a22e8fb8a8d7485a76b691b16f5
674fa3622bd3708539a20b20cdbaa19ad64a1f24cf1fbc2c974fa1f96a9a6bb1
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
682eea5c87bf67e804007deb37d6cc3e5eb7086374828b2af3edd3f3dda92da3
68a0f6c6022203c46e4dfded06a6bc3ca64b895839d39062351649dd97a2ad8e
68d5359f369dbe89ab3504391fccf4e3dc534abebe4431d8e105833d2ad36165
6914bba20ecb857f03498d896f3429d786f29d8839f28275c5f0eaefb1fa31ba
69c5f856d15a613a74c211ca54dbaffe3ecd6b56fde61a0a73a81b7d9be49974
6a4aaeb80b8cab44b94d532c946cbaed2a25c8dead8dd54161340d3cc56bc308
6b16426ca00785ca2b259d4305d99b2e6e89a17cc9fa6af3aaa72ec7b16d587f
6dc54b59d9676995b295651619a40959edfd2e18ef49e89e4c0a569066c1405d
6ee44f8ba15e607e839769cecf095bbad4b1984b8ed10bc5d00ff1c2044011e0
71cfca93fe4fc24092daa815de2b6d171e53d10418844a9cb61ae9c22d025096
71f82d8de2cbd83902d319f2d4f3b35ac739742a884b1aa5e3ce48fbeb54abbe
728165191b625a29fc0c1469f93cf17eb62f3595f379c977890974543f7d814d
73711581a64e5153e1d6dc83d5ab9c59190279073cc32274ea9f85d1dbeaf943
7392d426ac3da3071ebe16fa2ba3003e438842f8368aa9611b7fdcc48239024e
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
76308542c656df00ba56ff7626a63a3161e8c42877ad873fa50844d25f77db50
779a231769d09869c9ff4c8127c40f64189de7b1dd3b0fa70130b3f02dc6c37a
7824eb42d6c442d4ab27c624e009fa731b268639c6571d2c8bf36b8e76a1e216
78882a11de1f82194b521c7a3729eec430b5e5487a978fd8b1059b7adfe8231a
7924ab66537a4c0252d28e30fa2d90409f64e77466ae3693d2c9673f7bf6cc1d
7987ed9a45cb8609048c1f88719a037c46d30d4b7101473326d12e5767a2aa7d
7a85e9e21d0b556bf5358ac053cdc503875322e2c23c28e51247889e77529a06
7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769
7deda1c39954d6f7cfd176868e6558aaaa6f941d0a118be674d30c04fb443ae9
7e193e694bd5cb3b61e7c7a0a51f37e2422326b5363ee1081cd4904893f7ceee
7e8af219d39c1874b3743a3f2ff3670b764b3733db2391be86f284575562a1e9
7f602f9a56289339e05c21b93cca562e0314d1eb293a8304ae5ce18803470992
80a95fa030fd1df8c270f9c36ffa2c8e0f359ac337e57184d2923c5926d9ce2d
837ee9aaba71278b67b61dcd736521ed2e3f1595b607f62b6c3c709ba261d35f
83b71ec4344fb3116e6ed880f9d1ba1bb3520f6e6445adce7fda816a68e75ffc
841fb12bda2901d5ff4479a2ad11317c213838cfc2afc21236c12301ace03625
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
85d47174e25b459f63b552a828429a8fdfc0c0f92c9506098ca5e3685b9d7ed0
86565c8aed1f7bbc5c896bfa99b332bd5b57e2e797ed54e2099de7931a0857d1
86d7042ac9fa4c20b28568cfd9a87e6d428c6f2aa21a0346c8ab51b887f23b1e
882e474b6c38b47acb0ec38ce9e095a84624ea2b8a1d1a122c2d17d3d26c47b3
8838e15b6fadfbd8d941d27396f275db6960d978da0c41a70ee746e0182332a5
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
8bb753343c3b0af0b9dfa273b033712833caedfa19b95e0d4b64b8cb14d7eeec
8d69787cb939711d66eddfb1ce5f10db7f67feff5ea4e300e919580f94dcc4a1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8df4928a6d83ecb898c23be4498546932ca8866f2f6d5d4507d708d996432427
8f1f59c95dfcf2fd246bde25acbaf26931d91f51c3294440b449daef507f690b
8f428971557af529ec0843e025e70f8e642859b4fed2f2cf0134f16f97bf6910
8f88d265d4f543754bfda9de4c9549fc41754bfbe3d9e2fb58011aa9d5f8a929
8fd70d02d7616b90b93fbcf03f7df1c82e387831b164f744c179721924bc5335
913e8863b4a9fdd1dc408e358b7fa24cf3ce14d5b08eb9f0f91728a08440f0de
9211112d22ac897d5f930ce7465819ec0ca8df5ed1f20d81ea549cbf55e9eb21
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
944bd35271d7242c6a221a4ed3820216677357b9f9189a329de05fb0462df330
947d9d271c25156cff95a51c2599e443394e75a0dacb8c9ef1d679661dcd5eac
951937c05b317683fa2696758cae75dbce123ba4539a17e6ee89c952b3175449
957b54331affe2dc8fdc71f7638304da5e4152973d21c7c35d9f59d1252cd8f0
964565e96eba3653f3f34e6cab49ebb69a7e628e6f376d0b3995048e60d4c264
973d937f69f428e851085e61e90eccfbb4ba39dab2ccdb303fcf08fa3fbd9dcc
987c8ef99ecc722fe3927bac67f2eae84ddd47944191fd354de09dc73a677c71
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a05fe1eb798dc87fa29108b3ed49352b3f891fec5732c0320f7d7c5cfeedd97
9a4e39d50f327270714dcd7f18f54b57a03fc26189befc99da628449c5355017
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a911782a9d1a53c1c90b440beed750584f83620bef4d1c97de328a8fa472b47
9ae6bacc33833f659a37e0f9a605a369d06a7dd9a40bb895405171e02bc150d9
9c4474c8a08e668d7fdb8ecbfeda8bbd14f9a70424c2d4c2fdcb7f8a23538f7f
9cd1efd147d00fc5bce9fd0cee40ed69acff80b89889375878a0570da83c986e
9d1d32f6fd1ed2900029c8afdf804a635950357b2c472d542333a1f6e4aa123e
9f312aead73c7059dc22bbff1a38210eaacd5e2d7beaaec586a32575c54bc35a
9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607
a029e2549551bef98a5aa0b21c4bab1be59767ee01456219b4fc4ad5106552ab
a04cd7a62992df85368e1b445cdd555b394779dd4242e14877cfba103d0bcff0
a0e1b81ee14a9c3432248f962ca11f3d939f6066c4eafb15a61680e7b406aa18
a1305f35e96334c2735a13c26771db6e89d5ba273af5d4ebdbfbf517d52b6a33
a24f4f105f56838f9beb801ad17aba77b0a225f6e207515d5be5f4bf500fbee4
a3ba5c932fea0dd2015bf65c241445b86fe14a0d6ba863f65f6f5585afbe1733
a3eee885775f74730ef43503e2a686731d4ef88baf70a6894a313789b81417b7
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a493de25e0c3a0d6e8cff6840a97dc93226c9d704102d957b1d4ddee13313aa7
a5d732b00bb4cd8b2099c786abeed20fe58f925be42120693f4c0c24c094b508
a6c012f52a79847e00cc1e8f8538fbd3a2237d06c78d56351a4fd844ee296279
a7324a3912412c94ac74cd9b3a3a9902c5953c8298beb942e6425ca3b881d52e
a87380192a041bbfab8d61325cb01a89d926fad05b7c26bcd25e79f9d983cd41
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa2cdebb52c711e64ee4f3b826fb1ef67d65fa1a51152bf3bdb7675acb96f04b
aab3b7005f69e9d7c10a94d7f3657277d5c9dae9cfc6bde05617b003a56fa125
aafda1ab2eb5f07a0b3b47fabf74b8f3b889ad07cfbcf82e626dc5f5aed23624
abbd6d5f068aae28bebddc2ff1ac767a61094c668f3472fb4a82104889b00938
abc9055dec46bd0fe46b5534dee9d9a6411491662f1403df81e6e238389b0b8b
ac7bb492fca6a4c1c72dacfff28d869d9a125529a085d29da9ff803b994688b5
ad1174bc478c9b4cb09057c396593697ffb86269deae828756c09f96835d7487
adb50f96bb5a48e2ef0fb797794458292ac375857dbb50238b51e354dd3c1760
ae48bd9ebc12cc04ab966589cbae4d4b8297f5a8e809480653aabe7decca22f7
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af6634af0785dfa1f6342dc216e635ffe9dbd92feb81d0a1783fecd3b37e67ad
af6d94040de81bc27c76495dc92561955e86639b6ed7923c1ea4b08b9f235892
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b03448143098de5b03500bf34c10210735d29421ef85ddd0d06213eea451fd49
b053bdbcb7f497d520c922dee59436cee21b900fb33a5b1392b24e5fae21b49c
b0d0b7e5101a1b8a54268b9188da520d19d74df9b35714a8ddb5987fad990591
b1bcda979c82fbdb001a058bbcd782235588ba0cf67ec17cb6b406c354049697
b222717d8498c895539da6ef8972866b03bcdd1b78f31e2028b31616fa1d3b5b
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b34bae971348ff69541a08b66598c078cf3cd023e8b45762654ea24cffd7445c
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b5ec2a4d1861890e777618cb339db16300cba327389383ea485ae69ec748b619
b65aa9d90fcec9cf44a72ddccfa72e53a10784427249050194b4c5bad3dddc03
b7128e23958b3fda5c3c906893ed845791c82b203b643817c854c86f211efbb1
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b7f6e2585f4bb89f9d5c4bf0bfdf2d8637fd97a0818ca76fe281eb7229e8fbf6
b8683d861b8449eaa346c46cfa609c2142c0e505e41615aee70096c6e31e919e
b99c4abee0d173f31b7eb99958efccb2a9f97792fbccaaf6a2684dc3ce59c0ae
b9fd0e8576ea84ddc87bdb42eaeba3b53e1fc468bc6e3be6eaf07561846010db
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bde4a2a274471e86a801fae3031412222af0fc76d3f2f54149cd0561088ebb8b
bf06e66d0b6d12c39860b7a3f1a724397a8bc0267423b64c6627ef0f52a7b27d
c12b04b2276fa80a6649200e12ec4e78f3fb11bf0e21d2d2c6a215cdde0b3dcf
c29b70533eedd12590ae5c9cf58d6e95063f4f23ef666343e5ba6bf602b62e75
c3356f0f5569f8ef558651670486b10b673b2bbce268a8f265812b3820ebad28
c37e5682407d07e7974304b5334721abfcaaf80533aa565ee3a2f66de1f6676f
c4fd5da88e6a307d3c80675b203e95f9d92bd3d1772f4a341acc6d57605f7e82
c52aa6e62e0a6d916f3e2e9204370a95d04df4f9f5b56441b26e27210b7d7ae6
c54140eac6df64b97abf9bf21e88910bac89ddc973d871fcd33dca119b8b4c24
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c69c7bb218bf8af15e2ae415862db1bd0d445c959be698fb58320d97dd1a5b5a
c71752822cfbdf7713731e936ebe7f93fe99c5984e0ddd3c6a8e185c17ff5048
c7add74cb2fd22974fbf7676913f045af43dc852adff61022172deb587b3e539
c87ff6d9f193e16f8aad7a327ad0bd4d80c82d87f8f31113a453986c9e4a7f53
c94a0dc6cbd7f95a3c4eb8f7959fd8e5905ff0794116c07a5f09bbac7ef9ffd1
ca53f71166b7b496394a852d6266cfd9c7e8800b3890e7074ad8e6f219958208
cad9bc6527b72257d887e2f6cb68247261691695c0b8f1f03157f9a693c2ffa3
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cc39dce33b537a2de2ec395aac9062ac88ced3a39a13d038b9410b80bd7990db
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
ce0512a663731e2c442f141e7d6ac70f8aceae8eddafbe2111efbc175ece54fb
cf2e9bbdef32f1bd4e75dd8e1ecf2e7fa61697babb54f4d7e502445608b0d399
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6d2dfc4d43fa5bce8bd7597a4380ad828bf27903e32c5f7e1f43e43559569a
d0a0436aa0d474bb9cfaa49ab617b635f6ccf57e6815d3ad350bfd427268af0f
d1003881ad0defce4d7bd1955eed2bd8acedde9f766c08473d49157082ac3994
d2230c7695f96fbffa2a8e1711c582e3dcb6e136bac033dc98704b82164302b7
d30e51042a424e480e0bda151a436d5a50f2e08d939fdb4a0e8553269de1d74a
d48838c5cb12eedc7ddecf68684fdf8a6692818d80bbfb86437d7f4e2d0ad1c6
d5ff38a1a47c5041ece416c0afe61562ac2b914f02e5df0ecd4e51d11b0ddcee
d6dd422c02b56568cfe8b681583564c82e9d66802172dd23b52223fe543f70f0
d7112241fbbe5028b06cc6859ebf86d94cdc779b9d1b4eae9ac87aada6b075b4
d7438e1988be31810a7af4da24dc0a635ec150ec617c21a29bc29c052395f3b0
d772756f7f30b155def5b4c539d7883b69134c27e64be72d6e2fd98b37718843
d776482d5387dd66a3354637a3ddf5261dc6f35298b1e67d3f25ddefd5154d66
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d88ed7f285ad93601c7c1a42a3089295e46a73ad65affe1f34f000924621376b
d8a0d356d644b4013aa75e86393844a21bdfaf2a4bd5e99c2ab05c0fe74e3101
d902496edd78890a7f6220c67568768e462dd2c0865d8adbc70506e07f68a3d2
d9736ecc3d0b02292cbcc412ccde89edccaa563cf91cb2e4c93e20ef91bfb2e6
dad7cc652286fe3fcd072159ff6fdc30a62ba200d329d99cc1674f5183406584
db12dca722591dcf03aec653276d07d75a3f01e6e113963a301847eec5e0666a
db66baeede40115b8e53c9b5bdbd4403e4fd749493ea0074d86234e15c082ad9
db92cec9cc96bb3412ebac3977db98309917f92e36ba3fcf65588b371e25831b
dbc594233ff684799bd8a1df3ddcacc458b20cb4e5ed6485e830280ec7569a83
dc9005440b3e7c7663e35ea9a5654e1895509c8e9b0712f3902881aebf706c89
de0ac645206f74dd9197dad7e0d7c30eb5b59a7183108b197b22c3277a1d5d26
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dffa82fae402fa358344642ea93e4401ff99760fa93eaa676ae31fb6b703e2f3
e03aca5c157d660d4cce27afff440611c207dea410e8501f2f6a7ad36f891241
e0cf50d044cad2c23d11f7fa39888aedfccfa55f337df706b54b2cca7cb736e8
e244ed2d3d2e650e8a423eec17d1792502c9b95fbc956c19a8fb8a8b93a9e4a3
e3266fa4ea51a7c0a7688f790e22a224b08de0fab8d273b5abb34bec1fea915a
e38036666bfe4a75be27a357445e727ef03e67e2e633442b095279e4dcbfb57e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4afefd035ecb62737c44709bb0ebee6cb021b5f9173c7bef7325dff54e3cfd2
e5b8d43afdab0ae0abc8a5d1baa45590ead685e1437c760848e677c2c7ae6880
e5bdb0f95a5fc715945054849bad72aabd1c2b07a1f3f91cabbe94a7bb34592f
e5fdb3ea4cc4cf6b0f77fce3b54d03d78a697bec33bb1a023b964e8be16aea5f
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e8723212fbb226459e31e2097a6a538470ac81deed2a03ff5901e8373fe3a14f
e9a9922d324a7b568b7229256b6a5ef0b474a72e5f7ed32f3663a915ba3bbab7
e9df9b7d4abebd1440d6025e48ff478ff7290dd4196936de3673ac95c9934294
ea92e1dfe7b0bad34df752ab0a7d7c65896679b908e3b95e81fc88a52bd49fa8
eb78163521beea3e3fb6de4db8a372aa54ca8802059320c05c851439b9a22058
ec412c4a31f9b4110f2b32c733be5292e43c0460373b1e3e61b9241679f730e4
ec9050b28fe42939ab4eac1e2fde40f4c2547eafbd2e90669471a5cbb2feb18e
ed13c4e75b93119acf64bd85bd8d95c456de931ae3b6314ae6cef324e386d186
ed48c2c26ab144483ce6e6cfd207070eaa30dcd7cfe36c14b29d89b343e9df05
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347
f078b903c84ead330ddad04b86609c00ef3d97807f694d5b8a05e8b925a3c3ee
f099ab2b067e69ce7aec7316818cd1847e4bf80ecc9b3efa0cc9b4fa3d1e88d5
f198cc70c0dbefa53f75b5b8af85af5a92c12c00e727b24399a58d0f671c7426
f2a2e8f514007dccaa32d4799f7e436a719695192d393fc2fc8dc3f9f7b4182f
f32b140b03828c62df3172e04064f5224d1903f6b45ef970e71e87d345b485c7
f3cd5c20a3884bd7cda8eb950adeba86736e8cbf6ae2fa7f84ece1ced383445c
f494f275bce4fd4dee8ab566084a9c551759aeea03d29469be6fc5747183d4bb
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f503828aae308bbda421228d89fff3f9f7f4580f27faaf02c774ce73f9e066f3
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5baa4d60470a8a53017733f8489c66411d0b65af7883d73c22ac1c949478c35
f5e7a155078e632cfbebf8f8aaee8ea5edd6fb350cdbcd61c227736fe374cdaf
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6cdf488e01c52018c72e669f38948ef1b3f44463428e6f2fd87c1d77ca77c05
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f889ab9b9138135d594a5da3ad215533462f6007ef0c8ce4c1ac6f9f0e5c4885
f926d2eaa1938821474fb891a5c5620ff7b1608c91fa248ba1b0a3488891ea1b
fa122b4c4091bbec3f072a7f918d4867b258fcd9dc45429205e08c760ac8a7c2
fa2fe840687db705e1e27dfa93fa8c233e3a460045892a6a094402b59b085330
fab2f44ed2c54018f566702de911e32e0d0502e41768f5b16227576589f42e68
fabdfc96498ef947e3b5cd8084d0cc9280886a8b549a047fc576342407f34850
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb6ca11122edd60bca8ef69663d73d5d5999919b0f69566c307daa663d315425
fbbf479d0654ab21cdf6c236527d72ecb1b181f500d291463cbf625b3fdacc39
fc0081d5d01c24bef68e2329cfc63cd65ba2516dceb940baeff08b09430e1e62
fd3d318d6fad54a4131b5c1008853f1a01dd13aeb6ec114d11fbefad59f266ef
fda4c0c8d886d3dc37996a43e3733d5f8433d49283716ea9e7a7316cda7794ba
fe194ee11d11bf375746aa8ea0ac85392fecda94bbde316ba41df049103b2a59
fea86661c5d80146c78c8e112e81c6ebcd3ac8c3f4d81c6fd3419532343c21a0
fefd09307baf0332b143c3c14fb6851c10e354362510d85a0c43d7e3c479093c

diariodonordeste.verdesmares.com.br Open in urlscan Pro 170.82.174.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

511 Requests

93 %HTTPS

55 %IPv6

54 Domains

97 Subdomains

67 IPs

8 Countries

13898 kBTransfer

36198 kBSize

74 Cookies

23 Outgoing links

Page URL History

Redirected requests

511 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

diariodonordeste.verdesmares.com.br Open in urlscan Pro
170.82.174.15 Public Scan

Screenshot
Live screenshot

Full Image

511
Requests

93 %
HTTPS

55 %
IPv6

54
Domains

97
Subdomains

67
IPs

8
Countries

13898 kB
Transfer

36198 kB
Size

74
Cookies

511 HTTP transactions
16 data transactions