Submitted URL: https://t.co/vavbHZiQMK
Effective URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-h...
Submission: On December 13 via api from US — Scanned from DE

Summary

This website contacted 57 IPs in 7 countries across 40 domains to perform 249 HTTP transactions. The main IP is 2804:49c:319:430::339, located in Brazil and belongs to Universo Online S.A., BR. The main domain is www1.folha.uol.com.br.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on February 12th 2021. Valid for: a year.
This is the only time www1.folha.uol.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.69 13414 (TWITTER)
2 2804:49c:319:... 15201 (Universo ...)
1 2600:9000:205... 16509 (AMAZON-02)
23 200.147.36.53 7162 (Universo ...)
7 2a02:6ea0:c40... 60068 (CDN77 ^_^)
2 2804:49c:3101... 15201 (Universo ...)
1 2a04:4e42:200... 54113 (FASTLY)
8 2804:49c:3101... 15201 (Universo ...)
1 1 2.16.186.26 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
30 151.101.1.44 54113 (FASTLY)
2 151.101.193.181 54113 (FASTLY)
2 12 13.35.253.75 16509 (AMAZON-02)
3 200.147.118.15 7162 (Universo ...)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2600:9000:214... 16509 (AMAZON-02)
2 2606:2800:234... 15133 (EDGECAST)
2 2a03:2880:f01... 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 95.101.27.105 20940 (AKAMAI-ASN1)
1 2600:9000:206... 16509 (AMAZON-02)
15 142.250.185.66 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2804:49c:3403... 7162 (Universo ...)
5 141.226.228.48 200478 (TABOOLA-AS)
5 2804:49c:3102... 15201 (Universo ...)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 34.102.185.99 15169 (GOOGLE)
2 95.101.27.8 20940 (AKAMAI-ASN1)
7 185.33.220.244 29990 (ASN-APPNEX)
7 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.8 13414 (TWITTER)
6 2602:803:c003... 26667 (RUBICONPR...)
6 35.157.246.167 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:1f18:612... 14618 (AMAZON-AES)
2 52.223.40.198 16509 (AMAZON-02)
4 4 185.94.180.125 35220 (SPOTX-AMS)
2 200.187.199.64 7162 (Universo ...)
2 34.199.233.122 14618 (AMAZON-AES)
4 54.94.49.180 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 141.226.224.32 200478 (TABOOLA-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
14 2a0b:4d07:101::1 44239 (PROINITY ...)
5 213.136.34.196 8473 (BAHNHOF w...)
249 57
Apex Domain
Subdomains
Transfer
37 taboola.com
cdn.taboola.com
trc.taboola.com
15.taboola.com
am-trc-events.taboola.com
images.taboola.com
vidstat.taboola.com
imprammp.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
c3.taboola.com
sync-t1.taboola.com
pips.taboola.com
cds.taboola.com
565 KB
34 uol.com.br
www1.folha.uol.com.br
static.folha.uol.com.br
f.i.uol.com.br
paywall.folha.uol.com.br
stats1.folha.uol.com.br
comentarios1.folha.uol.com.br
tm.uol.com.br
estudio.folha.uol.com.br
766 KB
21 google.com
news.google.com
play.google.com
adservice.google.com
www.google.com
69 KB
18 adtooxcirrus.com
displaycompiler.adtooxcirrus.com
global-assets.adtooxcirrus.com
305 KB
16 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
pubads.g.doubleclick.net
199 KB
12 scorecardresearch.com
sb.scorecardresearch.com
9 KB
10 googlesyndication.com
efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
61 KB
8 jsuol.com.br
jsuol.com.br
tm.jsuol.com.br
me.jsuol.com.br
216 KB
7 adnxs.com
ib.adnxs.com
6 KB
7 readspeaker.com
f1-na.readspeaker.com
68 KB
6 yahoo.com
c2shb.ssp.yahoo.com
780 B
6 rubiconproject.com
fastlane.rubiconproject.com
7 KB
5 adtooxcloud.com
se-de-fr-ect.adtooxcloud.com
2 KB
5 google.de
adservice.google.de
www.google.de
2 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
128 KB
4 spotxchange.com
sync.search.spotxchange.com
3 KB
4 uol.com
stc.uol.com
93 KB
3 googletagservices.com
www.googletagservices.com
110 KB
3 google-analytics.com
www.google-analytics.com
20 KB
3 dynad.net
t.dynad.net
s.dynad.net
40 KB
3 twitter.com
platform.twitter.com
syndication.twitter.com
133 KB
3 googleapis.com
gadasource.storage.googleapis.com
imasdk.googleapis.com
342 KB
3 folha.com.br
social.folha.com.br
963 B
2 compassbr.com
www.compassbr.com
2 adsrvr.org
match.adsrvr.org
529 B
2 tremorhub.com
taboola-supply-partners.tremorhub.com
365 B
2 tiktokcdn.com
s16.tiktokcdn.com
7 KB
2 goadopt.io
tag.goadopt.io
disclaimer-api.goadopt.io
3 KB
2 facebook.net
connect.facebook.net
82 KB
2 perfectmarket.com
widget.perfectmarket.com
33 KB
2 ibytedtos.com
sf16-scmcdn-sg.ibytedtos.com
sf-hs-sg.ibytedtos.com
17 KB
2 chartbeat.com
static.chartbeat.com
mab.chartbeat.com
10 KB
1 2mdn.net
s0.2mdn.net
17 KB
1 tailtarget.com
tt-12340-4.seg.t.tailtarget.com
500 B
1 facebook.com
www.facebook.com
1 imguol.com
imguol.com
3 KB
1 tiktok.com
www.tiktok.com
1019 B
1 t.co
t.co
740 B
0 advertising.com Failed
adserver-us.adtech.advertising.com Failed
0 ivcbrasil.org.br Failed
ivccf.ivcbrasil.org.br Failed
249 40
Domain Requested by
18 static.folha.uol.com.br www1.folha.uol.com.br
static.folha.uol.com.br
estudio.folha.uol.com.br
14 global-assets.adtooxcirrus.com displaycompiler.adtooxcirrus.com
www1.folha.uol.com.br
t.co
14 securepubads.g.doubleclick.net tm.jsuol.com.br
securepubads.g.doubleclick.net
efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
www.googletagservices.com
12 sb.scorecardresearch.com 2 redirects cdn.taboola.com
www1.folha.uol.com.br
efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
11 cdn.taboola.com www1.folha.uol.com.br
cdn.taboola.com
8 news.google.com www1.folha.uol.com.br
news.google.com
t.co
www.gstatic.com
8 f.i.uol.com.br www1.folha.uol.com.br
static.folha.uol.com.br
7 play.google.com www.gstatic.com
7 ib.adnxs.com tm.jsuol.com.br
7 f1-na.readspeaker.com www1.folha.uol.com.br
f1-na.readspeaker.com
6 c2shb.ssp.yahoo.com tm.jsuol.com.br
6 fastlane.rubiconproject.com tm.jsuol.com.br
6 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
6 images.taboola.com www1.folha.uol.com.br
6 tm.jsuol.com.br www1.folha.uol.com.br
tm.jsuol.com.br
tm.uol.com.br
5 se-de-fr-ect.adtooxcloud.com efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
www1.folha.uol.com.br
5 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
4 displaycompiler.adtooxcirrus.com efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
displaycompiler.adtooxcirrus.com
4 sync.search.spotxchange.com 4 redirects
4 tpc.googlesyndication.com efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
4 efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 adservice.google.de securepubads.g.doubleclick.net
4 stc.uol.com jsuol.com.br
www1.folha.uol.com.br
4 www.gstatic.com news.google.com
www.gstatic.com
3 www.googletagservices.com efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
3 www.google-analytics.com me.jsuol.com.br
www.google-analytics.com
www1.folha.uol.com.br
3 social.folha.com.br static.folha.uol.com.br
3 paywall.folha.uol.com.br static.folha.uol.com.br
www1.folha.uol.com.br
2 pagead2.googlesyndication.com srcdoc
www.googletagservices.com
2 imasdk.googleapis.com s.dynad.net
imasdk.googleapis.com
2 www.compassbr.com efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
2 s.dynad.net t.dynad.net
2 sync-t1.taboola.com am-match.taboola.com
imprammp.taboola.com
2 match.adsrvr.org am-match.taboola.com
imprammp.taboola.com
2 taboola-supply-partners.tremorhub.com am-match.taboola.com
imprammp.taboola.com
2 imprammp.taboola.com t.co
vidstat.taboola.com
2 s16.tiktokcdn.com www.tiktok.com
2 15.taboola.com cdn.taboola.com
2 connect.facebook.net static.folha.uol.com.br
connect.facebook.net
2 platform.twitter.com static.folha.uol.com.br
platform.twitter.com
2 trc.taboola.com cdn.taboola.com
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
1 pubads.g.doubleclick.net imasdk.googleapis.com
1 s0.2mdn.net imasdk.googleapis.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 www.google.de www1.folha.uol.com.br
1 www.google.com www1.folha.uol.com.br
1 estudio.folha.uol.com.br efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
1 c3.taboola.com www1.folha.uol.com.br
1 am-vid-events.taboola.com www1.folha.uol.com.br
1 am-match.taboola.com vidstat.taboola.com
1 stats.g.doubleclick.net www.google-analytics.com
1 syndication.twitter.com platform.twitter.com
1 disclaimer-api.goadopt.io tag.goadopt.io
1 tt-12340-4.seg.t.tailtarget.com tm.jsuol.com.br
1 www.facebook.com connect.facebook.net
1 imguol.com www1.folha.uol.com.br
1 am-trc-events.taboola.com www1.folha.uol.com.br
1 t.dynad.net t.co
1 me.jsuol.com.br tm.jsuol.com.br
1 tag.goadopt.io t.co
1 tm.uol.com.br tm.jsuol.com.br
1 sf-hs-sg.ibytedtos.com www.tiktok.com
1 fonts.gstatic.com news.google.com
1 comentarios1.folha.uol.com.br static.folha.uol.com.br
1 stats1.folha.uol.com.br www1.folha.uol.com.br
1 gadasource.storage.googleapis.com www1.folha.uol.com.br
1 sf16-scmcdn-sg.ibytedtos.com www1.folha.uol.com.br
1 www.tiktok.com 1 redirects
1 mab.chartbeat.com static.chartbeat.com
1 jsuol.com.br www1.folha.uol.com.br
1 static.chartbeat.com www1.folha.uol.com.br
1 www1.folha.uol.com.br t.co
1 t.co
0 adserver-us.adtech.advertising.com Failed tm.jsuol.com.br
0 ivccf.ivcbrasil.org.br Failed www1.folha.uol.com.br
249 77
Subject Issuer Validity Valid
t.co
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-02-04
a year crt.sh
*.folha.uol.com.br
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-02-12 -
2022-02-12
a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018
2021-05-20 -
2022-06-03
a year crt.sh
1932607008.rsc.cdn77.org
R3
2021-11-04 -
2022-02-02
3 months crt.sh
*.jsuol.com.br
RapidSSL RSA CA 2018
2020-06-05 -
2022-08-04
2 years crt.sh
f.i.uol.com.br
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-10-15 -
2022-11-12
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-28 -
2022-12-29
a year crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA 2020
2021-03-22 -
2022-04-23
a year crt.sh
*.scorecardresearch.com
Amazon
2021-02-28 -
2022-03-29
a year crt.sh
*.folha.com.br
GeoTrust RSA CA 2018
2021-07-06 -
2022-07-14
a year crt.sh
*.news.google.com
GTS CA 1C3
2021-11-08 -
2022-01-31
3 months crt.sh
*.storage.googleapis.com
GTS CA 1C3
2021-11-08 -
2022-01-31
3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2021-10-20 -
2022-10-19
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-09-21 -
2021-12-20
3 months crt.sh
*.google.com
GTS CA 1C3
2021-11-08 -
2022-01-31
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-11-08 -
2022-01-31
3 months crt.sh
*.ibytedtos.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2020-08-21 -
2022-08-22
2 years crt.sh
*.uol.com.br
Amazon
2021-09-04 -
2022-10-03
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-11-08 -
2022-01-31
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-05-01 -
2022-04-30
a year crt.sh
*.dynad.net
RapidSSL RSA CA 2018
2020-05-11 -
2022-07-10
2 years crt.sh
stc.uol.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-03-30 -
2022-03-30
a year crt.sh
*.imguol.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-08-13 -
2022-08-13
a year crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA
2021-05-26 -
2022-06-25
a year crt.sh
*.tiktokcdn.com
RapidSSL RSA CA 2018
2020-06-11 -
2022-06-12
2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-02-04
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2021-03-30 -
2022-04-04
a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-10-14 -
2022-04-06
6 months crt.sh
*.google.de
GTS CA 1C3
2021-11-08 -
2022-01-31
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-11-08 -
2022-01-31
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-11-08 -
2022-01-31
3 months crt.sh
www.google.com
GTS CA 1C3
2021-11-08 -
2022-01-31
3 months crt.sh
www.google.de
GTS CA 1C3
2021-11-08 -
2022-01-31
3 months crt.sh
*.tremorhub.com
Amazon
2021-06-27 -
2022-07-26
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
compassbr.com
Go Daddy Secure Certificate Authority - G2
2021-10-27 -
2022-11-28
a year crt.sh
*.adtooxcirrus.com
Sectigo RSA Organization Validation Secure Server CA
2021-09-22 -
2022-10-17
a year crt.sh
upload.video.google.com
GTS CA 1C3
2021-11-08 -
2022-01-31
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2021-11-08 -
2022-01-31
3 months crt.sh
*.adtooxcloud.com
Sectigo RSA Organization Validation Secure Server CA
2021-09-30 -
2022-10-24
a year crt.sh

This page contains 15 frames:

Primary Page: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Frame ID: 7E7B633C3FB7C12060182CC9A0AC67C0
Requests: 162 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=455389
Frame ID: 6AB8701BEAE8550CFEB796816E605026
Requests: 13 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww1.folha.uol.com.br
Frame ID: E7A74982CFD7D1B20E2238FAC00839DD
Requests: 2 HTTP requests in this frame

Frame: https://tm.uol.com.br/mercurio.html
Frame ID: 94529E08B62844FFF38D90A74F119B29
Requests: 2 HTTP requests in this frame

Frame: https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1FAA59E4B85647CF0DF8E10C28C45112
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=6BA07D7679544977981428414634&cicmp=1337627&cijs=1&dast=V7Hb8CFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHGzZhEHYj3my3XI1Gy91uudstNpPVYLTbLSFhFovFaDJbDadgsIXP6e5ugweaTofPda_X_X6PucxvNjrsqr_ZrvG77RLLXw4AAAAADwBELdEQO74N7REAAAAAEjwj1woUARX_FgIXAAAAABgABGLhGgBQHAnytPs8R5fT7Q8AgAcFEAAAAYwQADFlIhEAAACAEQAAAAASAIHEwhIAh7tFEwCAgL5Z-q2UEwAAgIM6madtlv____8YgLz3JhkAirSNG4MegAcfgAchAACAj6HiWpamUVzoDaKCwyJGAAAAAKh3GcdHkzqhsqj6____twK4AgAI6Jul3xrKujkpZg0DAAAAGFugh8XvNzvsGr_bZf__________Zv9nAGhCQQAAaUD49cNqPCPXCmu_gAAAbO8GAPAmABdzAHYAAAAAd_____95AAAABXuUbK_VePYo630GW_ic7u76TdhitJpMNsvhbLmYDIaj4Wi0P4GcDXAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoN8aDqXDqfV6fiwXxczn3twUeHmA3nisVyLlnNFcvlKgEAAAAAAAAALGHKvAkAAADAaRCz2WS3W3HjzZ4JYq1WyxoAAACAWzdy!&excid=22&tst=1&docw=0&cs=false
Frame ID: E153BA5345A950DEB844140DF7E1BB11
Requests: 1 HTTP requests in this frame

Frame: https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 68C2D3BA7A4B492B012E4047E82D1E57
Requests: 11 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66518135&crid=6356265&dast=V7DtUCFgNkcd9ksdK9zgRkcd9ksdK9zgUAAAAGBvQHG7bcDGczzogymiyGm9luNxwNV7vRZjVZDWHDlpvhbMYZUUaTxXAz2-12i9VmNdiNNsMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW8ITETT6fC57vW63-8xl_nNRodd9TfbNX63XWL5a_ymp8npsPv9ksFksVdM9pqn6eV5i_xutdPu9JxelqffLXK4NQ_XyeVWuUV-t8Zvd3lML7fm9XlrHi63W-R3KyxvheHveWteh7_n9HcrTA_H6-UWOjxel-WuOZreZjsAAAAAPACA9adA_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKDQ-aQBAcSTI0-7zHF1Otz8AAB4UQAAABDBIAA56P0sAWjI7TwAAAAAAAAAAWP7___9jBuz572QG-ldSegAefAAeiApWixgBAAAAoN5lHB9N6oTKogoAgCDdCuAKACCgb5Z-KyAMAACAQExNsy7m113rcGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJBQEApAHh1w-r_QICAKz9AgIAsKkbAMCbAFzINaDpdPhc93rRXeP3i46gFYPB6hRis1wMFoPlcjk7AAAAgLv___9_PDXNuphfd61DPRAcjZbLzWZlsnk8LuNqt3I4Rg7PbDMcbDwm52i4PXiQkMgIY5vhvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTyNkAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhbmMxLUaj1VpiG3ncosXC5ZaYRs61bjcymRau4XAwMqxFr4_pODFsXKaFFQ_m43LuaxcuCgYQ7kVwkU5kfrPRYXJ5Dg_X2e-W-c1Gh8nlOTxcZ79FLNGcLNKJ7LIvjkbL5WazMtk8HpdxtVs5HCOHZ7YZDjYek3M03Pc2FtNiNFqtJbaRxy1aLFxuiWnkXOt2I5Np4RoOByPDWvT6mI4Tw8ZlWvgbs81yNFjMdqN9Y7ZZjgaL2W607_D4jr7tzuqR-cTDtF8xMx8ULoPF-5OYFtPu7OA5-45OndSkLOqMwp_36DUoPAeP6SB8WU6rm3U6m-i8B4MilghOF-lE9DKeLmKJ5GmRThSrhWFjsm0Wi5FzZFu4DMPJyDfaLCwWk2232S0mYonSdJFO9Bq_6WlyOux-v2QwWewVk73maXp53iK_W-20Oz2nl-Xpd4scbs3DdXK5VW6R363x210e08uteX3emofL7Rb53QrLW2H4e96a1-HvOf3dCtPD8Xq5hQ6P12W5a46mt9mi_qNDzIZzxWI5l6zmiuVylQAAAAAAAAAAljBn3gQAAADgNKjBbrJcLRegIkdUFxgEAAAAAABgNxwuaRPGF_K1uPHjDfObjQ6Ty3N4uM5-t8xvNjpMLs_h4Tr7rQxQgbPHvNkzQazValkDAAAIYAMAAARw6-YtILySAw!&cmcv=&pix=undefined&cb=1639401676020&uv=101685172&tms=1639401676020&abt=adh5c-1_vA!ecp_vC!eidc_vB!iiqd_vA!iiqd_vB!pl102079-002_vC!scec9_vB!spa2_vA!t45!ufm_vE!ul101685-172_vA&ru=https://t.co/&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=69386F3D2421836778485743525&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: C8D54260C52AE177E30AE1DA283C351A
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7DtUCFgNkcd9ksdK9zgRkcd9ksdK9zgUAAAAGBvQHG7bcDGczzogymiyGm9luNxwNV7vRZjVZDWHDlpvhbMYZUUaTxXAz2-12i9VmNdiNNsMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW8ITETT6fC57vW63-8xl_nNRodd9TfbNX63XWL5a_ymp8npsPv9ksFksVdM9pqn6eV5i_xutdPu9JxelqffLXK4NQ_XyeVWuUV-t8Zvd3lML7fm9XlrHi63W-R3KyxvheHveWteh7_n9HcrTA_H6-UWOjxel-WuOZreZjsAAAAAPACA9adA_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKDQ-aQBAcSTI0-7zHF1Otz8AAB4UQAAABDBIAA56P0sAWjI7TwAAAAAAAAAAWP7___9jBuz572QG-ldSegAefAAeiApWixgBAAAAoN5lHB9N6oTKogoAgCDdCuAKACCgb5Z-KyAMAACAQExNsy7m113rcGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJBQEApAHh1w-r_QICAKz9AgIAsKkbAMCbAFzINaDpdPhc93rRXeP3i46gFYPB6hRis1wMFoPlcjk7AAAAgLv___9_PDXNuphfd61DPRAcjZbLzWZlsnk8LuNqt3I4Rg7PbDMcbDwm52i4PXiQkMgIY5vhvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTyNkAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhbmMxLUaj1VpiG3ncosXC5ZaYRs61bjcymRau4XAwMqxFr4_pODFsXKaFFQ_m43LuaxcuCgYQ7kVwkU5kfrPRYXJ5Dg_X2e-W-c1Gh8nlOTxcZ79FLNGcLNKJ7LIvjkbL5WazMtk8HpdxtVs5HCOHZ7YZDjYek3M03Pc2FtNiNFqtJbaRxy1aLFxuiWnkXOt2I5Np4RoOByPDWvT6mI4Tw8ZlWvgbs81yNFjMdqN9Y7ZZjgaL2W607_D4jr7tzuqR-cTDtF8xMx8ULoPF-5OYFtPu7OA5-45OndSkLOqMwp_36DUoPAeP6SB8WU6rm3U6m-i8B4MilghOF-lE9DKeLmKJ5GmRThSrhWFjsm0Wi5FzZFu4DMPJyDfaLCwWk2232S0mYonSdJFO9Bq_6WlyOux-v2QwWewVk73maXp53iK_W-20Oz2nl-Xpd4scbs3DdXK5VW6R363x210e08uteX3emofL7Rb53QrLW2H4e96a1-HvOf3dCtPD8Xq5hQ6P12W5a46mt9mi_qNDzIZzxWI5l6zmiuVylQAAAAAAAAAAljBn3gQAAADgNKjBbrJcLRegIkdUFxgEAAAAAABgNxwuaRPGF_K1uPHjDfObjQ6Ty3N4uM5-t8xvNjpMLs_h4Tr7rQxQgbPHvNkzQazValkDAAAIYAMAAARw6-YtILySAw!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 8A2FCD4E4B4348FF37D4B0B020668E80
Requests: 4 HTTP requests in this frame

Frame: https://s.dynad.net/stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69
Frame ID: EA647ECC7927D2C67F1131ECFF9855CF
Requests: 1 HTTP requests in this frame

Frame: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
Frame ID: 29CF6DA053C0AA08EBC9C4F5F5143C0E
Requests: 5 HTTP requests in this frame

Frame: https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0E5ABD537DEED258E00015EF0CAE1C07
Requests: 21 HTTP requests in this frame

Frame: https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0C1F129F78564F97E8BF13F496538136
Requests: 23 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.491.0_pt_br.html
Frame ID: 5A9000BBCC8EAD4C6153003434A035D2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 15B4B65AC2AA6C06AD34740C9452BE5B
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Ataque hacker tira do ar sites do Ministério da Saúde e do Conecte SUS - 10/12/2021 - Cotidiano - FolhaUnited States of America flagOuvir o textoic_saveic_shareÍcone fecharÍcone FacebookÍcone WhatsappÍcone TwitterÍcone de messengerÍcone LinkedinÍcone de envelopeÍcone de linkÍcone fecharÍcone fecharÍcone fecharÍcone alerta

Page URL History Show full URLs

  1. https://t.co/vavbHZiQMK Page URL
  2. https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-a... Page URL

Page Statistics

249
Requests

94 %
HTTPS

62 %
IPv6

40
Domains

77
Subdomains

57
IPs

7
Countries

3318 kB
Transfer

11408 kB
Size

33
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/vavbHZiQMK Page URL
  2. https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://www.tiktok.com/embed.js HTTP 302
  • https://sf16-scmcdn-sg.ibytedtos.com/goofy/tiktok/falcon/embed/embed_v0.0.8.js
Request Chain 43
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1639401674936&ns_c=UTF-8&cv=3.5&c8=Ataque%20hacker%20tira%20do%20ar%20sites%20do%20Minist%C3%A9rio%20da%20Sa%C3%BAde%20e%20do%20Conecte%20SUS%20-%2010%2F12%2F2021%20-%20Cotidiano%20-%20Folha&c7=https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Dcomptw&c9=https%3A%2F%2Ft.co%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1639401674936&ns_c=UTF-8&cv=3.5&c8=Ataque%20hacker%20tira%20do%20ar%20sites%20do%20Minist%C3%A9rio%20da%20Sa%C3%BAde%20e%20do%20Conecte%20SUS%20-%2010%2F12%2F2021%20-%20Cotidiano%20-%20Folha&c7=https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Dcomptw&c9=https%3A%2F%2Ft.co%2F
Request Chain 147
  • https://sb.scorecardresearch.com/cs/6036356/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 167
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=8d02ef4a-5c17-11ec-af3a-1ac054420106 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=8d036f86-5c17-11ec-99b0-1093d7b30206&orig=video&us_privacy=1---gdpr=1&
Request Chain 170
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=8d036fd6-5c17-11ec-99b0-1093d7b30206 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=8d036f86-5c17-11ec-99b0-1093d7b30206&orig=video&us_privacy=1---gdpr=1&

249 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
vavbHZiQMK
t.co/
756 B
740 B
Document
General
Full URL
https://t.co/vavbHZiQMK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 13 Dec 2021 13:21:11 GMT
vary
Origin
server
tsa_o
expires
Mon, 13 Dec 2021 13:26:12 GMT
content-type
text/html; charset=utf-8
cache-control
private,max-age=300
content-length
306
content-encoding
gzip
x-xss-protection
0
strict-transport-security
max-age=0
x-response-time
120
x-connection-hash
ee61af1d233ba737369fa3a7939941d9d5e2ac6800d33bd288f888244b1f7c06
Primary Request sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml
www1.folha.uol.com.br/cotidiano/2021/12/
370 KB
100 KB
Document
General
Full URL
https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Requested by
Host: t.co
URL: https://t.co/vavbHZiQMK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2804:49c:319:430::339 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software
nginx /
Resource Hash
c9267a35f1b0c26590e326c316d08ef1d1c3daad8721067a2d0f01401a9921da

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://t.co/

Response headers

server
nginx
date
Mon, 13 Dec 2021 13:21:12 GMT
content-type
text/html
vary
Accept-Encoding
cache-control
max-age=60
x-varnish
529161655
age
0
via
CacheUOL
x-cache
MISS
content-encoding
gzip
chartbeat_mab_image.js
static.chartbeat.com/js/
22 KB
9 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat_mab_image.js
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1800:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bdbb3b88367e0dc7f2af34b3bb701fe2523c8653a48cdfd8aaf67c2d1e18b76d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 11:30:36 GMT
content-encoding
gzip
last-modified
Thu, 21 Jan 2021 20:17:30 GMT
server
nginx
age
6637
etag
W/"6009e15a-5976"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
wLxBdleAweZ4QNJ-ihcrPhMZDUXgsC3jPNN1oCK4CwbUtwlRx0DHxQ==
expires
Mon, 13 Dec 2021 13:30:36 GMT
portal-common-408afdec53.css
static.folha.uol.com.br/storybook/css/
328 KB
63 KB
Stylesheet
General
Full URL
https://static.folha.uol.com.br/storybook/css/portal-common-408afdec53.css
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
alunosonline.com.br
Software
nginx /
Resource Hash
a4634dd20f48502ffdd571e63784d2a42bc9cd40acb0287c0577ed424daec46b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:13 GMT
via
CacheUOL
last-modified
Thu, 09 Dec 2021 11:11:20 GMT
server
nginx
age
353074
etag
W/"8d0145-52159-5d2b4aa7fc600"
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
x-varnish
282321996 1045587087
content-encoding
gzip
expires
Tue, 13 Dec 2022 13:21:13 GMT
portal-news-4133b436a6.css
static.folha.uol.com.br/storybook/css/
57 KB
12 KB
Stylesheet
General
Full URL
https://static.folha.uol.com.br/storybook/css/portal-news-4133b436a6.css
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
alunosonline.com.br
Software
nginx /
Resource Hash
9db4f551df1248b5789e6513473a14352ce6d1a771aa0f05a19014d01e1f806e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:13 GMT
via
CacheUOL
last-modified
Thu, 09 Dec 2021 11:51:40 GMT
server
nginx
age
2050
etag
W/"8cffd0-e4ed-5d2b53abe0b00"
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
x-varnish
1351388 753667
content-encoding
gzip
expires
Tue, 13 Dec 2022 13:21:13 GMT
ReadSpeaker.js
f1-na.readspeaker.com/script/6877/
9 KB
4 KB
Script
General
Full URL
https://f1-na.readspeaker.com/script/6877/ReadSpeaker.js?pids=embhl,custom
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::13 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f5a79050187027c8758bea038fff4b90bf5243a41c8732f616b5bb3a35ecb4ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt
AcO1qQEJUWf/QcwIAA==
x-accel-expires
@1639473096
date
Mon, 13 Dec 2021 13:21:13 GMT
content-encoding
br
etag
W/"2563-5c4c926a37cc6"
last-modified
Tue, 15 Jun 2021 07:44:59 GMT
server
CDN77-Turbo
x-77-nzt-ray
bQrZb1KbbFk=
x-77-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
x-cache
HIT
x-age
576577
x-77-pop
newyorkUSNY
firebase-app.js
static.folha.uol.com.br/folha/js/push/
34 KB
14 KB
Script
General
Full URL
https://static.folha.uol.com.br/folha/js/push/firebase-app.js
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
alunosonline.com.br
Software
nginx /
Resource Hash
526002150ce50b7a0fe875a32a2bf84ce2e78ce38282f3186eeab4f8aac64a1a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:13 GMT
via
CacheUOL
last-modified
Thu, 07 Feb 2019 18:05:18 GMT
server
nginx
age
922369
etag
W/"aa9924-87f3-58151af5d1380"
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-varnish
572129486 152537372
content-encoding
gzip
expires
Tue, 13 Dec 2022 13:21:13 GMT
firebase-messaging.js
static.folha.uol.com.br/folha/js/push/
35 KB
12 KB
Script
General
Full URL
https://static.folha.uol.com.br/folha/js/push/firebase-messaging.js
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
alunosonline.com.br
Software
nginx /
Resource Hash
6846163ecc308489cad10a3b8b47d6b8d2ff43a63b9d1b71fa944940c07da83d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:13 GMT
via
CacheUOL
last-modified
Thu, 07 Feb 2019 18:05:18 GMT
server
nginx
age
922430
etag
W/"c92dbb-8b2f-58151af5d1380"
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-varnish
120293600 1069362440
content-encoding
gzip
expires
Tue, 13 Dec 2022 13:21:13 GMT
parceiro-async.js
jsuol.com.br/barra/
13 KB
4 KB
Script
General
Full URL
https://jsuol.com.br/barra/parceiro-async.js?parceiro=folha
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2804:49c:3101:401:ffff:ffff:ffff:50 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
b7b62f2446d15d4dd07cec4fce5b7b0122d25e9bf003d648fe06c884238b44fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 12:50:17 GMT
server
marrakesh 1.16.6
etag
965c50179a56830a662facdbee0ec84f
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET, HEAD
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
access-control-allow-origin
*
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, private, proxy-revalidate, no-transform
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
content-length
3690
expires
Mon, 13 Dec 2021 14:21:15 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/
274 B
557 B
XHR
General
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=folha.com.br&domain=www1.folha.uol.com.br&path=%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab_image.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3d08158222067537c592c1c84ae8b8c950007f0c423f7fb92b6e51f7fa375284

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:13 GMT
content-encoding
gzip
x-cache-hits
0
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
203
x-served-by
cache-fra19171-FRA
access-control-allow-origin
*
x-timer
S1639401673.395957,VS0,VE145
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
via
1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sat, 11 Dec 2021 13:21:13 GMT
spin.gif
f.i.uol.com.br/hunting/furniture/1/common/icons/
36 KB
36 KB
Image
General
Full URL
https://f.i.uol.com.br/hunting/furniture/1/common/icons/spin.gif
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2804:49c:3101:405:ffff:ffff:ffff:20 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software
nginx /
Resource Hash
1e55e647e6f1993ac6a077841a9c88ea455b53e72c60cf9d0e9e7f023e6b82c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
last-modified
Wed, 27 Jul 2016 19:56:58 GMT
server
nginx
age
98823393
etag
"8ece-538a36b811680"
access-control-allow-methods
GET, HEAD
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
x-varnish
2667045122 2659943375
x-cache
HIT
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
content-length
36558
expires
Sat, 27 Oct 2018 18:24:56 GMT
portal-common-fa9121594c.js
static.folha.uol.com.br/storybook/js/
358 KB
129 KB
Script
General
Full URL
https://static.folha.uol.com.br/storybook/js/portal-common-fa9121594c.js
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
alunosonline.com.br
Software
nginx /
Resource Hash
ca093bc5b18e400067cb18c7f3efead5b4e915d3cd23cd7523ce99188f19c8d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:14 GMT
via
CacheUOL
last-modified
Thu, 09 Dec 2021 11:51:43 GMT
server
nginx
age
2051
etag
W/"dafcea-598c9-5d2b53aebd1c0"
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-varnish
3035950 426061
content-encoding
gzip
expires
Tue, 13 Dec 2022 13:21:14 GMT
portal-news-cc240c898b.js
static.folha.uol.com.br/storybook/js/
388 KB
140 KB
Script
General
Full URL
https://static.folha.uol.com.br/storybook/js/portal-news-cc240c898b.js
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
alunosonline.com.br
Software
nginx /
Resource Hash
ce4d52171bc885026ff87cfbd134b7a8af9636f7e884a7ffc3a03339eaa1df55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:14 GMT
via
CacheUOL
last-modified
Thu, 09 Dec 2021 11:51:42 GMT
server
nginx
age
2048
etag
W/"dafcef-6102e-5d2b53adc8f80"
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-varnish
902415 655425
content-encoding
gzip
expires
Tue, 13 Dec 2022 13:21:14 GMT
stats.js
static.folha.uol.com.br/plugins/stats/1.0/
792 B
756 B
Script
General
Full URL
https://static.folha.uol.com.br/plugins/stats/1.0/stats.js
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
alunosonline.com.br
Software
nginx /
Resource Hash
2eca349bb253979f54287e500987c87a4737fffe60d706808c00fc175a5f4b41

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:14 GMT
via
CacheUOL
last-modified
Mon, 26 Apr 2021 22:11:22 GMT
server
nginx
age
922356
etag
W/"a5e44c-318-5c0e76cfc3680"
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-varnish
557441771 132251339
content-encoding
gzip
expires
Tue, 13 Dec 2022 13:21:14 GMT
firebase-init.js
static.folha.uol.com.br/folha/js/push/
5 KB
2 KB
Script
General
Full URL
https://static.folha.uol.com.br/folha/js/push/firebase-init.js?2019011701
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
alunosonline.com.br
Software
nginx /
Resource Hash
91a7a1a2008d57f6b15cd87f964a0ba62be6c3d721ce20f885b8f5eff2605200

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:14 GMT
via
CacheUOL
last-modified
Tue, 16 Jul 2019 17:34:53 GMT
server
nginx
age
922418
etag
W/"cbaaa2-142c-58dcfcb5a6940"
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-varnish
33106177 120653563
content-encoding
gzip
expires
Tue, 13 Dec 2022 13:21:14 GMT
embed_v0.0.8.js
sf16-scmcdn-sg.ibytedtos.com/goofy/tiktok/falcon/embed/
Redirect Chain
  • https://www.tiktok.com/embed.js
  • https://sf16-scmcdn-sg.ibytedtos.com/goofy/tiktok/falcon/embed/embed_v0.0.8.js
46 KB
16 KB
Script
General
Full URL
https://sf16-scmcdn-sg.ibytedtos.com/goofy/tiktok/falcon/embed/embed_v0.0.8.js
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
50f198c4c8deabd496e3f6674504214a643b120144697fe02126143ed2031eb3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-akamai-request-id
170af35c
date
Mon, 13 Dec 2021 13:21:15 GMT
content-encoding
gzip
vary
Accept-Encoding
x-expires-ms
1630900091346
content-md5
PNa66oDUrEHeL1+9pJ6CAQ==
x-cache
TCP_MEM_HIT from a2-16-186-7.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-bdcdn-cache-status
TCP_HIT
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=0
content-length
15230
x-tos-request-id
5cd46a358f7a87e1-af54016
x-tos-response-time
Mon, 06 Sep 2021 03:48:10 GMT
last-modified
Mon, 06 Sep 2021 03:48:05 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=23034420
access-control-allow-credentials
false
x-tt-trace-host
017c418e7aba803b13e98202fffe01219379c020c61390f66daa1df131338ea9c14212e58b2e9eda76abd4bcafeb21210e7357525eefc4e9adac1d654d43e5a5456e1029ca17c7dbbe2b7910d142e621462d19ba2cde96a7deccf88458dfcb1a7f62857ca36a5d8e8358873b332286aba4047337b1839989ac8a2812623211aabf
timing-allow-origin
*
access-control-allow-headers
*

Redirect headers

x-akamai-request-id
2187bbd8
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-janus-mini-api-forward
Janus-Mini(fast)
x-cache
TCP_MISS from a2-16-186-22.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
server-timing
inner; dur=299, cdn-cache; desc=MISS, edge; dur=0, origin; dur=388
content-length
187
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge,chrome=1
pragma
no-cache
server
nginx
x-tt-logid
202112131321140102230660351612C05E
date
Mon, 13 Dec 2021 13:21:15 GMT
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
location
https://sf16-scmcdn-sg.ibytedtos.com/goofy/tiktok/falcon/embed/embed_v0.0.8.js
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
388,2.16.186.22
x-tt-trace-host
01ad69072240ce97ab40ebb36bd26f6fd1bf62ae45f6f740b7466fe3b28aea1a1073570dc0b32cc1838dbfd729842ff89a23fca981e05f0227b470ea4cb2c11ef90074727ce6025ca8c827dc8a1ae04967a021465b76801efde4aabde008fecfbc
expires
Mon, 13 Dec 2021 13:21:15 GMT
loader.js
cdn.taboola.com/libtrc/folhadespaulo-network/
725 KB
42 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/folhadespaulo-network/loader.js
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0db5318410d235e626a560cc516c9cb237b1a8c400b8f246c9a75b53e917c6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
_NzkvlegsiBgLLP2uR5NdH15S.cs977G
content-encoding
gzip
etag
"5d0c9cf0c40e0d911aef22ec5b6dc0b2"
age
1947
x-cache
HIT
content-length
42577
x-amz-id-2
rI2p8z8aQ97CVRsidOkIgYWcj5VXyg/KEGmtaoDdPtGmqDv7o7CdJE9mv166YBYV3WP+FOVljhE=
x-served-by
cache-fra19120-FRA
last-modified
Mon, 13 Dec 2021 12:48:31 GMT
server
AmazonS3
x-timer
S1639401675.635958,VS0,VE1
date
Mon, 13 Dec 2021 13:21:14 GMT
vary
Accept-Encoding
x-amz-request-id
XQEDQ69KCZY53ZDB
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
88
x-cache-hits
1
ReadSpeaker.Styles.css
f1-na.readspeaker.com/script/6877/
21 KB
4 KB
Stylesheet
General
Full URL
https://f1-na.readspeaker.com/script/6877/ReadSpeaker.Styles.css?v=2.5.16.6672
Requested by
Host: f1-na.readspeaker.com
URL: https://f1-na.readspeaker.com/script/6877/ReadSpeaker.js?pids=embhl,custom
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::13 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0aaca9bc3dde7d71787fce0fd2859da652434dd08d1e837abde8d1a65433d87f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Mon, 13 Dec 2021 13:21:14 GMT
content-encoding
br
x-77-nzt-ray
M9N368ZIExc=
x-77-cache
HIT
x-cache
HIT
x-age
14154
x-77-nzt
AcO1qQHbTIj/SjcAAA==
x-accel-expires
@1639473920
last-modified
Mon, 01 Feb 2021 12:24:38 GMT
server
CDN77-Turbo
etag
W/"52ce-5ba457005d989"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
expires
Tue, 14 Dec 2021 09:25:20 GMT
ReadSpeaker.Core.js
f1-na.readspeaker.com/script/6877/
29 KB
9 KB
Script
General
Full URL
https://f1-na.readspeaker.com/script/6877/ReadSpeaker.Core.js?v=2.5.16.6672
Requested by
Host: f1-na.readspeaker.com
URL: https://f1-na.readspeaker.com/script/6877/ReadSpeaker.js?pids=embhl,custom
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::13 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b1077fe05a8a2eae432916d52ad1edce698b5ee5cc97f988a28ffe421f24437a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt
AcO1qQEWpwL/VMwIAA==
x-accel-expires
@1639473078
date
Mon, 13 Dec 2021 13:21:14 GMT
content-encoding
br
etag
W/"735e-5ba47dc1ddeb5"
last-modified
Mon, 01 Feb 2021 15:18:01 GMT
server
CDN77-Turbo
x-77-nzt-ray
CN/C4kZj1tY=
x-77-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
x-cache
HIT
x-age
576596
x-77-pop
newyorkUSNY
ReadSpeaker.pub.Config.js
f1-na.readspeaker.com/script/6877/
19 KB
6 KB
Script
General
Full URL
https://f1-na.readspeaker.com/script/6877/ReadSpeaker.pub.Config.js?v=2.5.16.6672
Requested by
Host: f1-na.readspeaker.com
URL: https://f1-na.readspeaker.com/script/6877/ReadSpeaker.js?pids=embhl,custom
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::13 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d5a74380995358a1c9116a783a2a0819237f3e4401aa82bc7f0105e1ecc87453

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt
AcO1qQG86Mn/QswIAA==
x-accel-expires
@1639473096
date
Mon, 13 Dec 2021 13:21:14 GMT
content-encoding
br
etag
W/"4c8b-576b10105ce80"
last-modified
Tue, 25 Sep 2018 12:11:22 GMT
server
CDN77-Turbo
x-77-nzt-ray
ATZGYwwurv8=
x-77-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
x-cache
HIT
x-age
576578
x-77-pop
newyorkUSNY
Folha_Grafico-Regular.woff2
static.folha.uol.com.br/fonts/hunting/folha-grafico/
19 KB
19 KB
Font
General
Full URL
https://static.folha.uol.com.br/fonts/hunting/folha-grafico/Folha_Grafico-Regular.woff2?20200213
Requested by
Host: static.folha.uol.com.br
URL: https://static.folha.uol.com.br/storybook/css/portal-common-408afdec53.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
alunosonline.com.br
Software
nginx /
Resource Hash
11a53e846f05b00ab8809a02d72580090c0dbfce59e6eefd4c159d70461b88c3

Request headers

Referer
https://static.folha.uol.com.br/storybook/css/portal-common-408afdec53.css
Origin
https://www1.folha.uol.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
via
CacheUOL
last-modified
Mon, 27 Jan 2020 18:27:09 GMT
server
nginx
age
922412
etag
"aa2505-4b0c-59d2341541940"
x-cache
HIT
x-varnish
145819566 296617447
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
19212
expires
Tue, 13 Dec 2022 13:21:15 GMT
Folha_Grafico-Medium.woff2
static.folha.uol.com.br/fonts/hunting/folha-grafico/
19 KB
19 KB
Font
General
Full URL
https://static.folha.uol.com.br/fonts/hunting/folha-grafico/Folha_Grafico-Medium.woff2?20200213
Requested by
Host: static.folha.uol.com.br
URL: https://static.folha.uol.com.br/storybook/css/portal-common-408afdec53.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
alunosonline.com.br
Software
nginx /
Resource Hash
f7d18dc71c2cca5cfd7c7b4fbf56ef0bd7e05d43d0b87dcf6aa64a01419c8e8a

Request headers

Referer
https://static.folha.uol.com.br/storybook/css/portal-common-408afdec53.css
Origin
https://www1.folha.uol.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
via
CacheUOL
last-modified
Mon, 27 Jan 2020 18:27:09 GMT
server
nginx
age
922387
etag
"aa24fb-4adc-59d2341541940"
x-cache
HIT
x-varnish
257494355 808673906
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
19164
expires
Tue, 13 Dec 2022 13:21:15 GMT
Folha_Grafico-Bold.woff2
static.folha.uol.com.br/fonts/hunting/folha-grafico/
19 KB
19 KB
Font
General
Full URL
https://static.folha.uol.com.br/fonts/hunting/folha-grafico/Folha_Grafico-Bold.woff2?20200213
Requested by
Host: static.folha.uol.com.br
URL: https://static.folha.uol.com.br/storybook/css/portal-common-408afdec53.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
alunosonline.com.br
Software
nginx /
Resource Hash
c9d9aab53026a6d1146c4363f7bc4ba87a78e3a740b7f390f6e4352020e1c6c3

Request headers

Referer
https://static.folha.uol.com.br/storybook/css/portal-common-408afdec53.css
Origin
https://www1.folha.uol.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
via
CacheUOL
last-modified
Mon, 27 Jan 2020 18:27:09 GMT
server
nginx
age
922434
etag
"aa24ee-4b84-59d2341541940"
x-cache
HIT
x-varnish
120283759 221743468
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
19332
expires
Tue, 13 Dec 2022 13:21:15 GMT
Folha_Texto-Bold.woff2
static.folha.uol.com.br/fonts/hunting/folha-texto/
24 KB
24 KB
Font
General
Full URL
https://static.folha.uol.com.br/fonts/hunting/folha-texto/Folha_Texto-Bold.woff2?20200213
Requested by
Host: static.folha.uol.com.br
URL: https://static.folha.uol.com.br/storybook/css/portal-common-408afdec53.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
alunosonline.com.br
Software
nginx /
Resource Hash
a24493d4e17fd50c92628639d864b97ac4c0e37380091a8865b31086386bf266

Request headers

Referer
https://static.folha.uol.com.br/storybook/css/portal-common-408afdec53.css
Origin
https://www1.folha.uol.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
via
CacheUOL
last-modified
Mon, 27 Jan 2020 18:27:09 GMT
server
nginx
age
922385
etag
"aa2524-5ed0-59d2341541940"
x-cache
HIT
x-varnish
243363485 843285933
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
24272
expires
Tue, 13 Dec 2022 13:21:15 GMT
folhaii-semibold-webfont.woff
static.folha.uol.com.br/fonts/folhaii-semibold/
18 KB
18 KB
Font
General
Full URL
https://static.folha.uol.com.br/fonts/folhaii-semibold/folhaii-semibold-webfont.woff?20211005
Requested by
Host: static.folha.uol.com.br
URL: https://static.folha.uol.com.br/storybook/css/portal-common-408afdec53.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
alunosonline.com.br
Software
nginx /
Resource Hash
85beaf4b225f28a4b626cfd1b1109f0cf582e0eca2e93da820d2daa0ade6e4e9

Request headers

Referer
https://static.folha.uol.com.br/storybook/css/portal-common-408afdec53.css
Origin
https://www1.folha.uol.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
via
CacheUOL
last-modified
Mon, 04 Oct 2021 21:06:53 GMT
server
nginx
age
5328
etag
"da83a6-4650-5cd8d4ad35540"
x-cache
HIT
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
x-varnish
3104851 262153
accept-ranges
bytes
content-length
18000
expires
Tue, 13 Dec 2022 13:21:15 GMT
Folha_Texto-Light.woff2
static.folha.uol.com.br/fonts/hunting/folha-texto/
23 KB
23 KB
Font
General
Full URL
https://static.folha.uol.com.br/fonts/hunting/folha-texto/Folha_Texto-Light.woff2?20200213
Requested by
Host: static.folha.uol.com.br
URL: https://static.folha.uol.com.br/storybook/css/portal-common-408afdec53.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
alunosonline.com.br
Software
nginx /
Resource Hash
3f960551a0cdf760e25293dafc235f63c3afa08ae6a9d3ee7d774deabad8ea34

Request headers

Referer
https://static.folha.uol.com.br/storybook/css/portal-common-408afdec53.css
Origin
https://www1.folha.uol.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
via
CacheUOL
last-modified
Mon, 27 Jan 2020 18:27:09 GMT
server
nginx
age
5328
etag
"aa252e-5ab8-59d2341541940"
x-cache
HIT
x-varnish
907588 262165
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
23224
expires
Tue, 13 Dec 2022 13:21:15 GMT
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89a9e39906cdeda608497b938b33548d1ed086111a5145122028d420ef10560b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
load.js
widget.perfectmarket.com/folhadespaulo-network/
3 KB
2 KB
Script
General
Full URL
https://widget.perfectmarket.com/folhadespaulo-network/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/folhadespaulo-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ca1c26b425eff60c1f008099d9b0d2297221f122e8547950e8ca8ebdac79e4a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
egKxjqNESacHZuwPwrDLZQmj0QzdQr0t
content-encoding
gzip
etag
"18616e73efd5ec132c3ae4589db4111a"
age
326
x-cache
HIT, HIT
content-length
1158
x-amz-id-2
tl7mZoulBxRq6ExOFdXKz239HwydKYDY3ULmSRJkbEu687IaDRnmnU0LqGpKX+pcaXD8rDOZRdE=
x-served-by
cache-lax10637-LGB, cache-fra19126-FRA
last-modified
Tue, 03 Aug 2021 10:32:44 GMT
server
AmazonS3
x-timer
S1639401675.805710,VS0,VE1
date
Mon, 13 Dec 2021 13:21:14 GMT
vary
Accept-Encoding,,
x-amz-request-id
VYVZF3KW8PQ2NY11
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 1
impl.20211213-1-RELEASE.js
cdn.taboola.com/libtrc/
613 KB
126 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20211213-1-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/folhadespaulo-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9017dcbbbd80a341b7a9fb91589b3fbda77b1c4fbbcb10d27ecae336bd7f6ebd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
eKcJ2gSn947Ga2MY_3GztZb4pRbjz7As
content-encoding
br
etag
"265c77ccbb84b5864ba3ac9c2962b2df"
age
9269
x-cache
HIT
content-length
129050
x-amz-id-2
dDNIdwuWhL/tiJrgDWMhmWE/wTioUU/kghIw7rjQljcFWbgqr5Rgoa510SOdV+1kPfphTOeJdTO44czh+ptrLQ==
x-served-by
cache-fra19120-FRA
last-modified
Mon, 13 Dec 2021 10:45:41 GMT
server
AmazonS3-br
x-timer
S1639401675.775627,VS0,VE0
date
Mon, 13 Dec 2021 13:21:14 GMT
vary
Accept-Encoding
x-amz-request-id
J1EA939287HDPR4X
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
78
x-cache-hits
27222
beacon.js
sb.scorecardresearch.com/
1 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/folhadespaulo-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-75.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 03:43:24 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
34671
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
9why9lcjc3Lvyz05ZjvEByhzv6QewVU_NG3kcW62PKOOIh0XBFdYfw==
ReadSpeaker.lib.RSLib.js
f1-na.readspeaker.com/script/6877/
25 KB
9 KB
Script
General
Full URL
https://f1-na.readspeaker.com/script/6877/ReadSpeaker.lib.RSLib.js?v=2.5.16.6672
Requested by
Host: f1-na.readspeaker.com
URL: https://f1-na.readspeaker.com/script/6877/ReadSpeaker.js?pids=embhl,custom
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::13 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0e79cede02b20c3bab8736bf4457f51415177d0411d9f059beb9cd94db08d2f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt
AcO1qQE3xu//UswIAA==
x-accel-expires
@1639473080
date
Mon, 13 Dec 2021 13:21:14 GMT
content-encoding
br
etag
W/"6220-5ba456f735350"
last-modified
Mon, 01 Feb 2021 12:24:28 GMT
server
CDN77-Turbo
x-77-nzt-ray
7NBeYfjgIm8=
x-77-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
x-cache
HIT
x-age
576594
x-77-pop
newyorkUSNY
esta-logado.jsonp
paywall.folha.uol.com.br/
344 B
668 B
Script
General
Full URL
https://paywall.folha.uol.com.br/esta-logado.jsonp?callback=userfolstatus&qs=1639401674850
Requested by
Host: static.folha.uol.com.br
URL: https://static.folha.uol.com.br/storybook/js/portal-common-fa9121594c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
alunosonline.com.br
Software
nginx / PHP/5.3.3
Resource Hash
315f7d379ef6cc1e912e3f7eab92d7a5f0a896b268b00813105fe1c632215c8d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:21:14 GMT
server
nginx
x-powered-by
PHP/5.3.3
content-type
application/javascript; charset=UTF-8;
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
344
expires
Thu, 19 Nov 1981 08:52:00 GMT
count_shares
social.folha.com.br/share/
130 B
321 B
Script
General
Full URL
https://social.folha.com.br/share/count_shares?url=https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml&callback=jQuery36004867983043207458_1639401674828&_=1639401674829
Requested by
Host: static.folha.uol.com.br
URL: https://static.folha.uol.com.br/storybook/js/portal-common-fa9121594c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.147.118.15 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-118-15.static.uol.com.br
Software
Apache / PHP/5.3.3
Resource Hash
f124f29732727c8c6b214150fccd00790d8e95fc7bd068286c34cef32e4c66e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 13:21:16 GMT
Server
Apache
Connection
close
X-Powered-By
PHP/5.3.3
Content-Length
130
Content-Type
application/javascript; charset=UTF-8;
count_shares
social.folha.com.br/share/
130 B
321 B
Script
General
Full URL
https://social.folha.com.br/share/count_shares?url=https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml&callback=jQuery36004867983043207458_1639401674830&_=1639401674831
Requested by
Host: static.folha.uol.com.br
URL: https://static.folha.uol.com.br/storybook/js/portal-common-fa9121594c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.147.118.15 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-118-15.static.uol.com.br
Software
Apache / PHP/5.3.3
Resource Hash
fbdb6eec6681be6828834cbbef6925d395afbbb85a2016a01e15d3d8ac54bea0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 13:21:16 GMT
Server
Apache
Connection
close
X-Powered-By
PHP/5.3.3
Content-Length
130
Content-Type
application/javascript; charset=UTF-8;
count_shares
social.folha.com.br/share/
130 B
321 B
Script
General
Full URL
https://social.folha.com.br/share/count_shares?url=https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml&callback=jQuery36004867983043207458_1639401674832&_=1639401674833
Requested by
Host: static.folha.uol.com.br
URL: https://static.folha.uol.com.br/storybook/js/portal-common-fa9121594c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.147.118.15 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-118-15.static.uol.com.br
Software
Apache / PHP/5.3.3
Resource Hash
29d02dd9b7f49c101bea4f0893ac0aa1e33f53758c52576fbcc3f1837eadcb2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 13:21:16 GMT
Server
Apache
Connection
close
X-Powered-By
PHP/5.3.3
Content-Length
130
Content-Type
application/javascript; charset=UTF-8;
logo-folha-tempo-real-app_144px.png
f.i.uol.com.br/hunting/folha/1/common/icons/
2 KB
3 KB
Image
General
Full URL
https://f.i.uol.com.br/hunting/folha/1/common/icons/logo-folha-tempo-real-app_144px.png
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2804:49c:3101:405:ffff:ffff:ffff:20 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software
nginx /
Resource Hash
70cbdd6d70d94aecc94c8f3efffdcd61a16e554061f869b7a55c8b019c6347bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
last-modified
Thu, 09 Sep 2021 13:45:02 GMT
server
nginx
age
785055
etag
"8db316035c49ee59473ab3ec52ab3acb"
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
x-varnish
2667045120 2659035876
x-cache
HIT
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
content-length
2262
expires
Sat, 11 Dec 2021 11:17:00 GMT
swg.js
news.google.com/swg/js/v1/
139 KB
44 KB
Script
General
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7baa007c35a2be99bbefd42c149d7bf7d6b38268c7873193d497a08404fe112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:39:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2507
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44196
x-xss-protection
0
last-modified
Wed, 08 Dec 2021 19:29:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Mon, 13 Dec 2021 13:29:27 GMT
config.json
static.folha.uol.com.br/paywall/online/
42 B
333 B
Fetch
General
Full URL
https://static.folha.uol.com.br/paywall/online/config.json
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
alunosonline.com.br
Software
nginx /
Resource Hash
63c1d5db963f88dce658b71336e6a28cdcecb8d783f7440846eccdfc3bd85890

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
via
CacheUOL
last-modified
Tue, 13 Sep 2016 21:57:22 GMT
server
nginx
age
922441
etag
W/"a12ed2-2a-53c6ab2789480"
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
x-varnish
121927886 330957699
content-encoding
gzip
expires
Tue, 13 Dec 2022 13:21:15 GMT
ivc.js
gadasource.storage.googleapis.com/
71 KB
24 KB
Script
General
Full URL
https://gadasource.storage.googleapis.com/ivc.js
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:34:10 GMT
content-encoding
gzip
age
2824
x-guploader-uploadid
ADPycdtettFjigm5By0nYAK8BxIZ7R6jyuccEeloZWZWMxenqCWkDLCsJKqfOzdsIV-Mjb3AotRZ_tykjIAxkpZNG5fUwCTd1g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24321
last-modified
Mon, 02 Sep 2019 19:50:51 GMT
server
UploadServer
etag
"cdaa61cbc24c48191196b45b31a7e18b"
vary
Accept-Encoding
x-goog-hash
crc32c=okr5pw==, md5=zaphy8JMSBkRlrRbMafhiw==
x-goog-generation
1567453851562424
cache-control
public, max-age=3600
x-goog-stored-content-length
24321
accept-ranges
bytes
content-type
text/plain
expires
Mon, 13 Dec 2021 13:34:10 GMT
163912148861b30250d607c_1639121488_3x2_md.jpg
f.i.uol.com.br/fotografia/2021/12/10/
20 KB
20 KB
Image
General
Full URL
https://f.i.uol.com.br/fotografia/2021/12/10/163912148861b30250d607c_1639121488_3x2_md.jpg
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2804:49c:3101:405:ffff:ffff:ffff:20 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software
nginx /
Resource Hash
5677685741a4251977d6d1e157566f3bb8a8f7a7ce956dd67a844c37eaf1cbd5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
last-modified
Fri, 10 Dec 2021 07:31:28 GMT
server
nginx
age
103077
etag
"cb798bf6c74adb46c13cac1ddfbda9bb"
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
x-varnish
2667045123 2664752608
x-cache
HIT
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
content-length
20032
expires
Sun, 19 Dec 2021 08:43:18 GMT
16370941686194131811b63_1637094168_3x2_xs.jpg
f.i.uol.com.br/fotografia/2021/11/16/
8 KB
9 KB
Image
General
Full URL
https://f.i.uol.com.br/fotografia/2021/11/16/16370941686194131811b63_1637094168_3x2_xs.jpg
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2804:49c:3101:405:ffff:ffff:ffff:20 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software
nginx /
Resource Hash
21066df526698f176cdc99d00c52fcab5531bf5c97bb3d239a19705a69e0ad71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
last-modified
Tue, 16 Nov 2021 20:22:48 GMT
server
nginx
age
177069
etag
"b0e42343f611ab8f274dbae72ed0ce76"
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
x-varnish
2667045121 2665650931
x-cache
HIT
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
content-length
8489
expires
Sat, 18 Dec 2021 12:10:06 GMT
stats
stats1.folha.uol.com.br/
43 B
232 B
Image
General
Full URL
https://stats1.folha.uol.com.br/stats?url=https%3A//www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml&ref=https%3A//t.co/&rand=4861111118
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
alunosonline.com.br
Software
nginx /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:21:15 GMT
cache-control
no-cache, no-store, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private
server
nginx
content-type
image/gif
content-length
43
expires
Sun, 12 Dec 2021 13:21:15 GMT
json
trc.taboola.com/folhadespaulo-folhadespaulo/trc/3/
17 KB
7 KB
XHR
General
Full URL
https://trc.taboola.com/folhadespaulo-folhadespaulo/trc/3/json?tim=13%3A21%3A14.933&lti=deflated&data=%7B%22id%22%3A484%2C%22ii%22%3A%22%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1639399700377%2C%22vi%22%3A1639401674931%2C%22cv%22%3A%2220211213-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Dcomptw%22%2C%22e%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A7960%2C%22qs%22%3A%22%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Dcomptw%22%2C%22nsid%22%3A%22folhadespaulo-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbs-feed-01-a%3Apub%3Dfolhadespaulo-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A5858.046875%2C%22mw%22%3A630%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22right-rail-thumbnails-a%3Apub%3Dfolhadespaulo-network%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A1298.53125%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%2CBelow%20Article%20Thumbnails%3Dthumbs-feed-01-a%3Apub%3Dfolhadespaulo-network%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dright-rail-thumbnails-a%3Apub%3Dfolhadespaulo-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211213-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2d198b653ef0d0dce874660a1e5ce2b05e2a6348cb14b809a5b7a5091a39a001

Request headers

Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
298
date
Mon, 13 Dec 2021 13:21:15 GMT
content-encoding
gzip
server
nginx
x-timer
S1639401675.939168,VS0,VE298
x-served-by
cache-fra19120-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www1.folha.uol.com.br
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
pmk-202010011.1.js
widget.perfectmarket.com/folhadespaulo-network/
118 KB
32 KB
Script
General
Full URL
https://widget.perfectmarket.com/folhadespaulo-network/pmk-202010011.1.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/folhadespaulo-network/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b1ed5740b2fdbb6077dea5980a77e5576772ee73514187985356affbe404197

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
ak25weZ2GstLYiH9FVtP3Ga_ptRCxX9_
content-encoding
gzip
etag
"00703d201c5b976acb61381dd7e24ab1"
age
1036946
x-cache
HIT, HIT
content-length
32410
x-amz-id-2
9irZTGGHeQ4PgB9PoObhY/ufBiebbxQzP3wkCFguow0QT7ILAVJJxTR4NwmHxQ4aDbmptKbKuII=
x-served-by
cache-lax10620-LGB, cache-fra19126-FRA
last-modified
Tue, 03 Aug 2021 10:32:43 GMT
server
AmazonS3
x-timer
S1639401675.939891,VS0,VE1
date
Mon, 13 Dec 2021 13:21:14 GMT
vary
Accept-Encoding,,
x-amz-request-id
04VDE18J2396N5NS
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 1
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1639401674936&ns_c=UTF-8&cv=3.5&c8=Ataque%20hacker%20tira%20do%20ar%20sites%20do%20Minist%C3%A9rio%20da%20Sa%C3%BAde%20e%20do%20Conect...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1639401674936&ns_c=UTF-8&cv=3.5&c8=Ataque%20hacker%20tira%20do%20ar%20sites%20do%20Minist%C3%A9rio%20da%20Sa%C3%BAde%20e%20do%20Conec...
0
223 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1639401674936&ns_c=UTF-8&cv=3.5&c8=Ataque%20hacker%20tira%20do%20ar%20sites%20do%20Minist%C3%A9rio%20da%20Sa%C3%BAde%20e%20do%20Conecte%20SUS%20-%2010%2F12%2F2021%20-%20Cotidiano%20-%20Folha&c7=https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Dcomptw&c9=https%3A%2F%2Ft.co%2F
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Server
13.35.253.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-75.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:14 GMT
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
HlbDFv_LyK-lbj9-LbZ2hVgrf5cfeoOLEV4z-Le2jfAXSgep8NTOiQ==
x-cache
Miss from cloudfront

Redirect headers

date
Mon, 13 Dec 2021 13:21:14 GMT
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1639401674936&ns_c=UTF-8&cv=3.5&c8=Ataque%20hacker%20tira%20do%20ar%20sites%20do%20Minist%C3%A9rio%20da%20Sa%C3%BAde%20e%20do%20Conecte%20SUS%20-%2010%2F12%2F2021%20-%20Cotidiano%20-%20Folha&c7=https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Dcomptw&c9=https%3A%2F%2Ft.co%2F
content-length
525
x-amz-cf-id
G6-CuG2UR4Jd31cosJioSlfXhdwPS5egyeMHgGalf_DqnxRXZ7QsEQ==
ReadSpeaker.Base.js
f1-na.readspeaker.com/script/6877/
149 KB
36 KB
Script
General
Full URL
https://f1-na.readspeaker.com/script/6877/ReadSpeaker.Base.js?v=2.5.16.6672
Requested by
Host: f1-na.readspeaker.com
URL: https://f1-na.readspeaker.com/script/6877/ReadSpeaker.js?pids=embhl,custom
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::13 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
87ea44807d7d9b225c299d01ee912eef00b288af7f3574d4f2c21ec9cbadc9b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt
AcO1qQGONm3/UMwIAA==
x-accel-expires
@1639473082
date
Mon, 13 Dec 2021 13:21:14 GMT
content-encoding
br
etag
W/"255e7-5ba47db17e6c2"
last-modified
Mon, 01 Feb 2021 15:17:44 GMT
server
CDN77-Turbo
x-77-nzt-ray
tuAJ6jJ71Wo=
x-77-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
x-cache
HIT
x-age
576592
x-77-pop
newyorkUSNY
ReadSpeaker.Custom.js
f1-na.readspeaker.com/script/6877/
111 B
388 B
Script
General
Full URL
https://f1-na.readspeaker.com/script/6877/ReadSpeaker.Custom.js?v=2.5.16.6672
Requested by
Host: f1-na.readspeaker.com
URL: https://f1-na.readspeaker.com/script/6877/ReadSpeaker.js?pids=embhl,custom
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::13 , United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7a4cfc6245f989c71dea38e9a2852e9051e809266b1efdcf82df5c1f954b0c59

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt
AcO1qQF0dsj/QcwIAA==
x-accel-expires
@1639473097
date
Mon, 13 Dec 2021 13:21:14 GMT
content-encoding
br
etag
W/"6f-56cc5a68a6c80"
last-modified
Tue, 22 May 2018 06:37:22 GMT
server
CDN77-Turbo
x-77-nzt-ray
uGSUuQ8w6r8=
x-77-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
x-cache
HIT
x-age
576577
x-77-pop
newyorkUSNY
i
ivccf.ivcbrasil.org.br/
0
0

uoltm.js
tm.jsuol.com.br/
1 MB
84 KB
Script
General
Full URL
https://tm.jsuol.com.br/uoltm.js?id=1p0oxf
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:f800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
b95421475a479c62fae8628219833abdc8daea6602f024e91452c616447856c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:37:28 GMT
content-encoding
gzip
age
2627
x-cache
Hit from cloudfront
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length
85291
access-control-allow-origin
*
last-modified
Thu, 11 Nov 2021 14:57:35 GMT
server
marrakesh 1.16.6
etag
0f24f53f6d1faf38d369a8004f394a29
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=UTF-8
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-pop
FRA53-C1
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
2VzyWfL0j88LTDD3x_KUHvh1Hp6Ft3513pDpE2b8kX434AKg-lWBVg==
expires
Mon, 13 Dec 2021 13:37:28 GMT
swg-button.css
news.google.com/swg/js/v1/
21 KB
6 KB
Stylesheet
General
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
128921b242c2b1953c2a1691cfd681f716ecbe620ec1a2424a644b9487c23760
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:32:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2908
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6439
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 17:26:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Mon, 13 Dec 2021 13:22:46 GMT
serviceiframe
news.google.com/swg/_/ui/v1/ Frame 6AB8
23 KB
8 KB
Document
General
Full URL
https://news.google.com/swg/_/ui/v1/serviceiframe?_=455389
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b3380d96fd6d64c525f4b2a8531e191b23e40bea96624f5713c09d31e0aa1860
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-4z1ZqyNXMH4DW2MmRkYnkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-4z1ZqyNXMH4DW2MmRkYnkg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible
IE=edge
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 13 Dec 2021 13:21:15 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-4z1ZqyNXMH4DW2MmRkYnkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-4z1ZqyNXMH4DW2MmRkYnkg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-resource-policy
same-site
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
loader.svg
news.google.com/swg/js/v1/
0
1 KB
Other
General
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:33:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2888
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Mon, 13 Dec 2021 13:23:06 GMT
entitlements
news.google.com/swg/_/api/v1/publication/folha.uol.com.br/
2 B
576 B
Fetch
General
Full URL
https://news.google.com/swg/_/api/v1/publication/folha.uol.com.br/entitlements
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www1.folha.uol.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
widgets.js
platform.twitter.com/
96 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: static.folha.uol.com.br
URL: https://static.folha.uol.com.br/storybook/js/portal-news-cc240c898b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6794) /
Resource Hash
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 13:21:15 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Dec 2021 21:35:27 GMT
Server
ECS (frb/6794)
Age
391
Etag
"50ec7e701ed018305368886c39cac301+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
29126
comentarios.jsonp
comentarios1.folha.uol.com.br/
6 KB
7 KB
Script
General
Full URL
https://comentarios1.folha.uol.com.br/comentarios.jsonp?service_name=folha&type=news&limit=3&show_replies=false&show_with_alternate=false&link_format=html&order_by=create&callback=get_comments&category_name=cotidiano&external_id=1718743151970908
Requested by
Host: static.folha.uol.com.br
URL: https://static.folha.uol.com.br/storybook/js/portal-news-cc240c898b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
alunosonline.com.br
Software
nginx / PHP/5.3.3
Resource Hash
5f968c89475d66a0e3eef14a940ed328ce6dbd7f00349ffc72903471c11c874f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:21:15 GMT
server
nginx
x-powered-by
PHP/5.3.3
content-type
application/javascript; charset=UTF-8;
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
6450
expires
Thu, 19 Nov 1981 08:52:00 GMT
sdk.js
connect.facebook.net/pt_BR/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/pt_BR/sdk.js
Requested by
Host: static.folha.uol.com.br
URL: https://static.folha.uol.com.br/storybook/js/portal-news-cc240c898b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d1327da68c36f48498d5238b23dc4af4075c581a4dff7a8876503b7b11dba780
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
7jT+5lqjgrdRFFpy7izL5Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Mon, 13 Dec 2021 13:38:00 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
DrF7VECh1f4znkY5UNbA+p3unEFHa33//Bkj4VmsnziS6PJOWEiywXY3Mf8NHQRyz8zDjZlXn7QbS1H9u4R9hg==
x-fb-trip-id
686109401
x-fb-content-md5
191dd79ba0e107223ad89b4152715706
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 13 Dec 2021 13:21:15 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"a76c819009008fc8431bc336fad69de2"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
cspreport
news.google.com/_/SubscribewithgoogleClientUi/ Frame 6AB8
0
22 B
Other
General
Full URL
https://news.google.com/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: t.co
URL: https://t.co/vavbHZiQMK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DxymnbT5FXcV1QaVzCjrfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-DxymnbT5FXcV1QaVzCjrfQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport, require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/_/ui/v1/serviceiframe?_=455389
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:21:15 GMT
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-DxymnbT5FXcV1QaVzCjrfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-DxymnbT5FXcV1QaVzCjrfQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport, require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
swg-button.css
news.google.com/swg/js/v1/ Frame 6AB8
21 KB
6 KB
Stylesheet
General
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=455389
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
128921b242c2b1953c2a1691cfd681f716ecbe620ec1a2424a644b9487c23760
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:32:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2909
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6439
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 17:26:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Mon, 13 Dec 2021 13:22:46 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4eSN_71pnvk.es5.O/am=AgAI/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXT... Frame 6AB8
160 KB
57 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4eSN_71pnvk.es5.O/am=AgAI/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI5L3LLXZ0Fgis6GByEmucK6c1cajA/m=_b,_tp
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=455389
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16eac1eb2aae66e8bab630958963fabc35cff3ca7935d724c0de9c5ab32299c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 09 Dec 2021 16:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
333267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57574
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 02:53:28 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires
Fri, 09 Dec 2022 16:46:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6AB8
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=455389
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Origin
https://news.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 11:18:05 GMT
x-content-type-options
nosniff
age
525790
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 07 Dec 2022 11:18:05 GMT
digital.json
paywall.folha.uol.com.br/
473 B
1 KB
XHR
General
Full URL
https://paywall.folha.uol.com.br/digital.json
Requested by
Host: static.folha.uol.com.br
URL: https://static.folha.uol.com.br/storybook/js/portal-common-fa9121594c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
alunosonline.com.br
Software
nginx / PHP/5.3.3
Resource Hash
2dd5b2b6748ebc91627f1e1c06af662323f26766ab0c73bdf40f91a369c212ec

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:21:15 GMT
server
nginx
x-powered-by
PHP/5.3.3
content-type
application/json; charset=UTF-8;
access-control-allow-origin
https://www1.folha.uol.com.br
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
473
expires
Thu, 19 Nov 1981 08:52:00 GMT
m=byfTOb,lsjVmc,LEikZe
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4eSN_71pnvk.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.uewZWcn_Cs4.L.B1... Frame 6AB8
37 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4eSN_71pnvk.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.uewZWcn_Cs4.L.B1.O/am=AgAI/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI5kfIQ74-8tGq-F-HAdYZnSquv4Qw/ee=cEt90b:ws9Tlc;uY49fb:COQbmf;Oj465e:KG2eXe;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:O1Gjze;iFQyKf:vfuNJf;dIoSBb:SpsfSb;NPKaK:SdcwHb;LBgRLc:SdcwHb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;pXdRYb:MdUzUe;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4eSN_71pnvk.es5.O/am=AgAI/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI5L3LLXZ0Fgis6GByEmucK6c1cajA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68414970e5ebeed5b7e4c413985c9e66ff415c493afc4bf8e64ed24467a14344
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 11 Dec 2021 20:46:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
146094
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13600
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 00:01:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires
Sun, 11 Dec 2022 20:46:21 GMT
m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4eSN_71pnvk.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.uewZWcn_Cs4.L.B1... Frame 6AB8
102 KB
35 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4eSN_71pnvk.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.uewZWcn_Cs4.L.B1.O/am=AgAI/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI5kfIQ74-8tGq-F-HAdYZnSquv4Qw/ee=cEt90b:ws9Tlc;uY49fb:COQbmf;Oj465e:KG2eXe;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:O1Gjze;iFQyKf:vfuNJf;dIoSBb:SpsfSb;NPKaK:SdcwHb;LBgRLc:SdcwHb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;pXdRYb:MdUzUe;SNUn3:ZwDk9d/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4eSN_71pnvk.es5.O/am=AgAI/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI5L3LLXZ0Fgis6GByEmucK6c1cajA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13cad5d2aa60f7e2ed1c5439addc8a741567b8289801208e1c55024b22e0d5b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 11 Dec 2021 09:49:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185502
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35580
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 00:01:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires
Sun, 11 Dec 2022 09:49:33 GMT
widget_iframe.21f942bb866c2823339b839747a0c50c.html
platform.twitter.com/widgets/ Frame E7A7
319 KB
103 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww1.folha.uol.com.br
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6795) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
320089
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Mon, 13 Dec 2021 13:21:15 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Thu, 02 Dec 2021 21:34:18 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6795)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
sdk.js
connect.facebook.net/pt_BR/
281 KB
79 KB
Script
General
Full URL
https://connect.facebook.net/pt_BR/sdk.js?hash=b7b38ced48d4f66b8896e643f6b3f20d
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e25140d3ad5020c3929f640f4f1b0be678d5133d8aa16a9c18cb3655df051f3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www1.folha.uol.com.br/
Origin
https://www1.folha.uol.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
b3lbr8hSEORrwOwF7txsyQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Tue, 13 Dec 2022 13:18:01 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
81253
x-fb-rlafr
0
x-fb-debug
MDVl3107TR+q6J0E0KH77oRp3I46U2Cj8f5sFHalgzUm/s1OraeqvY5C+qau+NQPlvbkb/DNRF3a5iVH6Qzxbw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
2314bbb4372e7b267e39a4ddcda28aa2
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 13 Dec 2021 13:21:15 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"60d3e587e63155db3d494a8ce2fbeead"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
bee_prod_7_bee_publish_835.json
sf-hs-sg.ibytedtos.com/obj/ies-fe-bee-alisg/bee_prod/biz_7/
43 B
918 B
XHR
General
Full URL
https://sf-hs-sg.ibytedtos.com/obj/ies-fe-bee-alisg/bee_prod/biz_7/bee_prod_7_bee_publish_835.json?timestamp=1639401675210
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-27-105.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
095744fa45e2c246e5aed63e5c5d0d7c43025c2ea231e361f6600fa6a0318c31

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-akamai-request-id
5324244a.501537c1.17c566c7
date
Mon, 13 Dec 2021 13:21:15 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=static
content-md5
cWI4DxsJjLyyeUqG6vYNEA==
x-cache
TCP_MISS from a92-123-107-105.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-bdcdn-cache-status
TCP_HIT
x-parent-response-time
294,23.48.22.140, 298,92.123.107.105
server-timing
cdn-cache; desc=MISS, edge; dur=224, origin; dur=75, inner; dur=4
content-length
51
server
nginx
x-tos-request-id
5aaa62b748cb6a78-af5402b
x-tos-response-time
Mon, 13 Dec 2021 13:21:15 GMT
last-modified
Sat, 20 Mar 2021 11:49:23 GMT
x-cache-remote
TCP_MISS from a23-48-22-140.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=30
x-origin-response-time
76,23.59.247.71
x-tt-trace-host
01ad69072240ce97ab40ebb36bd26f6fd1e2223316d5ef24c208a38b409db6eeb992b5cc08a12e54b1ff56afebcc660cefe1c3497498a4c3c40ba2837cb51cff3c24066758d5ef55bb705c57ee20c9378aa1cc7fdc7823c825bfaddbbb22f559fd395ae875b83822b701b4853297b8f10d9b0ce156c771a7354bb451f530bc905e
accept-ranges
bytes
mercurio.html
tm.uol.com.br/ Frame 9452
197 B
838 B
Document
General
Full URL
https://tm.uol.com.br/mercurio.html
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=1p0oxf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:a000:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/

Response headers

content-type
text/html;charset=UTF-8
content-length
173
server
marrakesh 1.16.6
access-control-allow-credentials
true
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
last-modified
Wed, 28 Apr 2021 17:51:02 GMT
content-encoding
gzip
date
Mon, 13 Dec 2021 13:13:39 GMT
expires
Mon, 13 Dec 2021 13:23:39 GMT
cache-control
no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag
ba5203ce522cc70a434e9a70452ca145
x-cache
Hit from cloudfront
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
Cd_zS88Dt6ruzvRwWFit9UBteMCHQPGTQ2hoh83Pnx_OO9wikzMgTw==
age
456
Prebid.js
tm.jsuol.com.br/modules/external/
256 KB
81 KB
Script
General
Full URL
https://tm.jsuol.com.br/modules/external/Prebid.js
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=1p0oxf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:f800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
312e7c664cee8c126ad1b394f94ba759ecf716b4b1e1631bffdcc9dff4cea106

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:35:11 GMT
content-encoding
gzip
age
2764
x-cache
Hit from cloudfront
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length
82231
access-control-allow-origin
*
last-modified
Fri, 24 Sep 2021 18:23:28 GMT
server
marrakesh 1.16.6
etag
bfa12e369285116046fae6851cb22dc8
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=UTF-8
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-pop
FRA53-C1
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
9zTV6c3qp7MyvJP09J27YVY00_2gSPogMmmrFJgag5QcLq2P2b7ZVw==
expires
Mon, 13 Dec 2021 13:35:11 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
78 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=1p0oxf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1069 / 991 of 1000 / last-modified: 1639397097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26912
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 13 Dec 2021 13:21:15 GMT
injector.js
tag.goadopt.io/
3 KB
2 KB
Script
General
Full URL
https://tag.goadopt.io/injector.js?website_code=94ba61d5-3f5e-4627-b7b8-2365d5a3787e
Requested by
Host: t.co
URL: https://t.co/vavbHZiQMK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac3c66fed802eabd0dc110e1727f8f5a66820d021c90aab9af461b64ee5b916b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nf-request-id
01FPSZ80YRFYCBHPHXZ6X1WX41
date
Mon, 13 Dec 2021 13:21:15 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=3681
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"97c82753050ebda169b13d2d15bb1722-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FAIRNgosZ4keSCOvTr6%2B%2BvjT2lqZQqLjYQq%2BilMOFHkioM81Tv9RMPbpg9q6MKud0ZaknYQDOn5DlQaVF2Y2GJNiWTWMkeEQ0QlKWo9YJJHE%2FzKuntdGjXqlrKoec9J%2FskaZWYDSABUCW7yK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
cf-ray
6bcf7e977b28698f-FRA
profiles.js
tm.jsuol.com.br/modules/external/tailtarget/
13 KB
6 KB
Script
General
Full URL
https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=1p0oxf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:f800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:36:01 GMT
content-encoding
gzip
age
2713
x-cache
Hit from cloudfront
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length
5277
access-control-allow-origin
*
last-modified
Fri, 07 May 2021 13:45:52 GMT
server
marrakesh 1.16.6
etag
ecbae16720fa9548b931f719328b1c88
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=UTF-8
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-pop
FRA53-C1
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
d4iyCMKv2R0P_LbhfoeYveVyu7IN7gZ1Hk5hdbJcFmMmscb2e8M0-g==
expires
Mon, 13 Dec 2021 13:36:01 GMT
CT-929.js
tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-12340-4/
55 KB
15 KB
Script
General
Full URL
https://tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-12340-4/CT-929.js
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=1p0oxf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:f800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
cda99e455c2a8ac7f16d927187b61cd0c2e8e442d32b30b39ab0a7c2145df726

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:19:32 GMT
content-encoding
gzip
age
102
x-cache
Hit from cloudfront
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length
14406
access-control-allow-origin
*
last-modified
Wed, 01 Dec 2021 20:23:52 GMT
server
marrakesh 1.16.6
etag
7cdcfc3ded1716ef1da6dc26988e4910
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=UTF-8
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-pop
FRA53-C1
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
1Q4nxbMdibZr5HqIlYYtzC3NPYtzpB4lzxUOAqATv0SQBXjV6hghXQ==
expires
Mon, 13 Dec 2021 14:19:32 GMT
CT-10.js
tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/
133 KB
18 KB
Script
General
Full URL
https://tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/CT-10.js
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=1p0oxf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:f800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
5d2f8144e6784319954cd2d272b4e0a186215a21f72bcf0d09058d1e515abc2b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:08:55 GMT
content-encoding
gzip
age
740
x-cache
Hit from cloudfront
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length
17500
access-control-allow-origin
*
last-modified
Thu, 02 Dec 2021 18:04:24 GMT
server
marrakesh 1.16.6
etag
6f09324998cd990a87df696650419732
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=UTF-8
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-pop
FRA53-C1
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
5gYzM0-yPvHFq2T0cb4byMFw3M_E9s3KAhjirnRD3KurUM5PGkDUjQ==
expires
Mon, 13 Dec 2021 14:08:55 GMT
folha.js
me.jsuol.com.br/aud/
17 KB
7 KB
Script
General
Full URL
https://me.jsuol.com.br/aud/folha.js
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=1p0oxf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2804:49c:3101:401:ffff:ffff:ffff:50 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
fc133862015e1764b860a26501804c39d3589f3f01b152055f80b12ea421d109

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
content-encoding
gzip
last-modified
Thu, 23 Sep 2021 15:27:06 GMT
server
marrakesh 1.16.6
etag
b82ad553f6c36d56f9911485ea122bf9
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET, HEAD
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
access-control-allow-origin
*
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, private, proxy-revalidate, no-transform
access-control-allow-credentials
true
content-type
application/javascript; charset=UTF-8
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
content-length
7261
expires
Mon, 13 Dec 2021 14:21:15 GMT
/
t.dynad.net/script/
75 KB
19 KB
Script
General
Full URL
https://t.dynad.net/script/?dc=5550010343;ord=0;click=
Requested by
Host: t.co
URL: https://t.co/vavbHZiQMK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2804:49c:3403:2676:ffff:ffff:ffff:6 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software
D3-FE9 / DynAd.net
Resource Hash
6bffa53025ae2cedbbaaf3ef2f90ea6269d74dcbad9b3f06c775326657f422be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:21:15 GMT
content-encoding
gzip
server
D3-FE9
x-powered-by
DynAd.net
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
x-dynad-tracker
v1.1.547 Power Stroke
cache-control
max-age=0
content-type
text/javascript;charset=ISO-8859-1
expires
Mon, 13 Dec 2021 13:21:15 GMT
tfa-eid.20211213-1-RELEASE.es6.js
cdn.taboola.com/libtrc/
14 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20211213-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/folhadespaulo-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
896bf7b52bb048f5228753f05212f0eb830a301afb7493c1a6fbd0ae8a03999c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
hGT9YrVC.p8l32SGmjl3OXh41ZIbgnZb
content-encoding
gzip
etag
"185da3d453533c8a0966083abcc7f54e"
age
1728
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5061
x-amz-id-2
owldVgK9hYdNxn9ZxTH7a6L2yxrUT+VSuy6eEVmOcFSAZrKib1R+tsa7/otqMXoEkvlvItPZ/v8=
x-served-by
cache-fra19120-FRA
last-modified
Mon, 13 Dec 2021 12:52:23 GMT
server
AmazonS3
x-timer
S1639401675.441449,VS0,VE0
date
Mon, 13 Dec 2021 13:21:15 GMT
vary
Accept-Encoding
x-amz-request-id
MTWQ2662CWS8F9AK
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
78
x-cache-hits
7764
sha256.20211213-1-RELEASE.es6.js
cdn.taboola.com/libtrc/
6 KB
3 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/sha256.20211213-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/folhadespaulo-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12f28aa1b725daa4369b9f9eac7f49da87315a9fb4df733a23d91077a74ca69e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
tIypNdzv.PF5znKAWvJ7qtx40DxwYOSk
content-encoding
gzip
etag
"38b55d0a3a19166f29436f3e44afbefe"
age
1356
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
2589
x-amz-id-2
n6SrCF5BUhVpSUAQht+QOF6vjEu8Cy7M0+ePa2p8SdOZ7c7LZZ7qzHyy0e/lv5EEFuHE/8xfMSY=
x-served-by
cache-fra19120-FRA
last-modified
Mon, 13 Dec 2021 12:53:55 GMT
server
AmazonS3
x-timer
S1639401675.441567,VS0,VE0
date
Mon, 13 Dec 2021 13:21:15 GMT
vary
Accept-Encoding
x-amz-request-id
08FN9Z4N5DE12PPK
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
78
x-cache-hits
5726
tb
15.taboola.com/
38 KB
12 KB
XHR
General
Full URL
https://15.taboola.com/tb?oid=15&pubnm=folhadespaulo-folhadespaulo&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=https%3A%2F%2Ft.co%2F&cirf=https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml&encoded=1&uid=7cb41445-b6dc-41ae-b4d9-77dd4a5880d0-tuct8b0ce4a&variant=-100|1391010999&callback=TRC.videoTagCallbacks.videoCallback1&cb=1639401675441&tagid=&cntry=DE&platform=1&sesid=8449933edfcce857ea1da36380ccd948&itemid=/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml&viewid=1639401674931&geolat=&geoing=&deviceifa=&appid=&sd=v2_8449933edfcce857ea1da36380ccd948_7cb41445-b6dc-41ae-b4d9-77dd4a5880d0-tuct8b0ce4a_1639401674_1639401674_CGoQovNUGLOx0Z_bLyABKAEwODib4wlAgYoQSNTI2QNQpOwQWABgAGiApKeijMutlDNwAA&ri=15a0cd6311d9d6ae082d743abbd67371&appname=&cdb=&gdprApplies=true&rid=&sii=-2202179286897618769&oee=true&tpubid=1391010&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=BW&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1390715&prcnt=&layer=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211213-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5583a45882a56685cb5ad0e886c4f0103d796b9562939a431e5925614182e16d

Request headers

Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
content-encoding
gzip
access-control-allow-origin
https://www1.folha.uol.com.br
machineid
1451
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-fra19120-FRA
pragma
no-cache
server
nginx
x-timer
S1639401675.446100,VS0,VE115
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
feed-card-placeholder.20211213-1-RELEASE.es6.js
cdn.taboola.com/libtrc/
5 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20211213-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/folhadespaulo-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71e104b47b4702cc4d8b3a0ec06f8320e73b875d815e921a72a31673be9f5da6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
.58hZnDBZXpcbwsUcCnxOTE1LzlevmUN
content-encoding
gzip
etag
"997d1cba5082526be7aba1bc814cdb3c"
age
1506
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
WBbh1XHPYAPpDVI1APeVTwIT8SjInLd11mEkfKv2/ekBTkG1LHNVQGdjDOOer7p14jsjtVN2hrM=
x-served-by
cache-fra19120-FRA
last-modified
Mon, 13 Dec 2021 12:56:02 GMT
server
AmazonS3
x-timer
S1639401675.447841,VS0,VE0
date
Mon, 13 Dec 2021 13:21:15 GMT
vary
Accept-Encoding
x-amz-request-id
PC0FR1XK789K5PAW
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
78
x-cache-hits
4393
userx.20211213-1-RELEASE.es6.js
cdn.taboola.com/libtrc/
17 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20211213-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/folhadespaulo-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e32795cfeef1a2dcc9f0887b6abe5ca3e66f8255e42d778db81a33dd6e84ece9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
LUl04oxW1oyXZkxc_V1lEMFQUPLb1Cce
content-encoding
gzip
etag
"efc79cc8d7210e9b662adc67a734b851"
age
1741
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5338
x-amz-id-2
Nsllb9HjzmdvbNyGCZFVY5Km83KUsH98cu2Kp1WucAGn3aMfg4U7E9rf+bcE7gXTJfaPaotAVho=
x-served-by
cache-fra19120-FRA
last-modified
Mon, 13 Dec 2021 12:51:59 GMT
server
AmazonS3
x-timer
S1639401675.455188,VS0,VE0
date
Mon, 13 Dec 2021 13:21:15 GMT
vary
Accept-Encoding
x-amz-request-id
2WKVNBHXR6KF1Q9F
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
78
x-cache-hits
1947
56b1fc3a25b43a172fd057314e57bd16.png
cdn.taboola.com/libtrc/static/thumbnails/
575 B
845 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/56b1fc3a25b43a172fd057314e57bd16.png
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12ea16ca92301bfbfb7528367b182a4fe29f40819dd6156264974b252c2d5150

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
zWftfC4jNLzjlJcrU3wxE3yWl3abC5Uh
via
1.1 varnish
etag
"f5931869deed5aca4047c4ff32204817"
age
132
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
575
x-amz-id-2
PzeLQoZ1XdzAahmofxDjsKEeFlUeNADMzBYh23HpkRQSVDoJTv2oKv7u6ucRaqfV2zIGGcMEbnA=
x-served-by
cache-fra19120-FRA
last-modified
Wed, 09 Jun 2021 16:42:11 GMT
server
AmazonS3
x-timer
S1639401675.459075,VS0,VE1
date
Mon, 13 Dec 2021 13:21:15 GMT
x-amz-request-id
1S0314P0DDW0W0RH
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
78
x-cache-hits
1
205e7061-df16-4b34-ab72-d3a23313c8ae.png
cdn.taboola.com/static/20/
706 B
958 B
Image
General
Full URL
https://cdn.taboola.com/static/20/205e7061-df16-4b34-ab72-d3a23313c8ae.png
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7902cade39cc0068b00c4cf52112c36a11c6a94d3619ba872a3e2253c3d52174

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
7KPSRE71ozoWmp6XRBTesovf1gbM4pLN
via
1.1 varnish
etag
"e17cab0dd3d8da18fbe4b5f2b6096973"
age
1986
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
706
x-amz-id-2
A8oraMkNgEjHB4QTT9ANJHf+8Xy3LOQUlvo4+f/FB/zIs6QJEmrdoiT5+6jkD7CO9SxlDYBgVxg=
x-served-by
cache-fra19120-FRA
last-modified
Mon, 14 Jun 2021 16:29:01 GMT
server
AmazonS3
x-timer
S1639401675.459164,VS0,VE1
date
Mon, 13 Dec 2021 13:21:15 GMT
x-amz-request-id
FW5NT1FGEF4DA3QH
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
78
x-cache-hits
1
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/
4 KB
2 KB
Image
General
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
age
16
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
4qgxfZFmFJrsHxbWsRaKcT9wYgjMICaV8OEv1kv2dZlmiYeGN4OEv3bO4hfDSGSCfBT+SgmfUGM=
x-served-by
cache-fra19120-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1639401675.476797,VS0,VE0
date
Mon, 13 Dec 2021 13:21:15 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
DM4NAP34QYDFFT7D
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
78
x-cache-hits
26
FolhaIIBold.woff2
static.folha.uol.com.br/fonts/folhaii-bold/
16 KB
16 KB
Font
General
Full URL
https://static.folha.uol.com.br/fonts/folhaii-bold/FolhaIIBold.woff2?20200213
Requested by
Host: static.folha.uol.com.br
URL: https://static.folha.uol.com.br/storybook/css/portal-common-408afdec53.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
alunosonline.com.br
Software
nginx /
Resource Hash
b6207b851a8889b69ac80ce8ab80da1447884af23c56de6bbc5919bd7dc7c81e

Request headers

Referer
https://static.folha.uol.com.br/storybook/css/portal-common-408afdec53.css
Origin
https://www1.folha.uol.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
via
CacheUOL
last-modified
Mon, 04 Oct 2021 21:06:53 GMT
server
nginx
age
922441
etag
"793901-3ff0-5cd8d4ad35540"
x-cache
HIT
x-varnish
124076878 119493538
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
16368
expires
Tue, 13 Dec 2022 13:21:15 GMT
batchexecute
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame 6AB8
365 B
277 B
XHR
General
Full URL
https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&f.sid=7116069345352558285&bl=boq_subscribewithgoogleclientserver_20211208.11_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=48076&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4eSN_71pnvk.es5.O/am=AgAI/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI5L3LLXZ0Fgis6GByEmucK6c1cajA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5cae32e1f470d1fd51d427afdd20efc87fd94dc2bfdcc81367343e3585de6d29
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4eSN_71pnvk.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.uewZWcn_Cs4.L.B1... Frame 6AB8
17 KB
7 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4eSN_71pnvk.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.uewZWcn_Cs4.L.B1.O/am=AgAI/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,lPKSwe,lfpdyf,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI5kfIQ74-8tGq-F-HAdYZnSquv4Qw/ee=cEt90b:ws9Tlc;uY49fb:COQbmf;Oj465e:KG2eXe;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:O1Gjze;iFQyKf:vfuNJf;dIoSBb:SpsfSb;NPKaK:SdcwHb;LBgRLc:SdcwHb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;pXdRYb:MdUzUe;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4eSN_71pnvk.es5.O/am=AgAI/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI5L3LLXZ0Fgis6GByEmucK6c1cajA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4167c604ee5a719f314eebb2329408b3ea76d3e72d09e113f155435e62444d1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 11 Dec 2021 12:33:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
175654
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7293
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 00:01:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires
Sun, 11 Dec 2022 12:33:41 GMT
social
am-trc-events.taboola.com/folhadespaulo-folhadespaulo/log/3/
0
231 B
Image
General
Full URL
https://am-trc-events.taboola.com/folhadespaulo-folhadespaulo/log/3/social?route=AM:AM:V&lti=deflated&ri=d9a5e3edc57e7129e2d6e81951edf916&sd=v2_8449933edfcce857ea1da36380ccd948_7cb41445-b6dc-41ae-b4d9-77dd4a5880d0-tuct8b0ce4a_1639401674_1639401674_CGoQovNUGLOx0Z_bLyABKAEwODib4wlAgYoQSNTI2QNQpOwQWABgAGiApKeijMutlDNwAA&ui=7cb41445-b6dc-41ae-b4d9-77dd4a5880d0-tuct8b0ce4a&pi=/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml&wi=-2202179286897618769&pt=text&vi=1639401674931&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%22%2C%22rref%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Ataque%20hacker%20tira%20do%20ar%20sites%20do%20Minist%C3%A9rio%20da%20Sa%C3%BAde%20e%20do%20Conecte%20SUS%22%2C%22sec%22%3A%22Cotidiano%22%2C%22aut%22%3A%5B%22Cristina%20Camargo%22%5D%2C%22img%22%3A%22https%3A%2F%2Ff.i.uol.com.br%2Ffotografia%2F2021%2F12%2F10%2F163912148861b30250d607c_1639121488_3x2_md.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=13%3A21%3A15.497&id=7197&llvl=2&cv=20211213-1-RELEASE&
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 13 Dec 2021 13:21:15 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
163939379161b729ff948ad_1639393791_3x2_rt.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_190%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//f.i.uol.com.br/fotografia/2021/12/13/
11 KB
12 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_190%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//f.i.uol.com.br/fotografia/2021/12/13/163939379161b729ff948ad_1639393791_3x2_rt.jpg
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a7be7240fe439aa6115b5aef3b2cc52c4cacb9d142ed557d41119988b34dcfff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 13 Dec 2021 13:21:15 GMT
via
1.1 varnish, 1.1 varnish
age
5426
edge-cache-tag
496674796946165511149060830146720152038,586447576921672440320975332630694222884,29ecf9b93bbf306179626feeda1fab70
cache-tag
496674796946165511149060830146720152038,586447576921672440320975332630694222884,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
524
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_190%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//f.i.uol.com.br/fotografia/2021/12/13/163939379161b729ff948ad_1639393791_3x2_rt.jpg
content-length
11696
x-request-id
84236aa2bbb3f9a29e60e86651474aeb
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Mon, 13 Dec 2021 11:38:33 GMT
server
nginx
x-timer
S1639401676.512174,VS0,VE1
etag
"95dbcfc08c2d28c15fd82bf1e6f701d4"
x-served-by
cache-wdc5554-WDC, cache-dca12920-DCA, cache-fra19120-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
163935558461b694c0d5f08_1639355584_3x2_rt.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_190%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//f.i.uol.com.br/fotografia/2021/12/12/
5 KB
5 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_190%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//f.i.uol.com.br/fotografia/2021/12/12/163935558461b694c0d5f08_1639355584_3x2_rt.jpg
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cdd3ce298d44b81261b5e2156e9529a73c974f0ead62c84b28cf76861ab39dcc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
6
date
Mon, 13 Dec 2021 13:21:15 GMT
via
1.1 varnish, 1.1 varnish
age
6533
edge-cache-tag
600440007517325439827513321470823974504,586447576921672440320975332630694222884,29ecf9b93bbf306179626feeda1fab70
cache-tag
600440007517325439827513321470823974504,586447576921672440320975332630694222884,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
609
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_190%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//f.i.uol.com.br/fotografia/2021/12/12/163935558461b694c0d5f08_1639355584_3x2_rt.jpg
content-length
4638
x-request-id
bf05379480155e4222038e082053197c
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Mon, 13 Dec 2021 11:22:42 GMT
server
nginx
x-timer
S1639401676.522102,VS0,VE6
etag
"ed4609c552ddac90c3dfbeb573e6ba19"
x-served-by
cache-wdc5573-WDC, cache-dca17755-DCA, cache-fra19120-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
63df62f2738a0e44d8a5e03fb6ab35e6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_130%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
5 KB
5 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_130%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/63df62f2738a0e44d8a5e03fb6ab35e6.jpg
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3ab7be00229f1faecde852050b7076154c5e4033c5bec213f53c980f1192a647

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 13 Dec 2021 13:21:15 GMT
via
1.1 varnish, 1.1 varnish
age
923661
edge-cache-tag
548006195373340348353398967075055556666,615482631998333030663268896958846342773,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
496
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_130%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/63df62f2738a0e44d8a5e03fb6ab35e6.jpg
content-length
4860
x-request-id
49209087b3e2df3517c604de48b93345
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Thu, 02 Dec 2021 20:41:32 GMT
server
nginx
x-timer
S1639401676.536267,VS0,VE1
etag
"bfe40be6153eaaad8c81464dca000b8b"
x-served-by
cache-wdc5572-WDC, cache-dca17766-DCA, cache-fra19120-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
163891162761afce8bc9cce_1638911627_3x2_xl.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_130%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//f.i.uol.com.br/fotografia/2021/12/07/
4 KB
5 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_130%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//f.i.uol.com.br/fotografia/2021/12/07/163891162761afce8bc9cce_1638911627_3x2_xl.jpg
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
90de1fd7bbaa2cd236049300935f5b3bc306f51631361c7ae7305d84d82f836c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 13 Dec 2021 13:21:15 GMT
via
1.1 varnish, 1.1 varnish
age
472551
edge-cache-tag
483225441396282130296039230662988672220,615482631998333030663268896958846342773,29ecf9b93bbf306179626feeda1fab70
cache-tag
483225441396282130296039230662988672220,615482631998333030663268896958846342773,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
520
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_130%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//f.i.uol.com.br/fotografia/2021/12/07/163891162761afce8bc9cce_1638911627_3x2_xl.jpg
content-length
4218
x-request-id
f9719d3d15eb9953bd1627f53ea54e54
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Tue, 07 Dec 2021 22:52:14 GMT
server
nginx
x-timer
S1639401676.544941,VS0,VE1
etag
"38c7a850ff29359ba3e7b95c8a204a5d"
x-served-by
cache-dca17734-DCA, cache-dca17780-DCA, cache-fra19120-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
163905125361b1eff50805d_1639051253_3x2_md.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_130%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//f.i.uol.com.br/fotografia/2021/12/09/
4 KB
5 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_130%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//f.i.uol.com.br/fotografia/2021/12/09/163905125361b1eff50805d_1639051253_3x2_md.jpg
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e46f6a4ea2ce525c84061e20456cfd0b6d784cec588c4f059edae62873845eaf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 13 Dec 2021 13:21:15 GMT
via
1.1 varnish, 1.1 varnish
age
319011
edge-cache-tag
361025723071325577912646407369444050421,615482631998333030663268896958846342773,29ecf9b93bbf306179626feeda1fab70
cache-tag
361025723071325577912646407369444050421,615482631998333030663268896958846342773,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
77
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_130%2Cw_260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//f.i.uol.com.br/fotografia/2021/12/09/163905125361b1eff50805d_1639051253_3x2_md.jpg
content-length
4164
x-request-id
0165ed56e6f3b4847d82682137bb3c85
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Thu, 09 Dec 2021 12:18:41 GMT
server
nginx
x-timer
S1639401676.549667,VS0,VE1
etag
"1d9513b3323ed78bfc479cdc72031922"
x-served-by
cache-bwi5041-BWI, cache-dca17728-DCA, cache-fra19120-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
uol-icones-setas.eot
stc.uol.com/c/webfont/projeto-grafico/v2/icones-setas/
24 KB
24 KB
Font
General
Full URL
https://stc.uol.com/c/webfont/projeto-grafico/v2/icones-setas/uol-icones-setas.eot?2017
Requested by
Host: jsuol.com.br
URL: https://jsuol.com.br/barra/parceiro-async.js?parceiro=folha
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2804:49c:3102:405:ffff:ffff:ffff:7 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software
nginx /
Resource Hash
1ae8bbb7baf2bcf96f7e2cf9a63b11603ce80e344d19425d4f93241a95fee40e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:16 GMT
last-modified
Thu, 29 Jun 2017 15:57:04 GMT
server
nginx
age
49071
etag
"5ed0-5531b5a13742c"
access-control-allow-methods
GET, HEAD
x-varnish
2151628762 2146975187
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
x-cache
HIT
content-type
application/vnd.ms-fontobject
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
content-length
24272
expires
Mon, 12 Dec 2022 23:43:25 GMT
uol-text-regular.eot
stc.uol.com/c/webfont/projeto-grafico/uol-font/
18 KB
19 KB
Font
General
Full URL
https://stc.uol.com/c/webfont/projeto-grafico/uol-font/uol-text-regular.eot?v5
Requested by
Host: jsuol.com.br
URL: https://jsuol.com.br/barra/parceiro-async.js?parceiro=folha
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2804:49c:3102:405:ffff:ffff:ffff:7 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software
nginx /
Resource Hash
80aaf8f87007d51ed26c959e07b74357f73f280e7a4f17869a92fd1c73bdd2db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:16 GMT
last-modified
Tue, 03 Nov 2020 20:43:38 GMT
server
nginx
age
49075
etag
"49bd-5b339ead6b44d"
access-control-allow-methods
GET, HEAD
x-varnish
2151628761 2146974723
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
x-cache
HIT
content-type
application/vnd.ms-fontobject
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
content-length
18877
expires
Mon, 12 Dec 2022 23:43:21 GMT
uol2021_completo_white_178x64.png
imguol.com/c/_layout/v3/logoUOL2021/
3 KB
3 KB
Image
General
Full URL
https://imguol.com/c/_layout/v3/logoUOL2021/uol2021_completo_white_178x64.png
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2804:49c:3102:405:ffff:ffff:ffff:7 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software
nginx /
Resource Hash
7e2f04029abafb1d17957d7301479ebd6627314236cf3b7800592f1d6c34c501

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:16 GMT
last-modified
Thu, 25 Mar 2021 21:02:24 GMT
server
nginx
age
18312602
etag
"22b153663c1321a3450f672a1ea0a85d"
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
x-varnish
809982585 801115547
x-cache
HIT
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
content-length
2634
expires
Sun, 15 May 2022 14:31:00 GMT
mercurio.js
tm.jsuol.com.br/modules/ Frame 9452
4 KB
2 KB
Script
General
Full URL
https://tm.jsuol.com.br/modules/mercurio.js
Requested by
Host: tm.uol.com.br
URL: https://tm.uol.com.br/mercurio.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:f800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tm.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:38:46 GMT
content-encoding
gzip
age
2549
x-cache
Hit from cloudfront
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length
1065
access-control-allow-origin
*
last-modified
Wed, 28 Apr 2021 17:51:10 GMT
server
marrakesh 1.16.6
etag
bed0a7a707f166936e5aaac09879d050
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=UTF-8
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-pop
FRA53-C1
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
6kjhvcKAG7IPn_zt8aiTjwIsrxVceQk-ngO-xlBnlV_yjjKp0if9vg==
expires
Mon, 13 Dec 2021 13:38:46 GMT
uol-text-regular.woff
stc.uol.com/c/webfont/projeto-grafico/uol-font/
26 KB
26 KB
Font
General
Full URL
https://stc.uol.com/c/webfont/projeto-grafico/uol-font/uol-text-regular.woff?v5
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2804:49c:3102:405:ffff:ffff:ffff:7 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software
nginx /
Resource Hash
c63635ffe1ea1c4731169ccfa13c0499174c7634d264beb4fca4809b7e75c0ee

Request headers

Referer
https://www1.folha.uol.com.br/
Origin
https://www1.folha.uol.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:16 GMT
last-modified
Tue, 03 Nov 2020 20:43:53 GMT
server
nginx
age
59151
etag
"663f-5b339ebbb947f"
access-control-allow-methods
GET, HEAD
x-varnish
4294049574 4287774905
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
x-cache
HIT
content-type
application/font-woff
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
content-length
26175
expires
Mon, 12 Dec 2022 20:55:24 GMT
uol-icones-setas.woff
stc.uol.com/c/webfont/projeto-grafico/v2/icones-setas/
24 KB
24 KB
Font
General
Full URL
https://stc.uol.com/c/webfont/projeto-grafico/v2/icones-setas/uol-icones-setas.woff?2017
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2804:49c:3102:405:ffff:ffff:ffff:7 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software
nginx /
Resource Hash
28c48173a3d22a330c9be901a0d58053bea418e04957197f1e3fb2784da355dc

Request headers

Referer
https://www1.folha.uol.com.br/
Origin
https://www1.folha.uol.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:16 GMT
last-modified
Thu, 29 Jun 2017 15:57:04 GMT
server
nginx
age
59013
etag
"5e40-5531b5a137468"
access-control-allow-methods
GET, HEAD
x-varnish
4294049573 4287793556
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
x-cache
HIT
content-type
application/font-woff
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
content-length
24128
expires
Mon, 12 Dec 2022 20:57:42 GMT
tbp
15.taboola.com/
6 KB
3 KB
XHR
General
Full URL
https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211213-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1c708625bb2a329a0974ba90a387d99441cbb897f1a197ae120f34dda355809a

Request headers

Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
content-encoding
gzip
access-control-allow-origin
https://www1.folha.uol.com.br
machineid
1415
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra19120-FRA
pragma
no-cache
server
nginx
x-timer
S1639401676.561689,VS0,VE31
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
ee77167c72fc4e07f262fc4f32da1e47.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_115%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
8 KB
9 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_115%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee77167c72fc4e07f262fc4f32da1e47.png
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0617cbdf093c2737bddd28c2a414820fff8ffb6b5e7d0912f5265a3b3c94b84a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 13 Dec 2021 13:21:15 GMT
via
1.1 varnish, 1.1 varnish
age
1049637
edge-cache-tag
302167877995139201708585044388758779315,469003076724496694020487778216065093704,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
129
expiration
expiry-date="Wed, 08 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_115%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee77167c72fc4e07f262fc4f32da1e47.png
content-length
8448
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Sun, 07 Nov 2021 13:42:28 GMT
server
nginx
x-timer
S1639401676.561850,VS0,VE1
etag
"05f27274c5c589e954bfff0c5417755f"
x-served-by
cache-bwi5071-BWI, cache-dca12929-DCA, cache-fra19120-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=1053640304776220&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Dcomptw&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=b7b38ced48d4f66b8896e643f6b3f20d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
1X2jiQTeUs+pTuScxl6jrLS5sDAkhyO/DjXvTaJLTP4Yd+2nt0kRBwhteCa0cbpfqduiYTIw+h3WXKJyRchzaA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
date
Mon, 13 Dec 2021 13:21:15 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www1.folha.uol.com.br
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
profile
tt-12340-4.seg.t.tailtarget.com/
92 B
500 B
Script
General
Full URL
https://tt-12340-4.seg.t.tailtarget.com/profile
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 20:26:00 GMT
server
nginx/1.17.8
etag
W/"5e333bd8-5c"
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
via
1.1 google
cache-control
private, proxy-revalidate
content-type
application/x-javascript
alt-svc
clear
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/
348 KB
117 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 13 Dec 2021 13:21:15 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
83 B
102 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www1.folha.uol.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
949576dcfca2db939a5e009ce87a656402a886c6112f05426096ed6c4bb42eb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 13:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77
x-xss-protection
0
expires
Mon, 13 Dec 2021 13:21:15 GMT
get-consent
disclaimer-api.goadopt.io/api/tag/
140 B
826 B
XHR
General
Full URL
https://disclaimer-api.goadopt.io/api/tag/get-consent
Requested by
Host: tag.goadopt.io
URL: https://tag.goadopt.io/injector.js?website_code=94ba61d5-3f5e-4627-b7b8-2365d5a3787e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a89ea1b8cf0d6ac823b99b937074663c7222c0b8f423734df2b4b22f01394389

Request headers

Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 13 Dec 2021 13:21:16 GMT
content-encoding
br
vary
Origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
etag
W/"8c-iWDlXFaNMfbHsOrD/d7NQrbnV0s"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
5
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5r7NyXs%2F6VULutW8AxqfV3m2%2Bk275CmUkVetswbZxxZ2XWBN27MxoNhDyaTZBeUQ68%2FeXFuL2NTQMjDox1NqrW7x5sazA774ibwF3d5x6A0o4GPD1YlS7P0sItvd%2BNb1066aqArqDmu1IayyVhHGYQOHBHtgfIE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www1.folha.uol.com.br
access-control-allow-credentials
true
cf-ray
6bcf7e986da2698f-FRA
access-control-allow-headers
Accept,Accept-Charset,Accept-Encoding,Authorization,Content-Type,Cookie,Set-Cookie,User-Agent
embed_lib_v0.0.7.css
s16.tiktokcdn.com/tiktok/falcon/embed/
4 KB
2 KB
Stylesheet
General
Full URL
https://s16.tiktokcdn.com/tiktok/falcon/embed/embed_lib_v0.0.7.css
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-27-8.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
487ef1b1a657ab23c755ec06d8a38d0703dc9d03617b1dfbf017135211cc1fba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-akamai-request-id
50ec46
date
Mon, 13 Dec 2021 13:21:15 GMT
content-encoding
gzip
x-check-cacheable
YES
x-cache
TCP_MEM_HIT from a92-123-107-8.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0
content-length
1326
last-modified
Fri, 17 Jul 2020 08:36:11 GMT
server
nginx
etag
W/"5f1162fb-e0c"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=19542647
x-origin-response-time
1044,23.65.29.55
expires
Wed, 27 Jul 2022 17:52:02 GMT
embed_lib_v0.0.7.js
s16.tiktokcdn.com/tiktok/falcon/embed/
12 KB
5 KB
Script
General
Full URL
https://s16.tiktokcdn.com/tiktok/falcon/embed/embed_lib_v0.0.7.js
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-27-8.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
939770ea6517e7ba27e40e2c21dbeadd159778bfd4bb54d134c2eb288b7a8815

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-akamai-request-id
50ec48
date
Mon, 13 Dec 2021 13:21:15 GMT
content-encoding
gzip
x-check-cacheable
YES
x-cache
TCP_MEM_HIT from a92-123-107-8.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0
content-length
4522
last-modified
Fri, 17 Jul 2020 08:36:11 GMT
server
nginx
etag
W/"5f1162fb-2f44"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=15489990
x-origin-response-time
1108,95.100.155.39
expires
Fri, 10 Jun 2022 20:07:45 GMT
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.5.4/
98 KB
28 KB
Script
General
Full URL
https://vidstat.taboola.com/lite-unit/3.5.4/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211213-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af826959e3b915ae25f936e25e0384e389fbaa98574273c18e54abf57883c723

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
via
1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront), 1.1 varnish
age
1999078
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
28757
x-served-by
cache-fra19120-FRA
last-modified
Sat, 20 Nov 2021 10:02:27 GMT
server
AmazonS3
x-timer
S1639401676.621606,VS0,VE0
etag
"818ebe9395490135acd5fbeb0c9df2e9"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
piqiVnUDiaNQAr5dQlincjau1MqZrtkyzdR54dAy9NLZu6GfblXuyQ==
x-cache-hits
153690
prebid
ib.adnxs.com/ut/v3/
138 B
825 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
f3fd9ceda41e1e915b4938ebada265a9e28c23c922a66d0a1a1b9f89a3ee41cd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 13:21:15 GMT
X-Proxy-Origin
168.119.25.199; 168.119.25.199; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c1201ff1-8ea1-4241-84a7-8fe9ba26ff4a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www1.folha.uol.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
log
play.google.com/ Frame 6AB8
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4eSN_71pnvk.es5.O/am=AgAI/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI5L3LLXZ0Fgis6GByEmucK6c1cajA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Mon, 13 Dec 2021 13:21:15 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://news.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://news.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Mon, 13 Dec 2021 13:21:15 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 13 Dec 2021 13:21:15 GMT
cache-control
private
log
play.google.com/ Frame 6AB8
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4eSN_71pnvk.es5.O/am=AgAI/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI5L3LLXZ0Fgis6GByEmucK6c1cajA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Mon, 13 Dec 2021 13:21:15 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://news.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://news.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Mon, 13 Dec 2021 13:21:15 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 13 Dec 2021 13:21:15 GMT
cache-control
private
log
play.google.com/ Frame 6AB8
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4eSN_71pnvk.es5.O/am=AgAI/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI5L3LLXZ0Fgis6GByEmucK6c1cajA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Mon, 13 Dec 2021 13:21:15 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://news.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://news.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Mon, 13 Dec 2021 13:21:15 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 13 Dec 2021 13:21:15 GMT
cache-control
private
creative_js.js
vidstat.taboola.com/vpaid/units/27_2_17/creatives/
4 KB
2 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211213-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront), 1.1 varnish
age
4289495
x-amz-meta-mtime
1580720676
x-cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1580720957
x-amz-meta-mode
33188
content-encoding
gzip
content-length
1904
x-served-by
cache-fra19120-FRA
last-modified
Mon, 03 Feb 2020 09:09:18 GMT
server
AmazonS3
x-timer
S1639401676.631395,VS0,VE0
etag
"d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
Sk-dQ-vXqlkymfouDYO0ROLJleZN_EmWEBrNrUZpeGf8tabSmNbJwg==
x-cache-hits
1027849
log
play.google.com/ Frame 6AB8
131 B
672 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.4eSN_71pnvk.es5.O/am=AgAI/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI5L3LLXZ0Fgis6GByEmucK6c1cajA/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Mon, 13 Dec 2021 13:21:15 GMT
settings
syndication.twitter.com/ Frame E7A7
232 B
448 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=9c6103f7a77b4c00c1709244e97533ce97457c6d
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww1.folha.uol.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-response-time
107
date
Mon, 13 Dec 2021 13:21:14 GMT
content-encoding
gzip
last-modified
Mon, 13 Dec 2021 13:21:15 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
afcb5ee5c1fbf13ec3f7bd7177248ed9d71d571e85e0b7c739b694385d02af06
content-length
166
loading-alternate.gif
f.i.uol.com.br/folha/furniture/5.4/images/
714 B
1 KB
Image
General
Full URL
https://f.i.uol.com.br/folha/furniture/5.4/images/loading-alternate.gif
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2804:49c:3101:405:ffff:ffff:ffff:20 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software
nginx /
Resource Hash
d4632051f15257ef10881ff1175bfc524a8f9e520d4258f9cd491bba0d6778c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
last-modified
Wed, 18 Sep 2013 22:39:41 GMT
server
nginx
age
99514582
etag
"2ca-4e6b01cf08540"
access-control-allow-methods
GET, HEAD
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
x-varnish
2667045196 2659963227
x-cache
HIT
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
content-length
714
expires
Fri, 19 Oct 2018 18:24:44 GMT
comments.svg
f.i.uol.com.br/hunting/folha/1/common/icons/
297 B
677 B
Image
General
Full URL
https://f.i.uol.com.br/hunting/folha/1/common/icons/comments.svg
Requested by
Host: static.folha.uol.com.br
URL: https://static.folha.uol.com.br/storybook/css/portal-news-4133b436a6.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2804:49c:3101:405:ffff:ffff:ffff:20 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software
nginx /
Resource Hash
adb416a0f7956ee11dcf06d4ba66bbcbfb46c1aca567e180a3e9f6c67c8d882c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
last-modified
Tue, 07 Mar 2017 20:41:34 GMT
server
nginx
age
121966645
etag
"129-54a2a099e3b80"
access-control-allow-methods
GET, HEAD
x-varnish
2667045197 2659971207
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
x-cache
HIT
content-type
image/svg+xml
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
content-length
297
expires
Thu, 31 Jan 2019 21:43:42 GMT
like.svg
f.i.uol.com.br/hunting/folha/1/common/icons/
386 B
766 B
Image
General
Full URL
https://f.i.uol.com.br/hunting/folha/1/common/icons/like.svg
Requested by
Host: static.folha.uol.com.br
URL: https://static.folha.uol.com.br/storybook/css/portal-news-4133b436a6.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2804:49c:3101:405:ffff:ffff:ffff:20 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software
nginx /
Resource Hash
5573265870e5b5354cf67f7ddd4cfdb3c86adff26553e1920194918cef66ff4a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
last-modified
Tue, 07 Mar 2017 20:41:34 GMT
server
nginx
age
121935949
etag
"182-54a2a099e3b80"
access-control-allow-methods
GET, HEAD
x-varnish
2667045198 2659971208
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
x-cache
HIT
content-type
image/svg+xml
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
content-length
386
expires
Fri, 01 Feb 2019 06:15:32 GMT
flag.svg
f.i.uol.com.br/hunting/folha/1/common/icons/
205 B
584 B
Image
General
Full URL
https://f.i.uol.com.br/hunting/folha/1/common/icons/flag.svg
Requested by
Host: static.folha.uol.com.br
URL: https://static.folha.uol.com.br/storybook/css/portal-news-4133b436a6.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2804:49c:3101:405:ffff:ffff:ffff:20 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software
nginx /
Resource Hash
19bdc557340842c66c90953f04cc2f60370ae237353ec0812268b535d60667ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
last-modified
Tue, 07 Mar 2017 20:41:34 GMT
server
nginx
age
121966672
etag
"cd-54a2a099e3b80"
access-control-allow-methods
GET, HEAD
x-varnish
2667045199 2659971209
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
x-cache
HIT
content-type
image/svg+xml
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
content-length
205
expires
Thu, 31 Jan 2019 21:43:42 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
262 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15900&site_id=108004&zone_id=714882&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Dcomptw&tk_flint=pbjs_lite_v4.43.4&x_source.tid=02ae4cd4-9f17-43dd-adf0-7e1cfe8f2bc6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.31106774153245875
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
96606c8a8b58499f142c84f6b2d56ce20095c41b0cd50594ff6dc80c7d369443

Request headers

Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 13:21:15 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www1.folha.uol.com.br
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
262
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/
138 B
825 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
13adb8c3d1794ac1fc460227e6b0ec385477a8faa6bdc410258464c6fcadd705
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 13:21:15 GMT
X-Proxy-Origin
168.119.25.199; 168.119.25.199; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
80c2102c-31e7-4a5c-923c-5a94099c09b3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www1.folha.uol.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/
62 B
92 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edbf5e97b0053&pos=cotidiano_billboard2&cmd=bid&secure=1
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
cac13dc2bb4b603ce92aaff5fcb4d1d6aab5a3357e87bb66d75755d4d8cf6c78

Request headers

Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www1.folha.uol.com.br
access-control-allow-credentials
true
content-length
62
ADTECH;v=2;cmd=bid;cors=yes;alias=1167077f0cb0a08;misc=1639401675710;
adserver-us.adtech.advertising.com/pubapi/3.0/11583.1/5198190/0/0/
0
0

prebid
ib.adnxs.com/ut/v3/
138 B
825 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
6f06be3f09a5e4d5f0c0fb0b9c38c0e7ea5de6d852841ffc576fbbc9896ade12
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 13:21:15 GMT
X-Proxy-Origin
168.119.25.199; 168.119.25.199; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f9260f8d-94b1-47a1-abdb-6cff9d6dcf84
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www1.folha.uol.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ADTECH;v=2;cmd=bid;cors=yes;alias=204641eeb4d629a;misc=1639401675713;
adserver-us.adtech.advertising.com/pubapi/3.0/11583.1/5147073/0/0/
0
0

bidRequest
c2shb.ssp.yahoo.com/
62 B
92 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edbf5e97b0053&pos=cotidiano_billboard1&cmd=bid&secure=1
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
6f9339e8087dbb07d2ef630f740e83a576c4d914ff71f9401bc3798b82d5e17f

Request headers

Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www1.folha.uol.com.br
access-control-allow-credentials
true
content-length
62
fastlane.json
fastlane.rubiconproject.com/a/api/
262 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15900&site_id=108004&zone_id=714882&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Dcomptw&tk_flint=pbjs_lite_v4.43.4&x_source.tid=dfe9ff67-a458-4481-834f-8fd4b4891394&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.48814103703493306
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
fd71b49b9265833c0089f19d4b3b01df7368504636b840abd582a3aca7b22409

Request headers

Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 13:21:15 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www1.folha.uol.com.br
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
262
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.ssp.yahoo.com/
62 B
297 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edbf5e97b0053&pos=cotidiano_halfpage2&cmd=bid&secure=1
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
fb46933a19e891f12ddd91564c8dab071f4e52f0fb7bc1831bb5daa138268fbe

Request headers

Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www1.folha.uol.com.br
access-control-allow-credentials
true
content-length
62
ADTECH;v=2;cmd=bid;cors=yes;alias=29b84809408a0dd;misc=1639401675716;
adserver-us.adtech.advertising.com/pubapi/3.0/11583.1/5198191/0/0/
0
0

fastlane.json
fastlane.rubiconproject.com/a/api/
260 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15900&site_id=108004&zone_id=714882&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Dcomptw&tk_flint=pbjs_lite_v4.43.4&x_source.tid=d9aa3d70-e1a0-45d1-acb8-a258c622a2a7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8554437324661321
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
6aa3bb1654ed0b4d7042dc38187b2cf1bbed6ee16fb3dbb900c1a0c083fa8493

Request headers

Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 13:21:15 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www1.folha.uol.com.br
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/
139 B
826 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
9bad234cd4ed6c1df185cd5d903315fdfd0893795a9650e40be8de4dc9a5a993
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 13:21:15 GMT
X-Proxy-Origin
168.119.25.199; 168.119.25.199; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
cffc04ca-da8e-4a93-a249-1e005d37ee70
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www1.folha.uol.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/
62 B
92 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edbf5e97b0053&pos=cotidiano_halfpage1&cmd=bid&secure=1
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
fe6f2f49871d5a611da36647c78cfb182f2ab3dc3ca042d67f22e8f8938ad239

Request headers

Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www1.folha.uol.com.br
access-control-allow-credentials
true
content-length
62
ADTECH;v=2;cmd=bid;cors=yes;alias=38cbde257563994;misc=1639401675719;
adserver-us.adtech.advertising.com/pubapi/3.0/11583.1/5147074/0/0/
0
0

fastlane.json
fastlane.rubiconproject.com/a/api/
240 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15900&site_id=108004&zone_id=714882&size_id=15&rf=https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Dcomptw&tk_flint=pbjs_lite_v4.43.4&x_source.tid=88b3a252-0f52-41cd-aa0f-2e91429299e8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3857329204486355
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
70dbe5ebcdb8b55d9de74158f2ef7b2772b2a6a0a7143d60d72709020b81f0ac

Request headers

Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 13:21:15 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www1.folha.uol.com.br
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/
137 B
824 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
96fd2ff90b845a85a793105940f32d9deddba89b5f4d79916e727abc98a72455
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 13:21:15 GMT
X-Proxy-Origin
168.119.25.199; 168.119.25.199; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2fd91107-f939-44e5-aa7f-cd6c1929110e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www1.folha.uol.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
137
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www1.folha.uol.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 13:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www1.folha.uol.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 13:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
38 KB
14 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2416324755582873&correlator=4204222532067920&output=ldjh&impl=fifs&eid=31063256&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211213&iu_parts=27954005%2Cfolha%2Ccotidiano&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&prev_scp=campaignuol%3D0%26group%3D5%26keyword%3Dcoronavirus%26pos%3Dnative_relacionadas%26native%3D0&eri=1&cust_params=t%3D3%26swgt%3Dsub_na%26origin%3Dwww1%2520folha%2520uol%2520com%2520br%2520cotidiano%25202021%252012%2520sites%2520do%2520ministerio%2520da%2520saude%2520e%2520do%2520conecte%2520sus%2520saem%2520do%2520ar%2520apos%2520suposto%2520ataque%2520hacker%2520shtml%2520utm%2520source%2520twitter%2520utm%2520medium%2520social%2520utm%2520campaign%2520comptw%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1639401675&dt=1639401675796&dlt=1639401673194&idt=2493&frm=20&biw=1600&bih=1200&oid=2&adxs=1279&adys=1473&adks=3860793594&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Dcomptw&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x27&msz=300x27&ga_vid=1305299269.1639401676&ga_sid=1639401676&ga_hid=589848899&ga_fc=false&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
23e695a008f7090011a9b9ba81c97968fdf955774e41835ab4986d05708f7edf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14357
x-xss-protection
0
google-lineitem-id
5842123665
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138373266169
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www1.folha.uol.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1FAA
6 KB
4 KB
Document
General
Full URL
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 13 Dec 2021 13:21:15 GMT
expires
Tue, 13 Dec 2022 13:21:15 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
st
imprammp.taboola.com/ Frame E153
0
55 B
Document
General
Full URL
https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=6BA07D7679544977981428414634&cicmp=1337627&cijs=1&dast=V7Hb8CFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHGzZhEHYj3my3XI1Gy91uudstNpPVYLTbLSFhFovFaDJbDadgsIXP6e5ugweaTofPda_X_X6PucxvNjrsqr_ZrvG77RLLXw4AAAAADwBELdEQO74N7REAAAAAEjwj1woUARX_FgIXAAAAABgABGLhGgBQHAnytPs8R5fT7Q8AgAcFEAAAAYwQADFlIhEAAACAEQAAAAASAIHEwhIAh7tFEwCAgL5Z-q2UEwAAgIM6madtlv____8YgLz3JhkAirSNG4MegAcfgAchAACAj6HiWpamUVzoDaKCwyJGAAAAAKh3GcdHkzqhsqj6____twK4AgAI6Jul3xrKujkpZg0DAAAAGFugh8XvNzvsGr_bZf__________Zv9nAGhCQQAAaUD49cNqPCPXCmu_gAAAbO8GAPAmABdzAHYAAAAAd_____95AAAABXuUbK_VePYo630GW_ic7u76TdhitJpMNsvhbLmYDIaj4Wi0P4GcDXAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoN8aDqXDqfV6fiwXxczn3twUeHmA3nisVyLlnNFcvlKgEAAAAAAAAALGHKvAkAAADAaRCz2WS3W3HjzZ4JYq1WyxoAAACAWzdy!&excid=22&tst=1&docw=0&cs=false
Requested by
Host: t.co
URL: https://t.co/vavbHZiQMK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/

Response headers

server
nginx
accept-ranges
bytes
date
Mon, 13 Dec 2021 13:21:16 GMT
via
1.1 varnish
x-served-by
cache-fra19120-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1639401676.822949,VS0,VE323
content-length
0
cmTagCUSTOM.js
vidstat.taboola.com/vpaid/units/30_3_6010/infra/
604 KB
112 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f11884de40899d47234c1cf86074c4e1daf2adf2b83ecff07996dba83044fa47

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
via
1.1 varnish
age
1728027
x-amz-meta-mtime
1637665336
x-cache
HIT
x-amz-meta-ctime
1637665337
x-amz-meta-mode
33188
content-encoding
br
content-length
114684
x-amz-id-2
iF3qld1WqoeygCeQpdaFa+EQVmhpaiaohRe/EupfEYSsTvoJINgnm3yf8wLx9uki1i/isL7ddFk=
x-served-by
cache-fra19120-FRA
accept-ranges
bytes
last-modified
Tue, 23 Nov 2021 11:02:18 GMT
server
AmazonS3-br
x-timer
S1639401676.822696,VS0,VE0
etag
"c85616763ae0c5c14b78b36594bb92db"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
ZP8746523R7Q6FF1
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
322331
cmOsUnit.css
vidstat.taboola.com/vpaid/units/30_3_6010/assets/css/
61 KB
8 KB
Stylesheet
General
Full URL
https://vidstat.taboola.com/vpaid/units/30_3_6010/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
e811e414f4376d969d84db459974e258fbea5cb9aaa9fc90049c18946eb2a6e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
via
1.1 varnish
age
1728027
x-amz-meta-mtime
1637665346
x-cache
HIT
x-amz-meta-ctime
1637665346
x-amz-meta-mode
33188
content-encoding
br
content-length
8011
x-amz-id-2
CtITlMy77Lcjw4HBAq3TIQNOXW8jqT4nEWw8ttaNJizEjFaTrESC9kGQgxzCFYhFYpS/2r8UE6w=
x-served-by
cache-fra19120-FRA
accept-ranges
bytes
last-modified
Tue, 23 Nov 2021 11:02:27 GMT
server
AmazonS3-br
x-timer
S1639401676.822820,VS0,VE0
etag
"35d592e602402e62e13fc963c20298fc"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
ZP8F7E6K4KA641TM
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
303890
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: me.jsuol.com.br
URL: https://me.jsuol.com.br/aud/folha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6381
date
Mon, 13 Dec 2021 11:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 13 Dec 2021 13:34:54 GMT
PMS.js
vidstat.taboola.com/PMS/2.2.1/
51 KB
16 KB
Script
General
Full URL
https://vidstat.taboola.com/PMS/2.2.1/PMS.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront), 1.1 varnish
age
1044438
x-amz-meta-mtime
1542789750
x-cache
Hit from cloudfront, HIT
x-amz-meta-mode
33188
content-encoding
gzip
content-length
15795
x-served-by
cache-fra19120-FRA
last-modified
Wed, 21 Nov 2018 08:42:31 GMT
server
AmazonS3
x-timer
S1639401676.891635,VS0,VE0
etag
"57a7ebef371550a9ab54a2f0f82547af"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
hYmlhwUcMuy_jY0bhHen0eQYADyDybzLMR7x7dl3LWMvtY6DtLOx0A==
x-cache-hits
171022
container.html
efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 68C2
6 KB
3 KB
Document
General
Full URL
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 13 Dec 2021 13:21:15 GMT
expires
Tue, 13 Dec 2022 13:21:15 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/6036356/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Server
13.35.253.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-75.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:00:44 GMT
content-encoding
gzip
etag
W/"5b0f9f0704a703b8da651007721fac57"
last-modified
Thu, 04 Mar 2021 13:31:34 GMT
server
AmazonS3
age
1231
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
5VvD8JFBWUqpOTLHHBm5t2SELrGJcY5mS7-eAZKSABvIA_tc_gVp6A==

Redirect headers

date
Mon, 13 Dec 2021 13:21:15 GMT
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-cs/default/beacon.js
content-length
52
x-amz-cf-id
Ns1f1fmz0FmxPiDcYMDR6YT21FnlQ9UMdH-LDtjRMWd7pHp98vbVcA==
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=589848899&t=pageview&_s=1&dl=https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Dcomptw&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Ataque%20hacker%20tira%20do%20ar%20sites%20do%20Minist%C3%A9rio%20da%20Sa%C3%BAde%20e%20do%20Conecte%20SUS%20-%2010%2F12%2F2021%20-%20Cotidiano%20-%20Folha&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6ChACEABBAAAAC~&jid=1515653818&gjid=1131398810&cid=1305299269.1639401676&tid=UA-96904972-1&_gid=1501912263.1639401676&_r=1&_slc=1&cd1=Conteudo&cd2=Folha&cd3=Folha&cd13=cotidiano&cd16=1718743151970908&cd14=cristina%20camargo&cd15=covid-19%2C%20coronavirus%2C%20virus%2C%20ministerio-da-saude&cd12=none&cd11=none&cd9=none&cd10=none&cd8=none&cd4=1305299269.1639401676&cd66=1639401675938.tlkq8o3k&cd85=none&cd87=none&cd88=none&z=1981900130
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:21:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www1.folha.uol.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
video-autoplay-detector.js
vidstat.taboola.com/video-autoplay-detector/1.0.0/
8 KB
2 KB
Script
General
Full URL
https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:15 GMT
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront), 1.1 varnish
age
1258600
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
2210
x-served-by
cache-fra19120-FRA
last-modified
Mon, 10 Jun 2019 11:55:53 GMT
server
AmazonS3
x-timer
S1639401676.993408,VS0,VE0
etag
"2fac39530c1c168282a35d1ab56450ed"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
5puIF1VtGsg5AgLD-YhuubmNu7Q6UPt-NFh936bEWE39Q7_EvHV1Mw==
x-cache-hits
1448441
publicidade.ads.js
static.folha.uol.com.br/paywall/js/1/
21 B
315 B
Script
General
Full URL
https://static.folha.uol.com.br/paywall/js/1/publicidade.ads.js
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
alunosonline.com.br
Software
nginx /
Resource Hash
93905108575b6a3e41fef12487cc0a0798f17025afc145fead2f71eea98515a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:16 GMT
via
CacheUOL
last-modified
Mon, 26 Apr 2021 22:11:22 GMT
server
nginx
age
5327
etag
W/"a776ce-15-5c0e76cfc3680"
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-varnish
2389229 491601
content-encoding
gzip
expires
Tue, 13 Dec 2022 13:21:16 GMT
collect
stats.g.doubleclick.net/j/
4 B
447 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-96904972-1&cid=1305299269.1639401676&jid=1515653818&gjid=1131398810&_gid=1501912263.1639401676&_u=6ChACEAABAAAAC~&z=499833098
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 13 Dec 2021 13:21:16 GMT
content-type
text/plain
access-control-allow-origin
https://www1.folha.uol.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
st
imprammp.taboola.com/ Frame C8D5
742 B
498 B
Document
General
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66518135&crid=6356265&dast=V7DtUCFgNkcd9ksdK9zgRkcd9ksdK9zgUAAAAGBvQHG7bcDGczzogymiyGm9luNxwNV7vRZjVZDWHDlpvhbMYZUUaTxXAz2-12i9VmNdiNNsMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW8ITETT6fC57vW63-8xl_nNRodd9TfbNX63XWL5a_ymp8npsPv9ksFksVdM9pqn6eV5i_xutdPu9JxelqffLXK4NQ_XyeVWuUV-t8Zvd3lML7fm9XlrHi63W-R3KyxvheHveWteh7_n9HcrTA_H6-UWOjxel-WuOZreZjsAAAAAPACA9adA_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKDQ-aQBAcSTI0-7zHF1Otz8AAB4UQAAABDBIAA56P0sAWjI7TwAAAAAAAAAAWP7___9jBuz572QG-ldSegAefAAeiApWixgBAAAAoN5lHB9N6oTKogoAgCDdCuAKACCgb5Z-KyAMAACAQExNsy7m113rcGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJBQEApAHh1w-r_QICAKz9AgIAsKkbAMCbAFzINaDpdPhc93rRXeP3i46gFYPB6hRis1wMFoPlcjk7AAAAgLv___9_PDXNuphfd61DPRAcjZbLzWZlsnk8LuNqt3I4Rg7PbDMcbDwm52i4PXiQkMgIY5vhvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTyNkAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhbmMxLUaj1VpiG3ncosXC5ZaYRs61bjcymRau4XAwMqxFr4_pODFsXKaFFQ_m43LuaxcuCgYQ7kVwkU5kfrPRYXJ5Dg_X2e-W-c1Gh8nlOTxcZ79FLNGcLNKJ7LIvjkbL5WazMtk8HpdxtVs5HCOHZ7YZDjYek3M03Pc2FtNiNFqtJbaRxy1aLFxuiWnkXOt2I5Np4RoOByPDWvT6mI4Tw8ZlWvgbs81yNFjMdqN9Y7ZZjgaL2W607_D4jr7tzuqR-cTDtF8xMx8ULoPF-5OYFtPu7OA5-45OndSkLOqMwp_36DUoPAeP6SB8WU6rm3U6m-i8B4MilghOF-lE9DKeLmKJ5GmRThSrhWFjsm0Wi5FzZFu4DMPJyDfaLCwWk2232S0mYonSdJFO9Bq_6WlyOux-v2QwWewVk73maXp53iK_W-20Oz2nl-Xpd4scbs3DdXK5VW6R363x210e08uteX3emofL7Rb53QrLW2H4e96a1-HvOf3dCtPD8Xq5hQ6P12W5a46mt9mi_qNDzIZzxWI5l6zmiuVylQAAAAAAAAAAljBn3gQAAADgNKjBbrJcLRegIkdUFxgEAAAAAABgNxwuaRPGF_K1uPHjDfObjQ6Ty3N4uM5-t8xvNjpMLs_h4Tr7rQxQgbPHvNkzQazValkDAAAIYAMAAARw6-YtILySAw!&cmcv=&pix=undefined&cb=1639401676020&uv=101685172&tms=1639401676020&abt=adh5c-1_vA!ecp_vC!eidc_vB!iiqd_vA!iiqd_vB!pl102079-002_vC!scec9_vB!spa2_vA!t45!ufm_vE!ul101685-172_vA&ru=https://t.co/&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=69386F3D2421836778485743525&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/

Response headers

server
nginx
content-type
text/html;charset=ISO-8859-1
content-encoding
gzip
accept-ranges
bytes
date
Mon, 13 Dec 2021 13:21:16 GMT
via
1.1 varnish
x-served-by
cache-fra19120-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1639401676.025804,VS0,VE18
vary
Accept-Encoding
sync
am-match.taboola.com/ Frame 8A2F
742 B
827 B
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V7DtUCFgNkcd9ksdK9zgRkcd9ksdK9zgUAAAAGBvQHG7bcDGczzogymiyGm9luNxwNV7vRZjVZDWHDlpvhbMYZUUaTxXAz2-12i9VmNdiNNsMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW8ITETT6fC57vW63-8xl_nNRodd9TfbNX63XWL5a_ymp8npsPv9ksFksVdM9pqn6eV5i_xutdPu9JxelqffLXK4NQ_XyeVWuUV-t8Zvd3lML7fm9XlrHi63W-R3KyxvheHveWteh7_n9HcrTA_H6-UWOjxel-WuOZreZjsAAAAAPACA9adA_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKDQ-aQBAcSTI0-7zHF1Otz8AAB4UQAAABDBIAA56P0sAWjI7TwAAAAAAAAAAWP7___9jBuz572QG-ldSegAefAAeiApWixgBAAAAoN5lHB9N6oTKogoAgCDdCuAKACCgb5Z-KyAMAACAQExNsy7m113rcGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJBQEApAHh1w-r_QICAKz9AgIAsKkbAMCbAFzINaDpdPhc93rRXeP3i46gFYPB6hRis1wMFoPlcjk7AAAAgLv___9_PDXNuphfd61DPRAcjZbLzWZlsnk8LuNqt3I4Rg7PbDMcbDwm52i4PXiQkMgIY5vhvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTyNkAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhbmMxLUaj1VpiG3ncosXC5ZaYRs61bjcymRau4XAwMqxFr4_pODFsXKaFFQ_m43LuaxcuCgYQ7kVwkU5kfrPRYXJ5Dg_X2e-W-c1Gh8nlOTxcZ79FLNGcLNKJ7LIvjkbL5WazMtk8HpdxtVs5HCOHZ7YZDjYek3M03Pc2FtNiNFqtJbaRxy1aLFxuiWnkXOt2I5Np4RoOByPDWvT6mI4Tw8ZlWvgbs81yNFjMdqN9Y7ZZjgaL2W607_D4jr7tzuqR-cTDtF8xMx8ULoPF-5OYFtPu7OA5-45OndSkLOqMwp_36DUoPAeP6SB8WU6rm3U6m-i8B4MilghOF-lE9DKeLmKJ5GmRThSrhWFjsm0Wi5FzZFu4DMPJyDfaLCwWk2232S0mYonSdJFO9Bq_6WlyOux-v2QwWewVk73maXp53iK_W-20Oz2nl-Xpd4scbs3DdXK5VW6R363x210e08uteX3emofL7Rb53QrLW2H4e96a1-HvOf3dCtPD8Xq5hQ6P12W5a46mt9mi_qNDzIZzxWI5l6zmiuVylQAAAAAAAAAAljBn3gQAAADgNKjBbrJcLRegIkdUFxgEAAAAAABgNxwuaRPGF_K1uPHjDfObjQ6Ty3N4uM5-t8xvNjpMLs_h4Tr7rQxQgbPHvNkzQazValkDAAAIYAMAAARw6-YtILySAw!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.4/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/

Response headers

server
nginx
date
Mon, 13 Dec 2021 13:21:16 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3403
st
am-vid-events.taboola.com/
0
43 B
Image
General
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66518135&crid=6356265&dast=V7DtUCFgNkcd9ksdK9zgRkcd9ksdK9zgUAAAAGBvQHG7bcDGczzogymiyGm9luNxwNV7vRZjVZDWHDlpvhbMYZUUaTxXAz2-12i9VmNdiNNsMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW8ITETT6fC57vW63-8xl_nNRodd9TfbNX63XWL5a_ymp8npsPv9ksFksVdM9pqn6eV5i_xutdPu9JxelqffLXK4NQ_XyeVWuUV-t8Zvd3lML7fm9XlrHi63W-R3KyxvheHveWteh7_n9HcrTA_H6-UWOjxel-WuOZreZjsAAAAAPACA9adA_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKDQ-aQBAcSTI0-7zHF1Otz8AAB4UQAAABDBIAA56P0sAWjI7TwAAAAAAAAAAWP7___9jBuz572QG-ldSegAefAAeiApWixgBAAAAoN5lHB9N6oTKogoAgCDdCuAKACCgb5Z-KyAMAACAQExNsy7m113rcGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJBQEApAHh1w-r_QICAKz9AgIAsKkbAMCbAFzINaDpdPhc93rRXeP3i46gFYPB6hRis1wMFoPlcjk7AAAAgLv___9_PDXNuphfd61DPRAcjZbLzWZlsnk8LuNqt3I4Rg7PbDMcbDwm52i4PXiQkMgIY5vhvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTyNkAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhbmMxLUaj1VpiG3ncosXC5ZaYRs61bjcymRau4XAwMqxFr4_pODFsXKaFFQ_m43LuaxcuCgYQ7kVwkU5kfrPRYXJ5Dg_X2e-W-c1Gh8nlOTxcZ79FLNGcLNKJ7LIvjkbL5WazMtk8HpdxtVs5HCOHZ7YZDjYek3M03Pc2FtNiNFqtJbaRxy1aLFxuiWnkXOt2I5Np4RoOByPDWvT6mI4Tw8ZlWvgbs81yNFjMdqN9Y7ZZjgaL2W607_D4jr7tzuqR-cTDtF8xMx8ULoPF-5OYFtPu7OA5-45OndSkLOqMwp_36DUoPAeP6SB8WU6rm3U6m-i8B4MilghOF-lE9DKeLmKJ5GmRThSrhWFjsm0Wi5FzZFu4DMPJyDfaLCwWk2232S0mYonSdJFO9Bq_6WlyOux-v2QwWewVk73maXp53iK_W-20Oz2nl-Xpd4scbs3DdXK5VW6R363x210e08uteX3emofL7Rb53QrLW2H4e96a1-HvOf3dCtPD8Xq5hQ6P12W5a46mt9mi_qNDzIZzxWI5l6zmiuVylQAAAAAAAAAAljBn3gQAAADgNKjBbrJcLRegIkdUFxgEAAAAAABgNxwuaRPGF_K1uPHjDfObjQ6Ty3N4uM5-t8xvNjpMLs_h4Tr7rQxQgbPHvNkzQazValkDAAAIYAMAAARw6-YtILySAw!&cmcv=&pix=31589837&cb=1639401676020&uv=101685172&tms=1639401676020&abt=adh5c-1_vA!ecp_vC!eidc_vB!iiqd_vA!iiqd_vB!pl102079-002_vC!scec9_vB!spa2_vA!t45!ufm_vE!ul101685-172_vA&ru=https://t.co/&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1639401672167.5!ts:1639401676020&mntl=1
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:16 GMT
content-length
0
server
nginx
wfab3cziarj38ir2xhww.mp4
c3.taboola.com/libtrc/static/video/v1630957451/
140 KB
141 KB
Media
General
Full URL
https://c3.taboola.com/libtrc/static/video/v1630957451/wfab3cziarj38ir2xhww.mp4
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1928dc2b2ee127bbc7cbd955ec925315d8fbf150e1db4bea35263b0bb0afc98d

Request headers

Referer
https://www1.folha.uol.com.br/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
64Onu629rmuV.GHcLbrEFgJCVWQNJ4.F
via
1.1 varnish
etag
"5ccee7454c6fb2cfc9217b5bf6b7dd6e"
age
0
x-cache
HIT
Content-Range
bytes 0-143553/143554
x-amz-replication-status
COMPLETED
Content-Length
143554
x-amz-id-2
dHih6vNPozL3Ae5ehcLOE5pse5xTMd3IgLDsVcR0S3SIPWupnNTYUY5bFNIut0UqQzX8/5jX3hU=
x-served-by
cache-fra19120-FRA
last-modified
Mon, 06 Sep 2021 19:44:16 GMT
server
AmazonS3
x-timer
S1639401676.036501,VS0,VE1
date
Mon, 13 Dec 2021 13:21:16 GMT
x-amz-request-id
8ZZ031XSHWN0XS9W
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
78
x-cache-hits
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 68C2
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
URL: https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 11:17:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7441
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 13 Dec 2022 11:17:15 GMT
app.min.css
estudio.folha.uol.com.br/ads/css/ Frame 68C2
346 KB
53 KB
Stylesheet
General
Full URL
https://estudio.folha.uol.com.br/ads/css/app.min.css
Requested by
Host: efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
URL: https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2804:49c:319:430::339 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software
nginx /
Resource Hash
9bf1b2c2494272121524a6c7d3f3b94c1e10783ca0535cf65255209d64f88b4d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:16 GMT
content-encoding
gzip
age
4
x-cache-status
BYPASS
x-cache
HIT
content-length
53441
last-modified
Fri, 02 Oct 2020 16:06:35 GMT
server
nginx
etag
"56991-5b0b2511bd8c0"
vary
Accept-Encoding
x-varnish
209157244 235277973
via
CacheUOL
x-cache-ssi
/ads/css/app.min.css
x-server
2
accept-ranges
bytes
content-type
text/css
10847698353611643597
tpc.googlesyndication.com/simgad/ Frame 68C2
14 KB
14 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/10847698353611643597?
Requested by
Host: efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
URL: https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d10c2f0d9e8bcbb8443e0a854e165c1064b205fa2b8a135c50e34f81944a202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 09 Dec 2021 03:39:22 GMT
x-content-type-options
nosniff
age
380514
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14221
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 14:43:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 09 Dec 2022 03:39:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 68C2
119 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
URL: https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 13 Dec 2021 13:21:16 GMT
b
sb.scorecardresearch.com/
0
335 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&cs_it=b2&cv=3.8.0.210223&ns__t=1639401676041&ns_c=UTF-8&c7=https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Dcomptw&c8=Ataque%20hacker%20tira%20do%20ar%20sites%20do%20Minist%C3%A9rio%20da%20Sa%C3%BAde%20e%20do%20Conecte%20SUS%20-%2010%2F12%2F2021%20-%20Cotidiano%20-%20Folha&c9=https%3A%2F%2Ft.co%2F
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-75.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:16 GMT
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
nVeK1UfviMjB-pHbkcWlB000GVqYdADMaz1S2C8XSuZ5sc6_pn-R7A==
x-cache
Miss from cloudfront
fc66e704-c78b-4a48-8294-8581a0dedf49
https://www1.folha.uol.com.br/
1 KB
0
Media
General
Full URL
blob:https://www1.folha.uol.com.br/fc66e704-c78b-4a48-8294-8581a0dedf49
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
b881064d-2e85-4054-9ceb-f69216c8023b
https://www1.folha.uol.com.br/
1 KB
0
Media
General
Full URL
blob:https://www1.folha.uol.com.br/b881064d-2e85-4054-9ceb-f69216c8023b
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-96904972-1&cid=1305299269.1639401676&jid=1515653818&_u=6ChACEAABAAAAC~&z=743323365
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:21:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-96904972-1&cid=1305299269.1639401676&jid=1515653818&_u=6ChACEAABAAAAC~&z=743323365
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:21:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
taboola-supply-partners.tremorhub.com/ Frame 8A2F
43 B
182 B
Image
General
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7DtUCFgNkcd9ksdK9zgRkcd9ksdK9zgUAAAAGBvQHG7bcDGczzogymiyGm9luNxwNV7vRZjVZDWHDlpvhbMYZUUaTxXAz2-12i9VmNdiNNsMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW8ITETT6fC57vW63-8xl_nNRodd9TfbNX63XWL5a_ymp8npsPv9ksFksVdM9pqn6eV5i_xutdPu9JxelqffLXK4NQ_XyeVWuUV-t8Zvd3lML7fm9XlrHi63W-R3KyxvheHveWteh7_n9HcrTA_H6-UWOjxel-WuOZreZjsAAAAAPACA9adA_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKDQ-aQBAcSTI0-7zHF1Otz8AAB4UQAAABDBIAA56P0sAWjI7TwAAAAAAAAAAWP7___9jBuz572QG-ldSegAefAAeiApWixgBAAAAoN5lHB9N6oTKogoAgCDdCuAKACCgb5Z-KyAMAACAQExNsy7m113rcGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJBQEApAHh1w-r_QICAKz9AgIAsKkbAMCbAFzINaDpdPhc93rRXeP3i46gFYPB6hRis1wMFoPlcjk7AAAAgLv___9_PDXNuphfd61DPRAcjZbLzWZlsnk8LuNqt3I4Rg7PbDMcbDwm52i4PXiQkMgIY5vhvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTyNkAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhbmMxLUaj1VpiG3ncosXC5ZaYRs61bjcymRau4XAwMqxFr4_pODFsXKaFFQ_m43LuaxcuCgYQ7kVwkU5kfrPRYXJ5Dg_X2e-W-c1Gh8nlOTxcZ79FLNGcLNKJ7LIvjkbL5WazMtk8HpdxtVs5HCOHZ7YZDjYek3M03Pc2FtNiNFqtJbaRxy1aLFxuiWnkXOt2I5Np4RoOByPDWvT6mI4Tw8ZlWvgbs81yNFjMdqN9Y7ZZjgaL2W607_D4jr7tzuqR-cTDtF8xMx8ULoPF-5OYFtPu7OA5-45OndSkLOqMwp_36DUoPAeP6SB8WU6rm3U6m-i8B4MilghOF-lE9DKeLmKJ5GmRThSrhWFjsm0Wi5FzZFu4DMPJyDfaLCwWk2232S0mYonSdJFO9Bq_6WlyOux-v2QwWewVk73maXp53iK_W-20Oz2nl-Xpd4scbs3DdXK5VW6R363x210e08uteX3emofL7Rb53QrLW2H4e96a1-HvOf3dCtPD8Xq5hQ6P12W5a46mt9mi_qNDzIZzxWI5l6zmiuVylQAAAAAAAAAAljBn3gQAAADgNKjBbrJcLRegIkdUFxgEAAAAAABgNxwuaRPGF_K1uPHjDfObjQ6Ty3N4uM5-t8xvNjpMLs_h4Tr7rQxQgbPHvNkzQazValkDAAAIYAMAAARw6-YtILySAw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:3ca:5412:4ba5:20da Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:16 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 8A2F
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7DtUCFgNkcd9ksdK9zgRkcd9ksdK9zgUAAAAGBvQHG7bcDGczzogymiyGm9luNxwNV7vRZjVZDWHDlpvhbMYZUUaTxXAz2-12i9VmNdiNNsMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW8ITETT6fC57vW63-8xl_nNRodd9TfbNX63XWL5a_ymp8npsPv9ksFksVdM9pqn6eV5i_xutdPu9JxelqffLXK4NQ_XyeVWuUV-t8Zvd3lML7fm9XlrHi63W-R3KyxvheHveWteh7_n9HcrTA_H6-UWOjxel-WuOZreZjsAAAAAPACA9adA_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKDQ-aQBAcSTI0-7zHF1Otz8AAB4UQAAABDBIAA56P0sAWjI7TwAAAAAAAAAAWP7___9jBuz572QG-ldSegAefAAeiApWixgBAAAAoN5lHB9N6oTKogoAgCDdCuAKACCgb5Z-KyAMAACAQExNsy7m113rcGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJBQEApAHh1w-r_QICAKz9AgIAsKkbAMCbAFzINaDpdPhc93rRXeP3i46gFYPB6hRis1wMFoPlcjk7AAAAgLv___9_PDXNuphfd61DPRAcjZbLzWZlsnk8LuNqt3I4Rg7PbDMcbDwm52i4PXiQkMgIY5vhvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTyNkAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhbmMxLUaj1VpiG3ncosXC5ZaYRs61bjcymRau4XAwMqxFr4_pODFsXKaFFQ_m43LuaxcuCgYQ7kVwkU5kfrPRYXJ5Dg_X2e-W-c1Gh8nlOTxcZ79FLNGcLNKJ7LIvjkbL5WazMtk8HpdxtVs5HCOHZ7YZDjYek3M03Pc2FtNiNFqtJbaRxy1aLFxuiWnkXOt2I5Np4RoOByPDWvT6mI4Tw8ZlWvgbs81yNFjMdqN9Y7ZZjgaL2W607_D4jr7tzuqR-cTDtF8xMx8ULoPF-5OYFtPu7OA5-45OndSkLOqMwp_36DUoPAeP6SB8WU6rm3U6m-i8B4MilghOF-lE9DKeLmKJ5GmRThSrhWFjsm0Wi5FzZFu4DMPJyDfaLCwWk2232S0mYonSdJFO9Bq_6WlyOux-v2QwWewVk73maXp53iK_W-20Oz2nl-Xpd4scbs3DdXK5VW6R363x210e08uteX3emofL7Rb53QrLW2H4e96a1-HvOf3dCtPD8Xq5hQ6P12W5a46mt9mi_qNDzIZzxWI5l6zmiuVylQAAAAAAAAAAljBn3gQAAADgNKjBbrJcLRegIkdUFxgEAAAAAABgNxwuaRPGF_K1uPHjDfObjQ6Ty3N4uM5-t8xvNjpMLs_h4Tr7rQxQgbPHvNkzQazValkDAAAIYAMAAARw6-YtILySAw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:21:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 8A2F
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=8d036f86-5c17-11ec-99b0-1093d7b30206&orig=video&us_privacy=1---gdpr=1&
0
229 B
Script
General
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=8d036f86-5c17-11ec-99b0-1093d7b30206&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7DtUCFgNkcd9ksdK9zgRkcd9ksdK9zgUAAAAGBvQHG7bcDGczzogymiyGm9luNxwNV7vRZjVZDWHDlpvhbMYZUUaTxXAz2-12i9VmNdiNNsMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW8ITETT6fC57vW63-8xl_nNRodd9TfbNX63XWL5a_ymp8npsPv9ksFksVdM9pqn6eV5i_xutdPu9JxelqffLXK4NQ_XyeVWuUV-t8Zvd3lML7fm9XlrHi63W-R3KyxvheHveWteh7_n9HcrTA_H6-UWOjxel-WuOZreZjsAAAAAPACA9adA_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKDQ-aQBAcSTI0-7zHF1Otz8AAB4UQAAABDBIAA56P0sAWjI7TwAAAAAAAAAAWP7___9jBuz572QG-ldSegAefAAeiApWixgBAAAAoN5lHB9N6oTKogoAgCDdCuAKACCgb5Z-KyAMAACAQExNsy7m113rcGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJBQEApAHh1w-r_QICAKz9AgIAsKkbAMCbAFzINaDpdPhc93rRXeP3i46gFYPB6hRis1wMFoPlcjk7AAAAgLv___9_PDXNuphfd61DPRAcjZbLzWZlsnk8LuNqt3I4Rg7PbDMcbDwm52i4PXiQkMgIY5vhvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTyNkAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhbmMxLUaj1VpiG3ncosXC5ZaYRs61bjcymRau4XAwMqxFr4_pODFsXKaFFQ_m43LuaxcuCgYQ7kVwkU5kfrPRYXJ5Dg_X2e-W-c1Gh8nlOTxcZ79FLNGcLNKJ7LIvjkbL5WazMtk8HpdxtVs5HCOHZ7YZDjYek3M03Pc2FtNiNFqtJbaRxy1aLFxuiWnkXOt2I5Np4RoOByPDWvT6mI4Tw8ZlWvgbs81yNFjMdqN9Y7ZZjgaL2W607_D4jr7tzuqR-cTDtF8xMx8ULoPF-5OYFtPu7OA5-45OndSkLOqMwp_36DUoPAeP6SB8WU6rm3U6m-i8B4MilghOF-lE9DKeLmKJ5GmRThSrhWFjsm0Wi5FzZFu4DMPJyDfaLCwWk2232S0mYonSdJFO9Bq_6WlyOux-v2QwWewVk73maXp53iK_W-20Oz2nl-Xpd4scbs3DdXK5VW6R363x210e08uteX3emofL7Rb53QrLW2H4e96a1-HvOf3dCtPD8Xq5hQ6P12W5a46mt9mi_qNDzIZzxWI5l6zmiuVylQAAAAAAAAAAljBn3gQAAADgNKjBbrJcLRegIkdUFxgEAAAAAABgNxwuaRPGF_K1uPHjDfObjQ6Ty3N4uM5-t8xvNjpMLs_h4Tr7rQxQgbPHvNkzQazValkDAAAIYAMAAARw6-YtILySAw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:16 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
10578

Redirect headers

Date
Mon, 13 Dec 2021 13:21:16 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=8d036f86-5c17-11ec-99b0-1093d7b30206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
66
Connection
keep-alive
Content-Length
0
generic
match.adsrvr.org/track/cmf/ Frame C8D5
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66518135&crid=6356265&dast=V7DtUCFgNkcd9ksdK9zgRkcd9ksdK9zgUAAAAGBvQHG7bcDGczzogymiyGm9luNxwNV7vRZjVZDWHDlpvhbMYZUUaTxXAz2-12i9VmNdiNNsMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW8ITETT6fC57vW63-8xl_nNRodd9TfbNX63XWL5a_ymp8npsPv9ksFksVdM9pqn6eV5i_xutdPu9JxelqffLXK4NQ_XyeVWuUV-t8Zvd3lML7fm9XlrHi63W-R3KyxvheHveWteh7_n9HcrTA_H6-UWOjxel-WuOZreZjsAAAAAPACA9adA_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKDQ-aQBAcSTI0-7zHF1Otz8AAB4UQAAABDBIAA56P0sAWjI7TwAAAAAAAAAAWP7___9jBuz572QG-ldSegAefAAeiApWixgBAAAAoN5lHB9N6oTKogoAgCDdCuAKACCgb5Z-KyAMAACAQExNsy7m113rcGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJBQEApAHh1w-r_QICAKz9AgIAsKkbAMCbAFzINaDpdPhc93rRXeP3i46gFYPB6hRis1wMFoPlcjk7AAAAgLv___9_PDXNuphfd61DPRAcjZbLzWZlsnk8LuNqt3I4Rg7PbDMcbDwm52i4PXiQkMgIY5vhvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTyNkAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhbmMxLUaj1VpiG3ncosXC5ZaYRs61bjcymRau4XAwMqxFr4_pODFsXKaFFQ_m43LuaxcuCgYQ7kVwkU5kfrPRYXJ5Dg_X2e-W-c1Gh8nlOTxcZ79FLNGcLNKJ7LIvjkbL5WazMtk8HpdxtVs5HCOHZ7YZDjYek3M03Pc2FtNiNFqtJbaRxy1aLFxuiWnkXOt2I5Np4RoOByPDWvT6mI4Tw8ZlWvgbs81yNFjMdqN9Y7ZZjgaL2W607_D4jr7tzuqR-cTDtF8xMx8ULoPF-5OYFtPu7OA5-45OndSkLOqMwp_36DUoPAeP6SB8WU6rm3U6m-i8B4MilghOF-lE9DKeLmKJ5GmRThSrhWFjsm0Wi5FzZFu4DMPJyDfaLCwWk2232S0mYonSdJFO9Bq_6WlyOux-v2QwWewVk73maXp53iK_W-20Oz2nl-Xpd4scbs3DdXK5VW6R363x210e08uteX3emofL7Rb53QrLW2H4e96a1-HvOf3dCtPD8Xq5hQ6P12W5a46mt9mi_qNDzIZzxWI5l6zmiuVylQAAAAAAAAAAljBn3gQAAADgNKjBbrJcLRegIkdUFxgEAAAAAABgNxwuaRPGF_K1uPHjDfObjQ6Ty3N4uM5-t8xvNjpMLs_h4Tr7rQxQgbPHvNkzQazValkDAAAIYAMAAARw6-YtILySAw!&cmcv=&pix=undefined&cb=1639401676020&uv=101685172&tms=1639401676020&abt=adh5c-1_vA!ecp_vC!eidc_vB!iiqd_vA!iiqd_vB!pl102079-002_vC!scec9_vB!spa2_vA!t45!ufm_vE!ul101685-172_vA&ru=https://t.co/&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=69386F3D2421836778485743525&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:21:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame C8D5
43 B
183 B
Image
General
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66518135&crid=6356265&dast=V7DtUCFgNkcd9ksdK9zgRkcd9ksdK9zgUAAAAGBvQHG7bcDGczzogymiyGm9luNxwNV7vRZjVZDWHDlpvhbMYZUUaTxXAz2-12i9VmNdiNNsMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW8ITETT6fC57vW63-8xl_nNRodd9TfbNX63XWL5a_ymp8npsPv9ksFksVdM9pqn6eV5i_xutdPu9JxelqffLXK4NQ_XyeVWuUV-t8Zvd3lML7fm9XlrHi63W-R3KyxvheHveWteh7_n9HcrTA_H6-UWOjxel-WuOZreZjsAAAAAPACA9adA_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKDQ-aQBAcSTI0-7zHF1Otz8AAB4UQAAABDBIAA56P0sAWjI7TwAAAAAAAAAAWP7___9jBuz572QG-ldSegAefAAeiApWixgBAAAAoN5lHB9N6oTKogoAgCDdCuAKACCgb5Z-KyAMAACAQExNsy7m113rcGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJBQEApAHh1w-r_QICAKz9AgIAsKkbAMCbAFzINaDpdPhc93rRXeP3i46gFYPB6hRis1wMFoPlcjk7AAAAgLv___9_PDXNuphfd61DPRAcjZbLzWZlsnk8LuNqt3I4Rg7PbDMcbDwm52i4PXiQkMgIY5vhvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTyNkAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhbmMxLUaj1VpiG3ncosXC5ZaYRs61bjcymRau4XAwMqxFr4_pODFsXKaFFQ_m43LuaxcuCgYQ7kVwkU5kfrPRYXJ5Dg_X2e-W-c1Gh8nlOTxcZ79FLNGcLNKJ7LIvjkbL5WazMtk8HpdxtVs5HCOHZ7YZDjYek3M03Pc2FtNiNFqtJbaRxy1aLFxuiWnkXOt2I5Np4RoOByPDWvT6mI4Tw8ZlWvgbs81yNFjMdqN9Y7ZZjgaL2W607_D4jr7tzuqR-cTDtF8xMx8ULoPF-5OYFtPu7OA5-45OndSkLOqMwp_36DUoPAeP6SB8WU6rm3U6m-i8B4MilghOF-lE9DKeLmKJ5GmRThSrhWFjsm0Wi5FzZFu4DMPJyDfaLCwWk2232S0mYonSdJFO9Bq_6WlyOux-v2QwWewVk73maXp53iK_W-20Oz2nl-Xpd4scbs3DdXK5VW6R363x210e08uteX3emofL7Rb53QrLW2H4e96a1-HvOf3dCtPD8Xq5hQ6P12W5a46mt9mi_qNDzIZzxWI5l6zmiuVylQAAAAAAAAAAljBn3gQAAADgNKjBbrJcLRegIkdUFxgEAAAAAABgNxwuaRPGF_K1uPHjDfObjQ6Ty3N4uM5-t8xvNjpMLs_h4Tr7rQxQgbPHvNkzQazValkDAAAIYAMAAARw6-YtILySAw!&cmcv=&pix=undefined&cb=1639401676020&uv=101685172&tms=1639401676020&abt=adh5c-1_vA!ecp_vC!eidc_vB!iiqd_vA!iiqd_vB!pl102079-002_vC!scec9_vB!spa2_vA!t45!ufm_vE!ul101685-172_vA&ru=https://t.co/&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=69386F3D2421836778485743525&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:3ca:5412:4ba5:20da Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:16 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame C8D5
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=8d036f86-5c17-11ec-99b0-1093d7b30206&orig=video&us_privacy=1---gdpr=1&
0
229 B
Script
General
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=8d036f86-5c17-11ec-99b0-1093d7b30206&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66518135&crid=6356265&dast=V7DtUCFgNkcd9ksdK9zgRkcd9ksdK9zgUAAAAGBvQHG7bcDGczzogymiyGm9luNxwNV7vRZjVZDWHDlpvhbMYZUUaTxXAz2-12i9VmNdiNNsMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW8ITETT6fC57vW63-8xl_nNRodd9TfbNX63XWL5a_ymp8npsPv9ksFksVdM9pqn6eV5i_xutdPu9JxelqffLXK4NQ_XyeVWuUV-t8Zvd3lML7fm9XlrHi63W-R3KyxvheHveWteh7_n9HcrTA_H6-UWOjxel-WuOZreZjsAAAAAPACA9adA_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKDQ-aQBAcSTI0-7zHF1Otz8AAB4UQAAABDBIAA56P0sAWjI7TwAAAAAAAAAAWP7___9jBuz572QG-ldSegAefAAeiApWixgBAAAAoN5lHB9N6oTKogoAgCDdCuAKACCgb5Z-KyAMAACAQExNsy7m113rcGyBHha_3-ywa_xulwEAAAAAAAAAmP2f_aMJBQEApAHh1w-r_QICAKz9AgIAsKkbAMCbAFzINaDpdPhc93rRXeP3i46gFYPB6hRis1wMFoPlcjk7AAAAgLv___9_PDXNuphfd61DPRAcjZbLzWZlsnk8LuNqt3I4Rg7PbDMcbDwm52i4PXiQkMgIY5vhvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTyNkAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhbmMxLUaj1VpiG3ncosXC5ZaYRs61bjcymRau4XAwMqxFr4_pODFsXKaFFQ_m43LuaxcuCgYQ7kVwkU5kfrPRYXJ5Dg_X2e-W-c1Gh8nlOTxcZ79FLNGcLNKJ7LIvjkbL5WazMtk8HpdxtVs5HCOHZ7YZDjYek3M03Pc2FtNiNFqtJbaRxy1aLFxuiWnkXOt2I5Np4RoOByPDWvT6mI4Tw8ZlWvgbs81yNFjMdqN9Y7ZZjgaL2W607_D4jr7tzuqR-cTDtF8xMx8ULoPF-5OYFtPu7OA5-45OndSkLOqMwp_36DUoPAeP6SB8WU6rm3U6m-i8B4MilghOF-lE9DKeLmKJ5GmRThSrhWFjsm0Wi5FzZFu4DMPJyDfaLCwWk2232S0mYonSdJFO9Bq_6WlyOux-v2QwWewVk73maXp53iK_W-20Oz2nl-Xpd4scbs3DdXK5VW6R363x210e08uteX3emofL7Rb53QrLW2H4e96a1-HvOf3dCtPD8Xq5hQ6P12W5a46mt9mi_qNDzIZzxWI5l6zmiuVylQAAAAAAAAAAljBn3gQAAADgNKjBbrJcLRegIkdUFxgEAAAAAABgNxwuaRPGF_K1uPHjDfObjQ6Ty3N4uM5-t8xvNjpMLs_h4Tr7rQxQgbPHvNkzQazValkDAAAIYAMAAARw6-YtILySAw!&cmcv=&pix=undefined&cb=1639401676020&uv=101685172&tms=1639401676020&abt=adh5c-1_vA!ecp_vC!eidc_vB!iiqd_vA!iiqd_vB!pl102079-002_vC!scec9_vB!spa2_vA!t45!ufm_vE!ul101685-172_vA&ru=https://t.co/&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=69386F3D2421836778485743525&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:16 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
10578

Redirect headers

Date
Mon, 13 Dec 2021 13:21:16 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=8d036f86-5c17-11ec-99b0-1093d7b30206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
63
Connection
keep-alive
Content-Length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 68C2
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIC6qDnxRGoqmtV5xAGbAvTl0L2QTtDzDco_G8aGTMH71_f3V9jSMeXslQtwKKx5sqv1sMDicoKf9gifwHcc8u41KCLYduM87t2-9CeliyTY8fyaUsT0WR_X1fK1qkTSGjyhKKt0xmvs2Em0Zji316rsvV_XtYr4AOHW4hOH19erBqnq8LrWS5EkRdbWtSezIS1yjWlFEDoqNEokVy67AVfqrB12hRCDKws_TRbXRQ-IEOtsyKRdJkFyNvhMcdjg-Wv1AYmWJs69nxm0-t565IIBIJNAhDKcDWwq3Poy1bhUqGt02aC8cafzJ6oOn6pi98TduE&sai=AMfl-YT5aEJyJqsTikwoUNvP1gFVJZacPIyVFaWh6rfxpikiLw8m_4fGlJNQ57_44eWc7fGTnX8D5GDZVLKBxvQJg7ZSaicCmpktx97qbvE9GxmvRl7SciL7N36S9wPHl0c8&sig=Cg0ArKJSzNxLLb91cw5gEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
URL: https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 13:21:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 13 Dec 2021 13:21:16 GMT
bidRequest
c2shb.ssp.yahoo.com/
62 B
92 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edbf5e97b0053&pos=cotidiano_retangulo2&cmd=bid&secure=1
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
da347fabb14e2490788cbcd14ea24dcaed86736124fa2ddfa5451291e49e663c

Request headers

Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 13 Dec 2021 13:21:16 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www1.folha.uol.com.br
access-control-allow-credentials
true
content-length
62
prebid
ib.adnxs.com/ut/v3/
139 B
826 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
aad65e7b2efb171d16e1120f07bc5ee7a9209d0d886dd67cb5adec5183b1dcad
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 13:21:16 GMT
X-Proxy-Origin
168.119.25.199; 168.119.25.199; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
3c1e90a2-4e8f-463f-a56b-ec88c3c74b17
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www1.folha.uol.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
240 B
702 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15900&site_id=108004&zone_id=714882&size_id=15&rf=https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Dcomptw&tk_flint=pbjs_lite_v4.43.4&x_source.tid=c78a5dda-f708-42d4-9af9-0ff845608213&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.23226075997900675
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
05014e9ba9ecf14d040f591869688725c5d1c114366aff20d966133612c5298b

Request headers

Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 13:21:16 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www1.folha.uol.com.br
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
ADTECH;v=2;cmd=bid;cors=yes;alias=5543533419988e7;misc=1639401676134;
adserver-us.adtech.advertising.com/pubapi/3.0/11583.1/5198192/0/0/
0
0

integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www1.folha.uol.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 13:21:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www1.folha.uol.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 13:21:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
fastlane.json
fastlane.rubiconproject.com/a/api/
240 B
702 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15900&site_id=108004&zone_id=714882&size_id=15&rf=https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Dcomptw&tk_flint=pbjs_lite_v4.43.4&x_source.tid=dbb6f6d3-292c-4192-badd-230eeb58d55a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.06974345318475761
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
13866116cfae36aacc431fe8d72a1ac6353a0436dcd42da11981b41ccf548a14

Request headers

Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 13:21:16 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www1.folha.uol.com.br
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.ssp.yahoo.com/
62 B
115 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edbf5e97b0053&pos=cotidiano_retangulo1&cmd=bid&secure=1
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
3782eb9d6004503d7bcbc3f945fa39281eb6c35cbf51cd86edfb68ad6255dc3f

Request headers

Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 13 Dec 2021 13:21:16 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www1.folha.uol.com.br
access-control-allow-credentials
true
content-length
62
prebid
ib.adnxs.com/ut/v3/
139 B
826 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d98131bed30c97894a8469ba0ee8a21e796ceb0686143245b644b27ce4458eb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 13:21:16 GMT
X-Proxy-Origin
168.119.25.199; 168.119.25.199; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
26188026-2973-44e7-8dfc-9bc897d23bb4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www1.folha.uol.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ADTECH;v=2;cmd=bid;cors=yes;alias=5639764cb93ab1d;misc=1639401676145;
adserver-us.adtech.advertising.com/pubapi/3.0/11583.1/5147072/0/0/
0
0

ads
securepubads.g.doubleclick.net/gampad/
20 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2416324755582873&correlator=434299242361669&output=ldjh&impl=fifs&eid=31063256&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211213&iu_parts=27954005%2Cfolha%2Ccotidiano&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&prev_scp=campaignuol%3D0%26group%3D5%26keyword%3Dcoronavirus%26pos%3D300x600_top%26native%3D0&eri=1&cust_params=t%3D3%26swgt%3Dsub_na%26origin%3Dwww1%2520folha%2520uol%2520com%2520br%2520cotidiano%25202021%252012%2520sites%2520do%2520ministerio%2520da%2520saude%2520e%2520do%2520conecte%2520sus%2520saem%2520do%2520ar%2520apos%2520suposto%2520ataque%2520hacker%2520shtml%2520utm%2520source%2520twitter%2520utm%2520medium%2520social%2520utm%2520campaign%2520comptw%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie=ID%3Daa1660bdd9abcb3f-2277ad1e05cd00ef%3AT%3D1639401675%3AS%3DALNI_MaP3Tm4pdeV2WM0TuV2kqStQY_62Q&bc=31&abxe=1&lmt=1639401676&dt=1639401676165&dlt=1639401673194&idt=2493&frm=20&biw=1600&bih=1200&oid=2&adxs=1145&adys=2268&adks=2679765418&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Dcomptw&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x27&msz=300x27&psts=AGkb-H9irKhRJEmPqlfX56kVVK3Jp_pOM7VglqqIYvsLTBIyV67I6CZ4imS7gUwNwBQwx25C68lmFlmr1fhXgUw8&ga_vid=1305299269.1639401676&ga_sid=1639401676&ga_hid=589848899&ga_fc=true&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
22282658b48cf670d2a4a37cc70aa2cc7a66108de851aff58b096fb4b747748b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9286
x-xss-protection
0
google-lineitem-id
5848439216
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138373919008
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www1.folha.uol.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
20 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2416324755582873&correlator=4223724980499637&output=ldjh&impl=fifs&eid=31063256&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211213&iu_parts=27954005%2Cfolha%2Ccotidiano&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x150%7C970x250%7C1190x150%7C1260x250%7C1290x250&prev_scp=campaignuol%3D0%26group%3D5%26keyword%3Dcoronavirus%26pos%3Dtop%26native%3D0&eri=1&cust_params=t%3D3%26swgt%3Dsub_na%26origin%3Dwww1%2520folha%2520uol%2520com%2520br%2520cotidiano%25202021%252012%2520sites%2520do%2520ministerio%2520da%2520saude%2520e%2520do%2520conecte%2520sus%2520saem%2520do%2520ar%2520apos%2520suposto%2520ataque%2520hacker%2520shtml%2520utm%2520source%2520twitter%2520utm%2520medium%2520social%2520utm%2520campaign%2520comptw%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie=ID%3Daa1660bdd9abcb3f-2277ad1e05cd00ef%3AT%3D1639401675%3AS%3DALNI_MaP3Tm4pdeV2WM0TuV2kqStQY_62Q&bc=31&abxe=1&lmt=1639401676&dt=1639401676168&dlt=1639401673194&idt=2493&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=218&adks=2229936766&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Dcomptw&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1290x90&msz=1290x90&psts=AGkb-H9irKhRJEmPqlfX56kVVK3Jp_pOM7VglqqIYvsLTBIyV67I6CZ4imS7gUwNwBQwx25C68lmFlmr1fhXgUw8&ga_vid=1305299269.1639401676&ga_sid=1639401676&ga_hid=589848899&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
9c49f5cd368f0f7f98510bcfaa2a4fedb74d348b9e5532a36a25ddcc8b1dffdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9701
x-xss-protection
0
google-lineitem-id
5848439216
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138373919020
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www1.folha.uol.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
wall.json
paywall.folha.uol.com.br/
1 KB
2 KB
Fetch
General
Full URL
https://paywall.folha.uol.com.br/wall.json?env=folha&register=no&url=https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Dcomptw&referrer=https%3A%2F%2Ft.co%2F&hab=no&_=1639401676220
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
alunosonline.com.br
Software
nginx / PHP/5.3.3
Resource Hash
42f77311fdc406b042f64b5fb676ac486558f908062e4859a74b396540579e52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:21:16 GMT
server
nginx
x-powered-by
PHP/5.3.3
content-type
application/json; charset=UTF-8;
access-control-allow-origin
https://www1.folha.uol.com.br
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
1408
expires
Thu, 19 Nov 1981 08:52:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www1.folha.uol.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 13:21:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www1.folha.uol.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 13:21:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
20 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2416324755582873&correlator=3582123582320719&output=ldjh&impl=fifs&eid=31063256&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211213&iu_parts=27954005%2Cfolha%2Ccotidiano&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&prev_scp=campaignuol%3D0%26group%3D5%26keyword%3Dcoronavirus%26pos%3D300x250_top%26native%3D0&eri=1&cust_params=t%3D3%26swgt%3Dsub_na%26origin%3Dwww1%2520folha%2520uol%2520com%2520br%2520cotidiano%25202021%252012%2520sites%2520do%2520ministerio%2520da%2520saude%2520e%2520do%2520conecte%2520sus%2520saem%2520do%2520ar%2520apos%2520suposto%2520ataque%2520hacker%2520shtml%2520utm%2520source%2520twitter%2520utm%2520medium%2520social%2520utm%2520campaign%2520comptw%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie=ID%3Daa1660bdd9abcb3f-2277ad1e05cd00ef%3AT%3D1639401675%3AS%3DALNI_MaP3Tm4pdeV2WM0TuV2kqStQY_62Q&bc=31&abxe=1&lmt=1639401676&dt=1639401676266&dlt=1639401673194&idt=2493&frm=20&biw=1600&bih=1200&oid=2&adxs=1145&adys=1418&adks=1904853990&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Dcomptw&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x27&msz=300x27&psts=AGkb-H9irKhRJEmPqlfX56kVVK3Jp_pOM7VglqqIYvsLTBIyV67I6CZ4imS7gUwNwBQwx25C68lmFlmr1fhXgUw8&ga_vid=1305299269.1639401676&ga_sid=1639401676&ga_hid=589848899&ga_fc=true&fws=4&ohw=1600&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
305c2c70aab9f5f39bc8cf5ccf9083f5d8ae47e6290379c2f745b3454753511e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9283
x-xss-protection
0
google-lineitem-id
5848439216
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138373919008
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www1.folha.uol.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html
s.dynad.net/stack/ Frame EA64
6 KB
3 KB
Document
General
Full URL
https://s.dynad.net/stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69
Requested by
Host: t.dynad.net
URL: https://t.dynad.net/script/?dc=5550010343;ord=0;click=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.187.199.64 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-187-199-64.static.uol.com.br
Software
Apache-Coyote/1.1 / DynAd.net 2021
Resource Hash
fdac1a3247f6636b0a366c779803ca0af16f5cf36b2ab34a5d48a0911cd59e1a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/

Response headers

date
Mon, 13 Dec 2021 13:21:17 GMT
content-type
text/html
vary
Accept-Encoding
server
Apache-Coyote/1.1
cache-control
max-age=3600
x-dynad-assets
v2.421 Thessaloniki
expires
Mon, 13 Dec 2021 14:21:17 GMT
pragma
cache
last-modified
Wed, 08 Dec 2021 20:12:47 GMT
x-powered-by
DynAd.net 2021
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-cacheable
time remaining 125.000h
x-varnish
438900914 402255992
age
407310
via
1.1 varnish-v4
content-encoding
gzip
928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
s.dynad.net/stack/ Frame 29CF
53 KB
18 KB
Document
General
Full URL
https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
Requested by
Host: t.dynad.net
URL: https://t.dynad.net/script/?dc=5550010343;ord=0;click=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.187.199.64 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-187-199-64.static.uol.com.br
Software
Apache-Coyote/1.1 / DynAd.net 2021
Resource Hash
ba70adf2020216558d39892f39d469a3b8eabefe26e3fe038c4e14272fcc1506

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/

Response headers

date
Mon, 13 Dec 2021 13:21:17 GMT
content-type
text/html
vary
Accept-Encoding
server
Apache-Coyote/1.1
cache-control
max-age=3600
x-dynad-assets
v2.421 Thessaloniki
expires
Mon, 13 Dec 2021 14:21:17 GMT
pragma
cache
last-modified
Sat, 11 Dec 2021 12:42:54 GMT
x-powered-by
DynAd.net 2021
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-cacheable
maximal 144h instead of 356.000h
x-varnish
438652681 424643834
age
175102
via
1.1 varnish-v4
content-encoding
gzip
container.html
efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0E5A
6 KB
3 KB
Document
General
Full URL
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 13 Dec 2021 13:21:15 GMT
expires
Tue, 13 Dec 2022 13:21:15 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0E5A
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
URL: https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 11:17:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7441
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 13 Dec 2022 11:17:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0E5A
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
URL: https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 13 Dec 2021 13:21:16 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www1.folha.uol.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 13:21:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www1.folha.uol.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 13:21:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bulk
trc.taboola.com/folhadespaulo-folhadespaulo/log/3/
0
253 B
XHR
General
Full URL
https://trc.taboola.com/folhadespaulo-folhadespaulo/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=3
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211213-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www1.folha.uol.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Mon, 13 Dec 2021 13:21:16 GMT
via
1.1 varnish
server
nginx
x-timer
S1639401677.507509,VS0,VE9
x-served-by
cache-fra19120-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www1.folha.uol.com.br
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
ads
securepubads.g.doubleclick.net/gampad/
20 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2416324755582873&correlator=522444515743176&output=ldjh&impl=fifs&eid=31063256&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211213&iu_parts=27954005%2Cfolha%2Ccotidiano&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&prev_scp=campaignuol%3D0%26group%3D5%26keyword%3Dcoronavirus%26pos%3D300x250_middle%26native%3D0&eri=1&cust_params=t%3D3%26swgt%3Dsub_na%26origin%3Dwww1%2520folha%2520uol%2520com%2520br%2520cotidiano%25202021%252012%2520sites%2520do%2520ministerio%2520da%2520saude%2520e%2520do%2520conecte%2520sus%2520saem%2520do%2520ar%2520apos%2520suposto%2520ataque%2520hacker%2520shtml%2520utm%2520source%2520twitter%2520utm%2520medium%2520social%2520utm%2520campaign%2520comptw%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie=ID%3Daa1660bdd9abcb3f%3AT%3D1639401675%3AS%3DALNI_MYKJPJDwjVP7a85ZgF33dTWVx_6WQ&bc=31&abxe=1&lmt=1639401676&dt=1639401676507&dlt=1639401673194&idt=2493&frm=20&biw=1600&bih=1200&oid=2&adxs=1145&adys=2068&adks=1145118830&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Dcomptw&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x27&msz=300x27&psts=AGkb-H9irKhRJEmPqlfX56kVVK3Jp_pOM7VglqqIYvsLTBIyV67I6CZ4imS7gUwNwBQwx25C68lmFlmr1fhXgUw8%2CAGkb-H9V2WJmQtUEThUP0wVI6U_LMwMHzy5HlWgI1ugCaGBRfpheygV9EzWcPjagNxV_Uyb1t2xS5h33XXPVVqnr%2CAGkb-H8if1Hm_-opL3O_E1LrxP6VXSXBmlPiw0Y7co6pYKgGHIAL_y1WQSZwckkprFkT6kNgaNioXIZbBhyZJsf1&ga_vid=1305299269.1639401676&ga_sid=1639401676&ga_hid=589848899&ga_fc=true&fws=4&ohw=1600&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
61c510f44bb9effc293f9d7e0716b4f25e0458c255e6ad4cc1265f5d967e5774
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9195
x-xss-protection
0
google-lineitem-id
5847910744
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138373451198
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www1.folha.uol.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=589848899&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Dcomptw&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Ataque%20hacker%20tira%20do%20ar%20sites%20do%20Minist%C3%A9rio%20da%20Sa%C3%BAde%20e%20do%20Conecte%20SUS%20-%2010%2F12%2F2021%20-%20Cotidiano%20-%20Folha&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=paywall&ea=a_test&el=not_logged&_u=6ChACEABBAAAAC~&jid=&gjid=&cid=1305299269.1639401676&tid=UA-96904972-1&_gid=1501912263.1639401676&cd1=Conteudo&cd2=Folha&cd3=Folha&cd4=1305299269.1639401676&cd66=1639401676525.gujpadlb&cd85=none&cd87=none&cd88=none&z=2130948664
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Dec 2021 22:16:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
54272
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0E5A
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsteP6jNZySZd8tR-ppprx7wDNYiArIO6mvIOiDbsXrVOddQYEjDYcoG8wzxJN7VGJ-k6U7nMnwbXjW1wdfuXMxWgmXjZUgCE5hUD2N6kddqwkRhWrM8U00vjoq9H6JIdBaIP2h-EPSTD1xAL0mLMWi65kARzY4lsQALqX7GSCv0Ou4ZCfB4iQdI38wA4ANj6-q3PdXjFWm1-mWdTL-uVJAUExPbjZBpu3pi5m1fNmOf9duM8wmIMqBbr8GhvB9EzM6hBO9KXSSuX3Wp5Nt6NQt_H78XftxlCuT1FIERiNC3o4Gpi_kLKwoCYqSXj1QIPXMxhrdI6A&sig=Cg0ArKJSzJqY1y22aAhPEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
URL: https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 13:21:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
utm_source=folha&utm_medium=video&utm_campaign=1920X1080&utm_id=cosan_compass_video
www.compassbr.com/sobre-a-compass-gas-e-energia/compass-gas-e-energia/ Frame 0E5A
0
0
Fetch
General
Full URL
https://www.compassbr.com/sobre-a-compass-gas-e-energia/compass-gas-e-energia/utm_source=folha&utm_medium=video&utm_campaign=1920X1080&utm_id=cosan_compass_video
Requested by
Host: efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
URL: https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.233.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-233-122.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

AdplayerServlet
displaycompiler.adtooxcirrus.com/adplayer-distributor-war-1.65.0/ Frame 0E5A
13 KB
14 KB
Script
General
Full URL
https://displaycompiler.adtooxcirrus.com/adplayer-distributor-war-1.65.0/AdplayerServlet?action=GET_JS_FOR_SCRIPT_TAG&vast_url=https://global-assets.adtooxcirrus.com:443//178308327_7ba6838a095fcd7bb831c1bbcacf7bb7_178308328.xml?access-token=UpC9PirkP7vLexjc1NhRZ-3aManY7ATQYCfb3GVKBiLNDH-0YqJxBCgVoOo0a-AwSR4OtSv4EmxzvkQFst6S9RSzvF_KX-RzqYq4ofjD5MY&player_layout_type=10&inscreen_functionality=true&smart_polite=true&play_behaviour=overlay&stg_node_id=adtoox-ad135749&click_macro=insert_click_macro_here
Requested by
Host: efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
URL: https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.94.49.180 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-94-49-180.sa-east-1.compute.amazonaws.com
Software
WildFly/10 / Undertow/1
Resource Hash
897192a3fd49346c633e9973b66afc1d560d7398e36cc8f4f6aeac5ab467926e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 13:21:17 GMT
Server
WildFly/10
X-Powered-By
Undertow/1
transfer-encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Expires
-1
beacon.js
sb.scorecardresearch.com/ Frame 0E5A
1 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
URL: https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-75.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 03:43:24 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
34673
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
rB_RQGgg8Wg2xBH7RHrIoSfHerfp6kLfpZz3y8M-oGQoXzf1vkdGzg==
truncated
/ Frame 0E5A
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e957450e92956c6674b71c73dfaf813b537dce3c02c6d724ca9205672017a5a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
container.html
efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0C1F
6 KB
3 KB
Document
General
Full URL
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 13 Dec 2021 13:21:15 GMT
expires
Tue, 13 Dec 2022 13:21:15 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
b
sb.scorecardresearch.com/ Frame 0E5A
0
336 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=8&c2=6036356&c3=1&ns__t=1639401676584&ns_c=UTF-8&ns_if=1&cv=3.5&c8=SafeFrame%20Container&c7=https%3A%2F%2Fefd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&c9=https%3A%2F%2Fwww1.folha.uol.com.br%2F
Requested by
Host: efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
URL: https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-75.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:16 GMT
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
bc3U_XUTy95eJ930Hg-32BaMJ3dS5woCVLtWA5XGavlLFfVW2fUjQw==
x-cache
Miss from cloudfront
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0C1F
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
URL: https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 11:17:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7441
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 13 Dec 2022 11:17:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0C1F
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
URL: https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 13 Dec 2021 13:21:16 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/
254 B
775 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
22061
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
JaB2VZccswddTqwJ7/mcediCDg0wFFInP8HOv6ivSWhba0pfTqAJTJNmShXPe3AZIWkTu7d0lpI=
x-served-by
cache-fra19120-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1639401677.637618,VS0,VE0
date
Mon, 13 Dec 2021 13:21:16 GMT
x-amz-request-id
DM4W3S4YY3F5F4G8
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
67
x-cache-hits
22681
view
securepubads.g.doubleclick.net/pcs/ Frame 0C1F
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsub9KiokNssZFX7NRpEtxZ8FD5bBROKxHe-TjEdSHokt_lGJG4BMiqUFRGfgysPcB0JTAXFeReKLO61g2EZLyAa57f1FzXWPzfTX2ki0-qexyvYPpyhNgtrcmRZUUK2aa-1xPej_2J7MzQuno1GuZ-UoNnhbP_1CTnKKkuTnZlKV6NOp9PEn5xq_lhoKl6PffPb7-dw6W_vuArKFccmjJIufqo9HvptyuHIvjlqq58LRug140JFonzXT4hneheKcgHVD0NvhwfRNhyobB-Y4wNzS1e-YRzlwi0g3k3ATMDlT_U6Pj01kz58qQzetoCSMvPUZPba5A&sig=Cg0ArKJSzCYQiciNl4bsEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
URL: https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 13:21:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
utm_source=folha&utm_medium=video&utm_campaign=1920X1080&utm_id=cosan_compass_videoo
www.compassbr.com/sobre-a-compass-gas-e-energia/compass-gas-e-energia/ Frame 0C1F
0
0
Fetch
General
Full URL
https://www.compassbr.com/sobre-a-compass-gas-e-energia/compass-gas-e-energia/utm_source=folha&utm_medium=video&utm_campaign=1920X1080&utm_id=cosan_compass_videoo
Requested by
Host: efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
URL: https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.233.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-233-122.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

AdplayerServlet
displaycompiler.adtooxcirrus.com/adplayer-distributor-war-1.65.0/ Frame 0C1F
13 KB
14 KB
Script
General
Full URL
https://displaycompiler.adtooxcirrus.com/adplayer-distributor-war-1.65.0/AdplayerServlet?action=GET_JS_FOR_SCRIPT_TAG&vast_url=https://global-assets.adtooxcirrus.com:443//178308327_7ba6838a095fcd7bb831c1bbcacf7bb7_178308328.xml?access-token=UpC9PirkP7vLexjc1NhRZ-3aManY7ATQYCfb3GVKBiLNDH-0YqJxBCgVoOo0a-AwSR4OtSv4EmxzvkQFst6S9RSzvF_KX-RzqYq4ofjD5MY&player_layout_type=36&inscreen_functionality=true&smart_polite=true&play_behaviour=expand&stg_node_id=adtoox-ad196237&click_macro=insert_click_macro_here
Requested by
Host: efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
URL: https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.94.49.180 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-94-49-180.sa-east-1.compute.amazonaws.com
Software
WildFly/10 / Undertow/1
Resource Hash
6405aec2f2c2ab8afbb8b6b53cc9644816f8cce45f48fd848e9d78019e6bdf9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 13:21:17 GMT
Server
WildFly/10
X-Powered-By
Undertow/1
transfer-encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Expires
-1
beacon.js
sb.scorecardresearch.com/ Frame 0C1F
1 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
URL: https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-75.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 03:43:24 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
34673
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
VLyBBCpTl4wToIsvEmE39tmD9GFVp_rrFd8SpvzlzYJYyQP2nZwgDg==
truncated
/ Frame 0C1F
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
967031013f3c352cb75363c6446b66a979d5a97243f230b26368e5a4d22a9281

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
b
sb.scorecardresearch.com/ Frame 0C1F
0
335 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=8&c2=6036356&c3=1&ns__t=1639401676665&ns_c=UTF-8&ns_if=1&cv=3.5&c8=SafeFrame%20Container&c7=https%3A%2F%2Fefd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&c9=https%3A%2F%2Fwww1.folha.uol.com.br%2F
Requested by
Host: efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
URL: https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-75.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:16 GMT
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
FeqeY3N3KIdvLp01wlhdsZ-JBPFVs7pinzLwp4Vo528OPIo9WNr69g==
x-cache
Miss from cloudfront
Folha_Grafico-Regular.woff2
static.folha.uol.com.br/fonts/hunting/folha-grafico/ Frame 68C2
19 KB
19 KB
Font
General
Full URL
https://static.folha.uol.com.br/fonts/hunting/folha-grafico/Folha_Grafico-Regular.woff2
Requested by
Host: estudio.folha.uol.com.br
URL: https://estudio.folha.uol.com.br/ads/css/app.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
alunosonline.com.br
Software
nginx /
Resource Hash
11a53e846f05b00ab8809a02d72580090c0dbfce59e6eefd4c159d70461b88c3

Request headers

Referer
https://estudio.folha.uol.com.br/
Origin
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:17 GMT
via
CacheUOL
last-modified
Mon, 27 Jan 2020 18:27:09 GMT
server
nginx
age
922440
etag
"aa2505-4b0c-59d2341541940"
x-cache
HIT
x-varnish
133759019 198116694
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
19212
expires
Tue, 13 Dec 2022 13:21:17 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 68C2
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmR3Vyp3j4g7LyB8VZWp8cBDkSKkB4WJyHfummUX5fcDuBoxBsjNG-SWYmgvwcCWaOFV9bS_hiNfvnT2OFBaGOtMER6DoEzD8AWK8vv9IQcFWA8NBkafa2egwPRjUNFV1MalHuGFUzooANBV157-jpAed7hrCZjwPx5rww1TIOImwTiqQb3zght7Dr8SEwsOntqawJEcXNPyfjD6tWiDJpqmTZPumbgVzAPMRCBR_1Xidpl2xqfS2nhAJ-8rpSbqAKhghi91Amfd8-INCNDLU4IwilBm3rHQBiWdHksd0P7KutfYEqk8SbipAOGmPyflVV6cGdapU&sai=AMfl-YRgqeM3E7HmhpFjnFIexrmsVW_knU76RnENLriwoDxmwyCcJ373S_Jy7nUZZ-nek_AdwUzUx0-4LYCZ55T4HhEj1WUjgCPXTgzH35_7Rbe0EcRNioU6H_FeViiONoEM&sig=Cg0ArKJSzEyOCSoisuOhEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 13:21:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 13 Dec 2021 13:21:17 GMT
beacon.js
sb.scorecardresearch.com/ Frame 68C2
1 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
URL: https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-75.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 03:43:24 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
34674
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
9Q479fIPETqzt8JmgeHcEaN7Iaap1PVEVDn6P2efa7j-KF0sv6O98w==
truncated
/ Frame 68C2
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0837563b174e20d1adbd2e2a07c3375b2b82a5d889b2ff61cc570bda78b783be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
b
sb.scorecardresearch.com/ Frame 68C2
0
336 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=8&c2=6036356&c3=1&ns__t=1639401677030&ns_c=UTF-8&ns_if=1&cv=3.5&c8=SafeFrame%20Container&c7=https%3A%2F%2Fefd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&c9=https%3A%2F%2Fwww1.folha.uol.com.br%2F
Requested by
Host: efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
URL: https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-75.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:17 GMT
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
6DRq5V7eF9cXNstuOgrGhobu86lL8-OdGRTLRdLeFMGhJ8SBGKQP2A==
x-cache
Miss from cloudfront
cds-pips.js
cdn.taboola.com/scripts/
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211213-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
442
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
UVmmKgrr59RLDNkWc9ljQhUFzf/0XaQHRaC5dokKQDMiPs1zGp86+/SIrSiyVtam3fMLXn9IoGU=
x-served-by
cache-fra19120-FRA
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1639401677.441033,VS0,VE0
date
Mon, 13 Dec 2021 13:21:17 GMT
vary
Accept-Encoding
x-amz-request-id
DM4HV04AKP3AJ8JZ
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
67
x-cache-hits
3677
/
pips.taboola.com/
64 B
245 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
cae87a091fc40b6d12c3a5bc83c64c648d0a50e10e95da4a6a33a6574e1528d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:17 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-fra19173-FRA
access-control-allow-methods
GET
access-control-allow-origin
https://www1.folha.uol.com.br
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 29CF
375 KB
124 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: s.dynad.net
URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b666cd4fde0554c6dbd946339abca10c1aba4fd4ebebc434e7fe38aa32b301e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.dynad.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126530
x-xss-protection
0
expires
Mon, 13 Dec 2021 13:21:17 GMT
/
cds.taboola.com/
0
155 B
XHR
General
Full URL
https://cds.taboola.com/?uid=7cb41445-b6dc-41ae-b4d9-77dd4a5880d0-tuct8b0ce4a&uad=c1c70a79df9c14bb520a9172fea9444a9161a9470b819a3b7172e9f5330977a6
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www1.folha.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 13 Dec 2021 13:21:17 GMT
Cache-Control
no-store
Server
nginx
Connection
close
truncated
/ Frame 29CF
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a5e2fdeee01580357b0fe44c7c1b73f571722ccf5818ef0147116ff2ce8df0c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
bridge3.491.0_pt_br.html
imasdk.googleapis.com/js/core/ Frame 5A90
596 KB
194 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.491.0_pt_br.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba55fdfb610eb4e610eaddf226c00d8a5d50fcc4f6ad724be4b0fec54a2184b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.dynad.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
198277
date
Fri, 10 Dec 2021 04:37:49 GMT
expires
Sat, 10 Dec 2022 04:37:49 GMT
last-modified
Wed, 08 Dec 2021 17:44:52 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
290608
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 29CF
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.dynad.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 13 Dec 2021 13:21:17 GMT
integrator.js
adservice.google.com/adsid/ Frame 29CF
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=s.dynad.net
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.dynad.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 13:21:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 15B4
37 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.dynad.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 12:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2774
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 13 Dec 2021 13:35:03 GMT
AdplayerServlet
displaycompiler.adtooxcirrus.com/adplayer-distributor-war-1.65.0/ Frame 0E5A
9 KB
9 KB
XHR
General
Full URL
https://displaycompiler.adtooxcirrus.com/adplayer-distributor-war-1.65.0/AdplayerServlet?action=get_player_div&vast_url=https://global-assets.adtooxcirrus.com:443//178308327_7ba6838a095fcd7bb831c1bbcacf7bb7_178308328.xml?access-token=UpC9PirkP7vLexjc1NhRZ-3aManY7ATQYCfb3GVKBiLNDH-0YqJxBCgVoOo0a-AwSR4OtSv4EmxzvkQFst6S9RSzvF_KX-RzqYq4ofjD5MY&player_layout_type=10&inscreen_functionality=true&smart_polite=true&play_behaviour=overlay&stg_node_id=adtoox-ad135749&click_macro=insert_click_macro_here&overriding_initial_first_party_seq=f73437fd-82e2-4063-9033-00f0f623e1f2
Requested by
Host: displaycompiler.adtooxcirrus.com
URL: https://displaycompiler.adtooxcirrus.com/adplayer-distributor-war-1.65.0/AdplayerServlet?action=GET_JS_FOR_SCRIPT_TAG&vast_url=https://global-assets.adtooxcirrus.com:443//178308327_7ba6838a095fcd7bb831c1bbcacf7bb7_178308328.xml?access-token=UpC9PirkP7vLexjc1NhRZ-3aManY7ATQYCfb3GVKBiLNDH-0YqJxBCgVoOo0a-AwSR4OtSv4EmxzvkQFst6S9RSzvF_KX-RzqYq4ofjD5MY&player_layout_type=10&inscreen_functionality=true&smart_polite=true&play_behaviour=overlay&stg_node_id=adtoox-ad135749&click_macro=insert_click_macro_here
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.94.49.180 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-94-49-180.sa-east-1.compute.amazonaws.com
Software
WildFly/10 / Undertow/1
Resource Hash
40b0a874f188fc1192a5e55c572e0dd8163710a558d1cde5119b389ddc0ee99b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 13:21:18 GMT
Server
WildFly/10
X-Powered-By
Undertow/1
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8714
Expires
-1
style_970x250_1.css
global-assets.adtooxcirrus.com/155859475_45a60fd86ba2652dc8d7ba3288d159bc_155859476.zip/unzip/adplayer-package_17-01-2020_15-18/lib/css/ Frame 0E5A
33 KB
11 KB
XHR
General
Full URL
https://global-assets.adtooxcirrus.com/155859475_45a60fd86ba2652dc8d7ba3288d159bc_155859476.zip/unzip/adplayer-package_17-01-2020_15-18/lib/css/style_970x250_1.css
Requested by
Host: displaycompiler.adtooxcirrus.com
URL: https://displaycompiler.adtooxcirrus.com/adplayer-distributor-war-1.65.0/AdplayerServlet?action=GET_JS_FOR_SCRIPT_TAG&vast_url=https://global-assets.adtooxcirrus.com:443//178308327_7ba6838a095fcd7bb831c1bbcacf7bb7_178308328.xml?access-token=UpC9PirkP7vLexjc1NhRZ-3aManY7ATQYCfb3GVKBiLNDH-0YqJxBCgVoOo0a-AwSR4OtSv4EmxzvkQFst6S9RSzvF_KX-RzqYq4ofjD5MY&player_layout_type=10&inscreen_functionality=true&smart_polite=true&play_behaviour=overlay&stg_node_id=adtoox-ad135749&click_macro=insert_click_macro_here
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
65eea2ca83c0016cbc5ffd5a913a2854ca7911db76f0e5421ae428f628efba92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:17 GMT
content-encoding
br
last-modified
Fri, 17 Jan 2020 15:50:27 GMT
server
keycdn-engine
x-edge-location
defr
etag
W/"5e21d7c3-8525"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-headers
*
expires
Mon, 20 Dec 2021 13:21:17 GMT
AdtooxBanner.min.js
global-assets.adtooxcirrus.com/155859475_45a60fd86ba2652dc8d7ba3288d159bc_155859476.zip/unzip/adplayer-package_17-01-2020_15-18/lib/js/ Frame 0E5A
252 KB
65 KB
XHR
General
Full URL
https://global-assets.adtooxcirrus.com/155859475_45a60fd86ba2652dc8d7ba3288d159bc_155859476.zip/unzip/adplayer-package_17-01-2020_15-18/lib/js/AdtooxBanner.min.js
Requested by
Host: displaycompiler.adtooxcirrus.com
URL: https://displaycompiler.adtooxcirrus.com/adplayer-distributor-war-1.65.0/AdplayerServlet?action=GET_JS_FOR_SCRIPT_TAG&vast_url=https://global-assets.adtooxcirrus.com:443//178308327_7ba6838a095fcd7bb831c1bbcacf7bb7_178308328.xml?access-token=UpC9PirkP7vLexjc1NhRZ-3aManY7ATQYCfb3GVKBiLNDH-0YqJxBCgVoOo0a-AwSR4OtSv4EmxzvkQFst6S9RSzvF_KX-RzqYq4ofjD5MY&player_layout_type=10&inscreen_functionality=true&smart_polite=true&play_behaviour=overlay&stg_node_id=adtoox-ad135749&click_macro=insert_click_macro_here
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
75f4c29c316624f4b79ee8a7b81c6a216e5f99440ab5bfbcc9b90a0c45926066

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:17 GMT
content-encoding
br
last-modified
Fri, 17 Jan 2020 15:50:31 GMT
server
keycdn-engine
x-edge-location
defr
etag
W/"5e21d7c7-3ee44"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-headers
*
expires
Mon, 20 Dec 2021 13:21:17 GMT
plugin
se-de-fr-ect.adtooxcloud.com/ectracker/ Frame 0E5A
44 B
492 B
Image
General
Full URL
https://se-de-fr-ect.adtooxcloud.com/ectracker/plugin?len=30&cc=1MKCT30BR001&cc_id=178303315&bc=9035&seq=f73437fd-82e2-4063-9033-00f0f623e1f2&rnd=2071249068&res=autoplay&tag1=970x250&tag2=script_tag_loading&custom_id=undefined&tag3=overlay
Requested by
Host: efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
URL: https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
213.136.34.196 Stockholm, Sweden, ASN8473 (BAHNHOF www.bahnhof.net, SE),
Reverse DNS
h-213-136-34-196.NA.cust.bahnhof.se
Software
Apache-Coyote/1.1 /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
No-cache
Date
Mon, 13 Dec 2021 13:21:17 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
Cache-Control
no-cache
Content-Type
image/gif
Content-Length
44
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 5A90
22 KB
4 KB
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?sz=640x480&iu=%2F8804%2Ffolha%2Fin-article%2Fcotidiano&ciu_szs=300x250&gdfp_req=1&env=vp&output=xml_vast4&unviewed_position_start=1&cust_params=videoplayertype%3Ddynad_in-article%26keyword%3Dvideo-auto-play%26t%3D3%26swgt%3Dsub_na%26origin%3Dwww1%20folha%20uol%20com%20br%20cotidiano%202021%2012%20sites%20do%20ministerio%20da%20saude%20e%20do%20conecte%20sus%20saem%20do%20ar%20apos%20suposto%20ataque%20hacker%20shtml%20utm%20source%20twitter%20utm%20medium%20social%20utm%20campaign%20comptw%26hasFocus%3Dtrue%26bt%3D9000%26UOLDNA%3Dnull%26hasMouseIn%3Dfalse%26keyword%3Dvideo-auto-play&description_url=https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Dcomptw&correlator=2161237419970513&ad_rule=0&vad_type=linear&vpos=preroll&pod=1&min_ad_duration=0&max_ad_duration=999999000&ppos=1&lip=true&video_url_to_fetch=https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Dcomptw&vpa=auto&vpmute=1&sdkv=h.3.491.0&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=94654266&sdk_apis=2%2C8&sid=3EEE84B7-6F20-4603-9273-EB08F559743F&nel=0&eid=44715336%2C44725355%2C44737475&top=https%3A%2F%2Fwww1.folha.uol.com.br%2F&url=https%3A%2F%2Fs.dynad.net%2Fstack%2F928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html&ref=https%3A%2F%2Fwww1.folha.uol.com.br%2F&dt=1639401677719&scor=2717403492102457&ged=ve4_td1_tt0_pd1_la1000_er17.0.167.300_vi0.0.0.0_vp0_eb16747
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_pt_br.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
9702799b89a8e03716c55455d22566414e22fc88a1292f2c889515a0b34f9dfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3878
x-xss-protection
0
google-lineitem-id
5849912771
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138373774940
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdplayerServlet
displaycompiler.adtooxcirrus.com/adplayer-distributor-war-1.65.0/ Frame 0C1F
8 KB
9 KB
XHR
General
Full URL
https://displaycompiler.adtooxcirrus.com/adplayer-distributor-war-1.65.0/AdplayerServlet?action=get_player_div&vast_url=https://global-assets.adtooxcirrus.com:443//178308327_7ba6838a095fcd7bb831c1bbcacf7bb7_178308328.xml?access-token=UpC9PirkP7vLexjc1NhRZ-3aManY7ATQYCfb3GVKBiLNDH-0YqJxBCgVoOo0a-AwSR4OtSv4EmxzvkQFst6S9RSzvF_KX-RzqYq4ofjD5MY&player_layout_type=36&inscreen_functionality=true&smart_polite=true&play_behaviour=expand&stg_node_id=adtoox-ad196237&click_macro=insert_click_macro_here&overriding_initial_first_party_seq=10a235e9-bc8e-406a-a612-a16d78795982
Requested by
Host: displaycompiler.adtooxcirrus.com
URL: https://displaycompiler.adtooxcirrus.com/adplayer-distributor-war-1.65.0/AdplayerServlet?action=GET_JS_FOR_SCRIPT_TAG&vast_url=https://global-assets.adtooxcirrus.com:443//178308327_7ba6838a095fcd7bb831c1bbcacf7bb7_178308328.xml?access-token=UpC9PirkP7vLexjc1NhRZ-3aManY7ATQYCfb3GVKBiLNDH-0YqJxBCgVoOo0a-AwSR4OtSv4EmxzvkQFst6S9RSzvF_KX-RzqYq4ofjD5MY&player_layout_type=36&inscreen_functionality=true&smart_polite=true&play_behaviour=expand&stg_node_id=adtoox-ad196237&click_macro=insert_click_macro_here
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.94.49.180 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-94-49-180.sa-east-1.compute.amazonaws.com
Software
WildFly/10 / Undertow/1
Resource Hash
65b8bf38e11c6bf8a8628a59400588f356e6ed3606504ac7ad3d60ac247080a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 13:21:18 GMT
Server
WildFly/10
X-Powered-By
Undertow/1
transfer-encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Expires
-1
style_300x250_mobile.css
global-assets.adtooxcirrus.com/155859475_45a60fd86ba2652dc8d7ba3288d159bc_155859476.zip/unzip/adplayer-package_17-01-2020_15-18/lib/css/ Frame 0C1F
33 KB
11 KB
XHR
General
Full URL
https://global-assets.adtooxcirrus.com/155859475_45a60fd86ba2652dc8d7ba3288d159bc_155859476.zip/unzip/adplayer-package_17-01-2020_15-18/lib/css/style_300x250_mobile.css
Requested by
Host: displaycompiler.adtooxcirrus.com
URL: https://displaycompiler.adtooxcirrus.com/adplayer-distributor-war-1.65.0/AdplayerServlet?action=GET_JS_FOR_SCRIPT_TAG&vast_url=https://global-assets.adtooxcirrus.com:443//178308327_7ba6838a095fcd7bb831c1bbcacf7bb7_178308328.xml?access-token=UpC9PirkP7vLexjc1NhRZ-3aManY7ATQYCfb3GVKBiLNDH-0YqJxBCgVoOo0a-AwSR4OtSv4EmxzvkQFst6S9RSzvF_KX-RzqYq4ofjD5MY&player_layout_type=36&inscreen_functionality=true&smart_polite=true&play_behaviour=expand&stg_node_id=adtoox-ad196237&click_macro=insert_click_macro_here
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4a62ab577329786aba0873d73657bb8de940dcf434ebc5e44590ca4f318b37e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:17 GMT
content-encoding
br
last-modified
Fri, 17 Jan 2020 15:50:22 GMT
server
keycdn-engine
x-edge-location
defr
etag
W/"5e21d7be-8215"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-headers
*
expires
Mon, 20 Dec 2021 13:21:17 GMT
AdtooxBanner.min.js
global-assets.adtooxcirrus.com/155859475_45a60fd86ba2652dc8d7ba3288d159bc_155859476.zip/unzip/adplayer-package_17-01-2020_15-18/lib/js/ Frame 0C1F
252 KB
65 KB
XHR
General
Full URL
https://global-assets.adtooxcirrus.com/155859475_45a60fd86ba2652dc8d7ba3288d159bc_155859476.zip/unzip/adplayer-package_17-01-2020_15-18/lib/js/AdtooxBanner.min.js
Requested by
Host: displaycompiler.adtooxcirrus.com
URL: https://displaycompiler.adtooxcirrus.com/adplayer-distributor-war-1.65.0/AdplayerServlet?action=GET_JS_FOR_SCRIPT_TAG&vast_url=https://global-assets.adtooxcirrus.com:443//178308327_7ba6838a095fcd7bb831c1bbcacf7bb7_178308328.xml?access-token=UpC9PirkP7vLexjc1NhRZ-3aManY7ATQYCfb3GVKBiLNDH-0YqJxBCgVoOo0a-AwSR4OtSv4EmxzvkQFst6S9RSzvF_KX-RzqYq4ofjD5MY&player_layout_type=36&inscreen_functionality=true&smart_polite=true&play_behaviour=expand&stg_node_id=adtoox-ad196237&click_macro=insert_click_macro_here
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
75f4c29c316624f4b79ee8a7b81c6a216e5f99440ab5bfbcc9b90a0c45926066

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:17 GMT
content-encoding
br
last-modified
Fri, 17 Jan 2020 15:50:31 GMT
server
keycdn-engine
x-edge-location
defr
etag
W/"5e21d7c7-3ee44"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-headers
*
expires
Mon, 20 Dec 2021 13:21:17 GMT
plugin
se-de-fr-ect.adtooxcloud.com/ectracker/ Frame 0C1F
44 B
492 B
Image
General
Full URL
https://se-de-fr-ect.adtooxcloud.com/ectracker/plugin?len=30&cc=1MKCT30BR001&cc_id=178303315&bc=9035&seq=10a235e9-bc8e-406a-a612-a16d78795982&rnd=1258875121&res=autoplay&tag1=300x250_mobile&tag2=script_tag_loading&custom_id=undefined&tag3=expand
Requested by
Host: efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
URL: https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
213.136.34.196 Stockholm, Sweden, ASN8473 (BAHNHOF www.bahnhof.net, SE),
Reverse DNS
h-213-136-34-196.NA.cust.bahnhof.se
Software
Apache-Coyote/1.1 /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
No-cache
Date
Mon, 13 Dec 2021 13:21:17 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
Cache-Control
no-cache
Content-Type
image/gif
Content-Length
44
Expires
Thu, 01 Jan 1970 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0C1F
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhoTj6pBHl9YySqZqbLWeWy_bhyGGNUxBnEazxDVLkLryetHIBy9aHR7IaqBDk2jfS8aujMrTn8Gc8h6lKlHcq-wEmLqqNQjCOn95gVlrtapoRdI4xFaTqYmRR0lJYN98kzG2NHDvoe7FLlaXjHI_Qi0nsBaQVJWWE99J-Q3bjoDIy1FVUKIXg8ZoDFl-KGu5wRqv9sVRFWdgpnIWqayAglnlXP6v7kTHFpvRH6BzOpPzBSL_JdXk7PEJQ_TAs936f9Q9rYsXfT__WSueoyjKcFwu_FhhQU0NHgi7Xp264VoDPoth83Tg7Zw7uSJ1Gcg359Ysz8nfV&sig=Cg0ArKJSzB-hRJAWtgK3EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 13:21:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 13 Dec 2021 13:21:17 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0E5A
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvqMh-hs504sYWMYPDd9GKHAS68W9CkNX7Lf7hzVCaM-yxmrWqWUpBzaNseEfF6l0Xobp4mWpTtHQhidOiT4EPruqzwhKpbnbNUiVdjj5FYuxAjLfNrLlB7qA4DRiyO_yVVh9XBy2JQ5_VwAz5Iv4QgNyUiUr1aT60IcRI2Fuam8v2Rx--hMAOMByjVFrc5Ie9ezXHFoPaIuuiPudGDrBZ_7Y2k9kV0_pzot0rRSEr3XYph4UN3R-6uHfeU6_CtUG7RJ42FkMu37ek-WSAqvR_OmMVGBOxbTpt-_hBPI-wvN7lO8obZmysQ_uYE-Y7G8YuY6uzw9j5&sig=Cg0ArKJSzCWIIIGvvUyrEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 13:21:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 13 Dec 2021 13:21:17 GMT
truncated
/ Frame 0E5A
3 KB
3 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba9fc9624e57831b2d1db24a54c4f8e0670760bd8f7b2ca1a83f9930ff6f2b64

Request headers

Referer
Origin
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
font/woff
178307970_5b72fa89a86b8537004d2100b4b87db1_178307971.jpg
global-assets.adtooxcirrus.com// Frame 0E5A
27 KB
28 KB
Image
General
Full URL
https://global-assets.adtooxcirrus.com//178307970_5b72fa89a86b8537004d2100b4b87db1_178307971.jpg?access-token=yWJX1IYMZ2O7xvMUU6xpMDPFWFTIDaJ2P-qgUm7JHVTgfutzjTWaRlvOAnOvE9gJz8GVm3nCJ-PyRD_p01kqWBSzvF_KX-RzqYq4ofjD5MY
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
4273203cb3c82d870688f268b25b8af0090c0e7ba38483b94d682e71e04a17d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:18 GMT
last-modified
Wed, 10 Nov 2021 18:01:39 GMT
server
keycdn-engine
x-edge-location
defr
etag
"618c0903-6d03"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
*
content-length
27907
expires
Mon, 20 Dec 2021 13:21:18 GMT
178307972_2c6b17a9da06923d7cc344d07304f081_178307973.jpg
global-assets.adtooxcirrus.com// Frame 0E5A
11 KB
11 KB
Image
General
Full URL
https://global-assets.adtooxcirrus.com//178307972_2c6b17a9da06923d7cc344d07304f081_178307973.jpg?access-token=teOi3fzplH-rnJyLHFBzR-U0P8p4fGrAWviS9TsrSGbyF5Or3BscoeWRmUlQDWdzGor0YNLI5egFySIglXj8ehSzvF_KX-RzqYq4ofjD5MY
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
374f06eefdd3f993de5cc6e3fd1646f34b73fd6f91118c7e6a21575cdc4ae541

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:18 GMT
last-modified
Wed, 10 Nov 2021 18:01:40 GMT
server
keycdn-engine
x-edge-location
defr
etag
"618c0904-2be8"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
*
content-length
11240
expires
Mon, 20 Dec 2021 13:21:18 GMT
178307968_0b34b74be813f2c247eb90129424e8e8_178307969.jpg
global-assets.adtooxcirrus.com// Frame 0E5A
3 KB
3 KB
Image
General
Full URL
https://global-assets.adtooxcirrus.com//178307968_0b34b74be813f2c247eb90129424e8e8_178307969.jpg?access-token=si0KM3TRF2QXWVVkUFSDQD1EhMQG6FVMXoiYVVMLhc8zS9JXU5zfryiqwyTD2XnICgkOF3ofT-BDYyAPnX_TmxSzvF_KX-RzqYq4ofjD5MY
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
050e9889d9509e3aac647f21f144adf55b049dcfd0e7a98864b2b64ddf65da6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:18 GMT
last-modified
Wed, 10 Nov 2021 18:01:39 GMT
server
keycdn-engine
x-edge-location
defr
etag
"618c0903-b24"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
*
content-length
2852
expires
Mon, 20 Dec 2021 13:21:18 GMT
truncated
/ Frame 0C1F
3 KB
0
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
Origin
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
font/woff
178308138_5a7dfbb2a5e5cdb30b5dfe8f0adc3aec_178308139.jpg
global-assets.adtooxcirrus.com// Frame 0C1F
14 KB
14 KB
Image
General
Full URL
https://global-assets.adtooxcirrus.com//178308138_5a7dfbb2a5e5cdb30b5dfe8f0adc3aec_178308139.jpg?access-token=jZ17TZnLw7m3gw2EJ3Ogx1WOj1qas36KtLj6LeJOrqmMoLnmK7wa1z26UJLzS38rFgf-O3JZbwfZNbsP3Ey3tBSzvF_KX-RzqYq4ofjD5MY
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b2655ab5046b01104ebe35031fd71eb3cf4dbcb9c4c7084bd974f3838272234c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:18 GMT
last-modified
Wed, 10 Nov 2021 18:08:31 GMT
server
keycdn-engine
x-edge-location
defr
etag
"618c0a9f-3897"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
*
content-length
14487
expires
Mon, 20 Dec 2021 13:21:18 GMT
178308142_65d55c371ed3162b0beecd99e0ee2f91_178308143.jpg
global-assets.adtooxcirrus.com// Frame 0C1F
15 KB
16 KB
Image
General
Full URL
https://global-assets.adtooxcirrus.com//178308142_65d55c371ed3162b0beecd99e0ee2f91_178308143.jpg?access-token=uNu2fOz2VtjDgUo0oR5fORekuO4HYN_Boq4TZwmpTqY7-rjf7glgnrT1sMYdCNNwgbJZh53yPZTfLeos7TvRQBSzvF_KX-RzqYq4ofjD5MY
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
e6e826dedd2a56d4a81ad8b2a0bd469f1cce4605aac34fe972bcaf93796d44cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:18 GMT
last-modified
Wed, 10 Nov 2021 18:08:11 GMT
server
keycdn-engine
x-edge-location
defr
etag
"618c0a8b-3d88"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
*
content-length
15752
expires
Mon, 20 Dec 2021 13:21:18 GMT
178308140_cdaebd3b26de72c297261f66b95505f8_178308141.jpg
global-assets.adtooxcirrus.com// Frame 0C1F
1 KB
2 KB
Image
General
Full URL
https://global-assets.adtooxcirrus.com//178308140_cdaebd3b26de72c297261f66b95505f8_178308141.jpg?access-token=7_sOMth2lzUsaUWKuk7gTonpH9LBx0U8EZWwD6iIGxUw0UqRm4ZE_Gvv87c7OTsZZF7eC0Ap_rojsHffpLE73xSzvF_KX-RzqYq4ofjD5MY
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
633a1ba9bbd81f81af605df3ed6a876bb7fb6ee3a5de716df21c227baeb39394

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:18 GMT
last-modified
Wed, 10 Nov 2021 18:08:10 GMT
server
keycdn-engine
x-edge-location
defr
etag
"618c0a8a-5dc"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
*
content-length
1500
expires
Mon, 20 Dec 2021 13:21:18 GMT
178308144_c81e74b2d4907ffcad99383d5355eaf7_178308145.jpg
global-assets.adtooxcirrus.com// Frame 0C1F
19 KB
19 KB
Image
General
Full URL
https://global-assets.adtooxcirrus.com//178308144_c81e74b2d4907ffcad99383d5355eaf7_178308145.jpg?access-token=uqsZP0G36SxHyxYgvg5W21iG1pFk-n9JM0FSs4pCP066xsG_Lw35QBzWloD4A9Kv79nCGseK-6fXMej6s60bKxSzvF_KX-RzqYq4ofjD5MY
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
14423f2cf05c58448d1beed41d420fbb94644ff34c3586d6bde079debd671689

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:18 GMT
last-modified
Wed, 10 Nov 2021 18:08:12 GMT
server
keycdn-engine
x-edge-location
defr
etag
"618c0a8c-4b8c"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
*
content-length
19340
expires
Mon, 20 Dec 2021 13:21:18 GMT
plugin
se-de-fr-ect.adtooxcloud.com/ectracker/ Frame 0C1F
44 B
492 B
Image
General
Full URL
https://se-de-fr-ect.adtooxcloud.com/ectracker/plugin?len=30&cc=1MKCT30BR001&cc_id=178303315&bc=9035&dur=1&seq=10a235e9-bc8e-406a-a612-a16d78795982&rnd=1180944994&res=autoplay&tag1=300x250_mobile&custom_id=undefined&tag3=inbanner&cache_buster=194573
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
213.136.34.196 Stockholm, Sweden, ASN8473 (BAHNHOF www.bahnhof.net, SE),
Reverse DNS
h-213-136-34-196.NA.cust.bahnhof.se
Software
Apache-Coyote/1.1 /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
No-cache
Date
Mon, 13 Dec 2021 13:21:17 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
Cache-Control
no-cache
Content-Type
image/gif
Content-Length
44
Expires
Thu, 01 Jan 1970 00:00:00 GMT
178307907_fd19096ca7d9f5679b13d724558458f4_178307908.webm
global-assets.adtooxcirrus.com// Frame 0E5A
144 KB
0
Media
General
Full URL
https://global-assets.adtooxcirrus.com//178307907_fd19096ca7d9f5679b13d724558458f4_178307908.webm?access-token=c64u1W4e8XqYVdIuV9YWsD5dlZhy9bY7ziy39_4K-ravwLunPuQE0lzdKn8IdSwsG1_CWY0CaebeV9DwRlvTJg6pqLltHzzkCYY6GOnTAnw
Requested by
Host: t.co
URL: https://t.co/vavbHZiQMK
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash

Request headers

Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 13 Dec 2021 13:21:18 GMT
last-modified
Wed, 10 Nov 2021 18:08:23 GMT
server
keycdn-engine
access-control-allow-origin
*
x-edge-location
defr
etag
"618c0a97-a4f31"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
video/webm
Content-Range
bytes 0-675632/675633
cache-control
max-age=604800
access-control-allow-headers
*
Content-Length
675633
expires
Mon, 20 Dec 2021 13:21:18 GMT
plugin
se-de-fr-ect.adtooxcloud.com/ectracker/ Frame 0E5A
44 B
492 B
Image
General
Full URL
https://se-de-fr-ect.adtooxcloud.com/ectracker/plugin?len=30&cc=1MKCT30BR001&cc_id=178303315&bc=9035&dur=1&seq=f73437fd-82e2-4063-9033-00f0f623e1f2&rnd=585723062&res=autoplay&tag1=970x250&custom_id=undefined&tag3=inbanner&cache_buster=997971
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
213.136.34.196 Stockholm, Sweden, ASN8473 (BAHNHOF www.bahnhof.net, SE),
Reverse DNS
h-213-136-34-196.NA.cust.bahnhof.se
Software
Apache-Coyote/1.1 /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
No-cache
Date
Mon, 13 Dec 2021 13:21:17 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
Cache-Control
no-cache
Content-Type
image/gif
Content-Length
44
Expires
Thu, 01 Jan 1970 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0E5A
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYtforGgl8dC0BTEZBIIMXnZiHcwTL7Cbv19NBPSA2tmXgJaA-kEw9G48tKO4hNk7KHXhRrxxvjvQ5EoGmk8ElIJUGoy31Xg4tAGNtWAdLCy4XKREa&sig=Cg0ArKJSzA-LPZ8-z-AFEAE&id=lidar2&mcvt=1000&p=218,315,468,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=2229936766&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639401676479&rpt=1380&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:21:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
plugin
se-de-fr-ect.adtooxcloud.com/ectracker/ Frame 0C1F
44 B
492 B
Image
General
Full URL
https://se-de-fr-ect.adtooxcloud.com/ectracker/plugin?len=30&cc=1MKCT30BR001&cc_id=178303315&bc=9035&dur=2&seq=10a235e9-bc8e-406a-a612-a16d78795982&rnd=1652262649&res=autoplay&tag1=300x250_mobile&custom_id=undefined&tag3=inbanner&cache_buster=432651
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
213.136.34.196 Stockholm, Sweden, ASN8473 (BAHNHOF www.bahnhof.net, SE),
Reverse DNS
h-213-136-34-196.NA.cust.bahnhof.se
Software
Apache-Coyote/1.1 /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
No-cache
Date
Mon, 13 Dec 2021 13:21:20 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
Cache-Control
no-cache
Content-Type
image/gif
Content-Length
44
Expires
Thu, 01 Jan 1970 00:00:00 GMT
178308138_5a7dfbb2a5e5cdb30b5dfe8f0adc3aec_178308139.jpg
global-assets.adtooxcirrus.com// Frame 0C1F
14 KB
14 KB
Image
General
Full URL
https://global-assets.adtooxcirrus.com//178308138_5a7dfbb2a5e5cdb30b5dfe8f0adc3aec_178308139.jpg?access-token=jZ17TZnLw7m3gw2EJ3Ogx1WOj1qas36KtLj6LeJOrqmMoLnmK7wa1z26UJLzS38rFgf-O3JZbwfZNbsP3Ey3tBSzvF_KX-RzqYq4ofjD5MY
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b2655ab5046b01104ebe35031fd71eb3cf4dbcb9c4c7084bd974f3838272234c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:21 GMT
last-modified
Wed, 10 Nov 2021 18:08:31 GMT
server
keycdn-engine
x-edge-location
defr
etag
"618c0a9f-3897"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
*
content-length
14487
expires
Mon, 20 Dec 2021 13:21:21 GMT
178308140_cdaebd3b26de72c297261f66b95505f8_178308141.jpg
global-assets.adtooxcirrus.com// Frame 0C1F
1 KB
2 KB
Image
General
Full URL
https://global-assets.adtooxcirrus.com//178308140_cdaebd3b26de72c297261f66b95505f8_178308141.jpg?access-token=7_sOMth2lzUsaUWKuk7gTonpH9LBx0U8EZWwD6iIGxUw0UqRm4ZE_Gvv87c7OTsZZF7eC0Ap_rojsHffpLE73xSzvF_KX-RzqYq4ofjD5MY
Requested by
Host: www1.folha.uol.com.br
URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
633a1ba9bbd81f81af605df3ed6a876bb7fb6ee3a5de716df21c227baeb39394

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:21:21 GMT
last-modified
Wed, 10 Nov 2021 18:08:10 GMT
server
keycdn-engine
x-edge-location
defr
etag
"618c0a8a-5dc"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
*
content-length
1500
expires
Mon, 20 Dec 2021 13:21:21 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ivccf.ivcbrasil.org.br
URL
https://ivccf.ivcbrasil.org.br/i?stm=1639401674969&e=pv&url=https%3A%2F%2Fwww1.folha.uol.com.br%2Fcotidiano%2F2021%2F12%2Fsites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml%3Futm_source%3Dtwitter%26utm_medium%3Dsocial%26utm_campaign%3Dcomptw&page=Ataque%20hacker%20tira%20do%20ar%20sites%20do%20Minist%C3%A9rio%20da%20Sa%C3%BAde%20e%20do%20Conecte%20SUS%20-%2010%2F12%2F2021%20-%20Cotidiano%20-%20Folha&refr=https%3A%2F%2Ft.co%2F&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=125&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=c657b0c7-44d4-4790-ae0c-548d667130a1&dtm=1639401674967&vp=1600x1200&ds=1600x7960&vid=1&sid=da73e18d-5595-414e-b90d-dd8e88a40095&duid=1f3cee2d-82df-4d10-8806-daff55423530&fp=2672463103
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11583.1/5198190/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1167077f0cb0a08;misc=1639401675710;
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11583.1/5147073/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=204641eeb4d629a;misc=1639401675713;
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11583.1/5198191/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=29b84809408a0dd;misc=1639401675716;
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11583.1/5147074/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=38cbde257563994;misc=1639401675719;
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11583.1/5198192/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=5543533419988e7;misc=1639401676134;
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11583.1/5147072/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=5639764cb93ab1d;misc=1639401676145;

Verdicts & Comments Add Verdict or Comment

255 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| universal_variable object| _sf_async_config number| _sf_startpt object| prevent_sf_async_config object| uolads object| UOLPD object| _cbq object| _cb_shared object| _cbm object| _taboola object| ReadSpeakerDefer boolean| ReadSpeakerJIT string| mod object| rspkr object| rs object| ReadSpeaker object| dataLayer object| core object| __core-js_shared__ object| firebase object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| _comscore string| idx function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| regeneratorRuntime function| setImmediate function| clearImmediate function| P object| lazySizes object| paywallDigital object| paywallIsLogged object| paywallDataPromise object| modalDropInstances boolean| modaDropIsOpen object| folhaUtils object| paywall object| GlobalIvcNamespace function| ivc string| urlApp object| config function| openRequestPermissionDialog function| getStatus function| setCookiePush function| requestPermissionFirebase function| getRegToken function| setTokenSentToServer function| isTokenSentToServer function| subscribeTokenToTopic string| urlNotOriginal string| urlNot function| taboolaPush number| taboola_view_id string| prop boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| udm_ object| ns_p object| COMSCORE function| _getWindow function| _camelCase function| _fcamelCase function| _trim function| _getCss function| _getSize function| _scrollXY function| _addEvent function| _removeEvent object| $rs object| Snowplow object| UrlCache object| SUBSCRIPTIONS object| SWG object| _pmk function| TBWidgetFacebook function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| yi object| _pm_mcg function| agora_append_comments function| agora_build_comments_details function| guia_append_comments function| guia_build_comments_details object| folha function| Hammer function| fbAsyncInit object| rsConf object| eventAfterResizeTime function| _expand function| _animate function| readpage function| rshlexit function| rshlinit function| rshlsetContent function| rshlsetId function| rshlsync function| rshlcontinue object| __twttrll object| twttr object| __twttr object| FB object| tiktokEmbed function| triggerUOLTM object| pbjs object| __configuredDFPTags object| googletag object| __dfpAsyncRenderingCallbacks boolean| adoptHideAfterConsent object| _ttprofiles object| DYNAD_TV object| placementData string| nam function| audCountClick function| rewriteBarraUOL string| version function| TTProfilesBase function| ttProfilesBaseE object| _ttsHolder object| TTTagManager function| TTTagManagerError object| _ttq_tt_fsp object| ggeac object| google_js_reporting_queue object| _ttq_tt_uol string| consentStatus string| disclaimerStatus function| pbjsChunk object| _pbjsGlobals object| _tfa undefined| google_measure_js_timing boolean| __servicesRequest boolean| gllConfigured object| __dfpEvent object| googleToken object| googleIMState function| processGoogleToken object| cmTag number| google_unique_id object| gaGlobal string| GoogleAnalyticsObject function| ga function| uolAnalytics function| hitOmniturePhoto function| hitOmniture function| webpackHotUpdate function| startCMTagMain number| __countRenderedSlots number| __slotsLoadTime number| __averageSlotsLoadTime object| ampInaboxIframes object| ampInaboxPendingMessages object| google_tag_data object| gaplugins object| gaData boolean| folha_ads object| _cm_wfCounters object| consentResult boolean| thirdPartyCookie string| _dt_dynad_5550010343_16394016759191073485753 object| _tp_dynad_5550010343_16394016759191073485753 function| _DADB_5550010343_16394016759191073485753 function| _DAFIFO_5550010343_16394016759191073485753 string| DYNAD_TV_IMPLEMENTATION object| _is_mobile_dynadtv_ object| _dd_st_vl_16394016759191073485753 function| DYNAD_TV_ElementWatcher string| k

33 Cookies

Domain/Path Name / Value
www1.folha.uol.com.br/cotidiano/2021/12 Name: _gada_ses.f7f2
Value: *
www1.folha.uol.com.br/cotidiano/2021/12 Name: _gada_id.f7f2
Value: 1f3cee2d-82df-4d10-8806-daff55423530.1639401675.1.1639401675.1639401675.da73e18d-5595-414e-b90d-dd8e88a40095
www1.folha.uol.com.br/cotidiano/2021/12 Name: privAu
Value: 0
www1.folha.uol.com.br/cotidiano/2021/12 Name: loggedpaywall
Value: 1
.adtooxcloud.com/ectracker Name: uid
Value: "6d40eb07-8346-4306-aeb5-30594f731066"
.t.co/ Name: muc
Value: 07ea0aa0-1b56-45ca-9c63-90c08c820836
.t.co/ Name: muc_ads
Value: 07ea0aa0-1b56-45ca-9c63-90c08c820836
www1.folha.uol.com.br/ Name: _cb_ls
Value: 1
.scorecardresearch.com/ Name: UID
Value: 1G6CUG2UR4JD31COSJIOSLg1639401675
www1.folha.uol.com.br/ Name: _tb_sess_r
Value: https%3A//t.co/
.google.com/ Name: NID
Value: 511=ZKQbIYfca3BKldRg6KYuU0GrZXCdWnpWhFizT_arNWcy7EzF-k59n2j-VtAfoK3xhEia7wsL6AqkFqYpX8AQU0eSrcVWP5TICDm3Zsx9sAegE1mn1TuA7p9m0aXJhzlgl7W3MsbF2KYLkEy194Gavn75L2QncypMN07v3_YHoGQ
.paywall.folha.uol.com.br/ Name: PHPSESSID
Value: 0edbfa4b43bbde9d898d032664d6499e
www1.folha.uol.com.br/ Name: folha_ga_userType
Value: not_logged
www1.folha.uol.com.br/ Name: folha_ga_loginType
Value: not_logged
www1.folha.uol.com.br/ Name: folha_ga_userGroup
Value: visitor
www1.folha.uol.com.br/ Name: folha_ga_swgt
Value: sub_na
paywall.folha.uol.com.br/ Name: acesso_folha
Value: 3c850565ed306f371bd724ae7f083480
www1.folha.uol.com.br/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D7cb41445-b6dc-41ae-b4d9-77dd4a5880d0-tuct8b0ce4a
comentarios1.folha.uol.com.br/ Name: PHPSESSID
Value: b41fcd6e007e29b6c8dcf9ef3f0f3905
.t.tailtarget.com/ Name: u
Value: fwAAAWG3SMum2AZjSSbWAgB=
.t.tailtarget.com/ Name: _ssc
Value: y
.rubiconproject.com/ Name: rsid
Value: 1|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxp8EvrzPAh1r4z5P2LlQsbyZLOJieikSHO3tT2oYW2peUfJM3OqKzSlnlAWiFIP9hAlb/GKFQIhzGqqEKUxOMWpH+S3NzCR
.rubiconproject.com/ Name: khaos
Value: KX4PFGVB-Q-FYYS
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqLUYgoHY/Gyq3T44WD0xC8rrUfOpRTiXFyH6GfBxt1tgYMqmcP7HxX86BbLnfgychQALoxX9BWrFww/adD15BgEp7D7tPC1sVSUOwFm0bYXQ==
.uol.com.br/ Name: _ga
Value: GA1.3.1305299269.1639401676
.uol.com.br/ Name: _gid
Value: GA1.3.1501912263.1639401676
.uol.com.br/ Name: _gat_uolMain
Value: 1
.goadopt.io/ Name: VisitorId
Value: 6770553a-feb3-4af7-a55d-ced17cc34dbb
.doubleclick.net/ Name: IDE
Value: AHWqTUn3EV05E0vyqQD8a9Bm5njvAA0bIuTroDDfzxJTeOUz_ZWZvogvQWEJ4IPswC8
.spotxchange.com/ Name: audience
Value: 8d036f86-5c17-11ec-99b0-1093d7b30206
.taboola.com/ Name: t_gid
Value: 6bf364d0-9ddb-4ef2-acb2-3ae05524bd1f-tuct8b0ce4c
.dynad.net/ Name: uid
Value: 236611639401675919
.uol.com.br/ Name: __gads
Value: ID=aa1660bdd9abcb3f:T=1639401675:S=ALNI_MYKJPJDwjVP7a85ZgF33dTWVx_6WQ

15 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
javascript error URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Message:
Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11583.1/5147074/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=38cbde257563994;misc=1639401675719;' from origin 'https://www1.folha.uol.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11583.1/5147074/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=38cbde257563994;misc=1639401675719;
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Message:
Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11583.1/5147073/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=204641eeb4d629a;misc=1639401675713;' from origin 'https://www1.folha.uol.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11583.1/5147073/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=204641eeb4d629a;misc=1639401675713;
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Message:
Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11583.1/5198190/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1167077f0cb0a08;misc=1639401675710;' from origin 'https://www1.folha.uol.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11583.1/5198190/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1167077f0cb0a08;misc=1639401675710;
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Message:
Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11583.1/5198191/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=29b84809408a0dd;misc=1639401675716;' from origin 'https://www1.folha.uol.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11583.1/5198191/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=29b84809408a0dd;misc=1639401675716;
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Message:
Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11583.1/5147072/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=5639764cb93ab1d;misc=1639401676145;' from origin 'https://www1.folha.uol.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11583.1/5147072/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=5639764cb93ab1d;misc=1639401676145;
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www1.folha.uol.com.br/cotidiano/2021/12/sites-do-ministerio-da-saude-e-do-conecte-sus-saem-do-ar-apos-suposto-ataque-hacker.shtml?utm_source=twitter&utm_medium=social&utm_campaign=comptw
Message:
Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11583.1/5198192/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=5543533419988e7;misc=1639401676134;' from origin 'https://www1.folha.uol.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11583.1/5198192/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=5543533419988e7;misc=1639401676134;
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://www.compassbr.com/sobre-a-compass-gas-e-energia/compass-gas-e-energia/utm_source=folha&utm_medium=video&utm_campaign=1920X1080&utm_id=cosan_compass_videoo
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.compassbr.com/sobre-a-compass-gas-e-energia/compass-gas-e-energia/utm_source=folha&utm_medium=video&utm_campaign=1920X1080&utm_id=cosan_compass_video
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
c2shb.ssp.yahoo.com
c3.taboola.com
cdn.taboola.com
cds.taboola.com
comentarios1.folha.uol.com.br
connect.facebook.net
disclaimer-api.goadopt.io
displaycompiler.adtooxcirrus.com
efd66dcb668c7a765e3ee63743d00346.safeframe.googlesyndication.com
estudio.folha.uol.com.br
f.i.uol.com.br
f1-na.readspeaker.com
fastlane.rubiconproject.com
fonts.gstatic.com
gadasource.storage.googleapis.com
global-assets.adtooxcirrus.com
ib.adnxs.com
images.taboola.com
imasdk.googleapis.com
imguol.com
imprammp.taboola.com
ivccf.ivcbrasil.org.br
jsuol.com.br
mab.chartbeat.com
match.adsrvr.org
me.jsuol.com.br
news.google.com
pagead2.googlesyndication.com
paywall.folha.uol.com.br
pips.taboola.com
platform.twitter.com
play.google.com
pubads.g.doubleclick.net
s.dynad.net
s0.2mdn.net
s16.tiktokcdn.com
sb.scorecardresearch.com
se-de-fr-ect.adtooxcloud.com
securepubads.g.doubleclick.net
sf-hs-sg.ibytedtos.com
sf16-scmcdn-sg.ibytedtos.com
social.folha.com.br
static.chartbeat.com
static.folha.uol.com.br
stats.g.doubleclick.net
stats1.folha.uol.com.br
stc.uol.com
sync-t1.taboola.com
sync.search.spotxchange.com
syndication.twitter.com
t.co
t.dynad.net
taboola-supply-partners.tremorhub.com
tag.goadopt.io
tm.jsuol.com.br
tm.uol.com.br
tpc.googlesyndication.com
trc.taboola.com
tt-12340-4.seg.t.tailtarget.com
vidstat.taboola.com
widget.perfectmarket.com
www.compassbr.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.tiktok.com
www1.folha.uol.com.br
adserver-us.adtech.advertising.com
ivccf.ivcbrasil.org.br
104.244.42.69
104.244.42.8
13.35.253.75
141.226.224.32
141.226.228.48
142.250.185.66
151.101.1.44
151.101.193.181
185.33.220.244
185.94.180.125
2.16.186.26
200.147.118.15
200.147.36.53
200.187.199.64
213.136.34.196
2600:1f18:612b:4264:3ca:5412:4ba5:20da
2600:9000:2057:1800:18:1fcd:34f:cdc1
2600:9000:206f:a000:6:5b96:3f00:93a1
2600:9000:214f:f800:6:9eb2:5cc0:93a1
2602:803:c003:200::21
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:e8
2804:49c:3101:401:ffff:ffff:ffff:50
2804:49c:3101:405:ffff:ffff:ffff:20
2804:49c:3102:405:ffff:ffff:ffff:7
2804:49c:319:430::339
2804:49c:3403:2676:ffff:ffff:ffff:6
2a00:1450:4001:803::2002
2a00:1450:4001:809::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2010
2a00:1450:4001:812::2006
2a00:1450:4001:813::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2001
2a00:1450:400c:c06::9d
2a02:26f0:6c00::210:ba0b
2a02:6ea0:c400::13
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:200::714
2a04:4e42:400::300
2a0b:4d07:101::1
34.102.185.99
34.199.233.122
35.157.246.167
52.223.40.198
54.94.49.180
95.101.27.105
95.101.27.8
05014e9ba9ecf14d040f591869688725c5d1c114366aff20d966133612c5298b
050e9889d9509e3aac647f21f144adf55b049dcfd0e7a98864b2b64ddf65da6e
0617cbdf093c2737bddd28c2a414820fff8ffb6b5e7d0912f5265a3b3c94b84a
0837563b174e20d1adbd2e2a07c3375b2b82a5d889b2ff61cc570bda78b783be
095744fa45e2c246e5aed63e5c5d0d7c43025c2ea231e361f6600fa6a0318c31
0a5e2fdeee01580357b0fe44c7c1b73f571722ccf5818ef0147116ff2ce8df0c
0aaca9bc3dde7d71787fce0fd2859da652434dd08d1e837abde8d1a65433d87f
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d10c2f0d9e8bcbb8443e0a854e165c1064b205fa2b8a135c50e34f81944a202
0e79cede02b20c3bab8736bf4457f51415177d0411d9f059beb9cd94db08d2f3
11a53e846f05b00ab8809a02d72580090c0dbfce59e6eefd4c159d70461b88c3
128921b242c2b1953c2a1691cfd681f716ecbe620ec1a2424a644b9487c23760
12ea16ca92301bfbfb7528367b182a4fe29f40819dd6156264974b252c2d5150
12f28aa1b725daa4369b9f9eac7f49da87315a9fb4df733a23d91077a74ca69e
13866116cfae36aacc431fe8d72a1ac6353a0436dcd42da11981b41ccf548a14
13adb8c3d1794ac1fc460227e6b0ec385477a8faa6bdc410258464c6fcadd705
13cad5d2aa60f7e2ed1c5439addc8a741567b8289801208e1c55024b22e0d5b9
14423f2cf05c58448d1beed41d420fbb94644ff34c3586d6bde079debd671689
16eac1eb2aae66e8bab630958963fabc35cff3ca7935d724c0de9c5ab32299c4
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
1928dc2b2ee127bbc7cbd955ec925315d8fbf150e1db4bea35263b0bb0afc98d
19bdc557340842c66c90953f04cc2f60370ae237353ec0812268b535d60667ee
1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1
1ae8bbb7baf2bcf96f7e2cf9a63b11603ce80e344d19425d4f93241a95fee40e
1c708625bb2a329a0974ba90a387d99441cbb897f1a197ae120f34dda355809a
1e55e647e6f1993ac6a077841a9c88ea455b53e72c60cf9d0e9e7f023e6b82c3
1e957450e92956c6674b71c73dfaf813b537dce3c02c6d724ca9205672017a5a
21066df526698f176cdc99d00c52fcab5531bf5c97bb3d239a19705a69e0ad71
22282658b48cf670d2a4a37cc70aa2cc7a66108de851aff58b096fb4b747748b
23e695a008f7090011a9b9ba81c97968fdf955774e41835ab4986d05708f7edf
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719
28c48173a3d22a330c9be901a0d58053bea418e04957197f1e3fb2784da355dc
29d02dd9b7f49c101bea4f0893ac0aa1e33f53758c52576fbcc3f1837eadcb2a
2d198b653ef0d0dce874660a1e5ce2b05e2a6348cb14b809a5b7a5091a39a001
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2dd5b2b6748ebc91627f1e1c06af662323f26766ab0c73bdf40f91a369c212ec
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eca349bb253979f54287e500987c87a4737fffe60d706808c00fc175a5f4b41
305c2c70aab9f5f39bc8cf5ccf9083f5d8ae47e6290379c2f745b3454753511e
312e7c664cee8c126ad1b394f94ba759ecf716b4b1e1631bffdcc9dff4cea106
315f7d379ef6cc1e912e3f7eab92d7a5f0a896b268b00813105fe1c632215c8d
374f06eefdd3f993de5cc6e3fd1646f34b73fd6f91118c7e6a21575cdc4ae541
3782eb9d6004503d7bcbc3f945fa39281eb6c35cbf51cd86edfb68ad6255dc3f
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3ab7be00229f1faecde852050b7076154c5e4033c5bec213f53c980f1192a647
3b1ed5740b2fdbb6077dea5980a77e5576772ee73514187985356affbe404197
3ca1c26b425eff60c1f008099d9b0d2297221f122e8547950e8ca8ebdac79e4a
3d08158222067537c592c1c84ae8b8c950007f0c423f7fb92b6e51f7fa375284
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f960551a0cdf760e25293dafc235f63c3afa08ae6a9d3ee7d774deabad8ea34
40b0a874f188fc1192a5e55c572e0dd8163710a558d1cde5119b389ddc0ee99b
4167c604ee5a719f314eebb2329408b3ea76d3e72d09e113f155435e62444d1b
4273203cb3c82d870688f268b25b8af0090c0e7ba38483b94d682e71e04a17d0
42f77311fdc406b042f64b5fb676ac486558f908062e4859a74b396540579e52
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
487ef1b1a657ab23c755ec06d8a38d0703dc9d03617b1dfbf017135211cc1fba
4a62ab577329786aba0873d73657bb8de940dcf434ebc5e44590ca4f318b37e4
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50f198c4c8deabd496e3f6674504214a643b120144697fe02126143ed2031eb3
526002150ce50b7a0fe875a32a2bf84ce2e78ce38282f3186eeab4f8aac64a1a
5573265870e5b5354cf67f7ddd4cfdb3c86adff26553e1920194918cef66ff4a
5583a45882a56685cb5ad0e886c4f0103d796b9562939a431e5925614182e16d
5677685741a4251977d6d1e157566f3bb8a8f7a7ce956dd67a844c37eaf1cbd5
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5cae32e1f470d1fd51d427afdd20efc87fd94dc2bfdcc81367343e3585de6d29
5d2f8144e6784319954cd2d272b4e0a186215a21f72bcf0d09058d1e515abc2b
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f968c89475d66a0e3eef14a940ed328ce6dbd7f00349ffc72903471c11c874f
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c510f44bb9effc293f9d7e0716b4f25e0458c255e6ad4cc1265f5d967e5774
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0
633a1ba9bbd81f81af605df3ed6a876bb7fb6ee3a5de716df21c227baeb39394
63c1d5db963f88dce658b71336e6a28cdcecb8d783f7440846eccdfc3bd85890
6405aec2f2c2ab8afbb8b6b53cc9644816f8cce45f48fd848e9d78019e6bdf9e
65b8bf38e11c6bf8a8628a59400588f356e6ed3606504ac7ad3d60ac247080a7
65eea2ca83c0016cbc5ffd5a913a2854ca7911db76f0e5421ae428f628efba92
67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
68414970e5ebeed5b7e4c413985c9e66ff415c493afc4bf8e64ed24467a14344
6846163ecc308489cad10a3b8b47d6b8d2ff43a63b9d1b71fa944940c07da83d
6aa3bb1654ed0b4d7042dc38187b2cf1bbed6ee16fb3dbb900c1a0c083fa8493
6bffa53025ae2cedbbaaf3ef2f90ea6269d74dcbad9b3f06c775326657f422be
6f06be3f09a5e4d5f0c0fb0b9c38c0e7ea5de6d852841ffc576fbbc9896ade12
6f9339e8087dbb07d2ef630f740e83a576c4d914ff71f9401bc3798b82d5e17f
70cbdd6d70d94aecc94c8f3efffdcd61a16e554061f869b7a55c8b019c6347bd
70dbe5ebcdb8b55d9de74158f2ef7b2772b2a6a0a7143d60d72709020b81f0ac
71e104b47b4702cc4d8b3a0ec06f8320e73b875d815e921a72a31673be9f5da6
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
75f4c29c316624f4b79ee8a7b81c6a216e5f99440ab5bfbcc9b90a0c45926066
7902cade39cc0068b00c4cf52112c36a11c6a94d3619ba872a3e2253c3d52174
7a4cfc6245f989c71dea38e9a2852e9051e809266b1efdcf82df5c1f954b0c59
7e2f04029abafb1d17957d7301479ebd6627314236cf3b7800592f1d6c34c501
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
80aaf8f87007d51ed26c959e07b74357f73f280e7a4f17869a92fd1c73bdd2db
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85beaf4b225f28a4b626cfd1b1109f0cf582e0eca2e93da820d2daa0ade6e4e9
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3
87ea44807d7d9b225c299d01ee912eef00b288af7f3574d4f2c21ec9cbadc9b3
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
896bf7b52bb048f5228753f05212f0eb830a301afb7493c1a6fbd0ae8a03999c
897192a3fd49346c633e9973b66afc1d560d7398e36cc8f4f6aeac5ab467926e
89a9e39906cdeda608497b938b33548d1ed086111a5145122028d420ef10560b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9017dcbbbd80a341b7a9fb91589b3fbda77b1c4fbbcb10d27ecae336bd7f6ebd
90de1fd7bbaa2cd236049300935f5b3bc306f51631361c7ae7305d84d82f836c
9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690
91a7a1a2008d57f6b15cd87f964a0ba62be6c3d721ce20f885b8f5eff2605200
93905108575b6a3e41fef12487cc0a0798f17025afc145fead2f71eea98515a5
939770ea6517e7ba27e40e2c21dbeadd159778bfd4bb54d134c2eb288b7a8815
949576dcfca2db939a5e009ce87a656402a886c6112f05426096ed6c4bb42eb6
96606c8a8b58499f142c84f6b2d56ce20095c41b0cd50594ff6dc80c7d369443
967031013f3c352cb75363c6446b66a979d5a97243f230b26368e5a4d22a9281
96fd2ff90b845a85a793105940f32d9deddba89b5f4d79916e727abc98a72455
9702799b89a8e03716c55455d22566414e22fc88a1292f2c889515a0b34f9dfe
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46
9bad234cd4ed6c1df185cd5d903315fdfd0893795a9650e40be8de4dc9a5a993
9bf1b2c2494272121524a6c7d3f3b94c1e10783ca0535cf65255209d64f88b4d
9c49f5cd368f0f7f98510bcfaa2a4fedb74d348b9e5532a36a25ddcc8b1dffdd
9db4f551df1248b5789e6513473a14352ce6d1a771aa0f05a19014d01e1f806e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a24493d4e17fd50c92628639d864b97ac4c0e37380091a8865b31086386bf266
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4634dd20f48502ffdd571e63784d2a42bc9cd40acb0287c0577ed424daec46b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7baa007c35a2be99bbefd42c149d7bf7d6b38268c7873193d497a08404fe112
a7be7240fe439aa6115b5aef3b2cc52c4cacb9d142ed557d41119988b34dcfff
a89ea1b8cf0d6ac823b99b937074663c7222c0b8f423734df2b4b22f01394389
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201
aad65e7b2efb171d16e1120f07bc5ee7a9209d0d886dd67cb5adec5183b1dcad
ac3c66fed802eabd0dc110e1727f8f5a66820d021c90aab9af461b64ee5b916b
adb416a0f7956ee11dcf06d4ba66bbcbfb46c1aca567e180a3e9f6c67c8d882c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af826959e3b915ae25f936e25e0384e389fbaa98574273c18e54abf57883c723
b1077fe05a8a2eae432916d52ad1edce698b5ee5cc97f988a28ffe421f24437a
b2655ab5046b01104ebe35031fd71eb3cf4dbcb9c4c7084bd974f3838272234c
b3380d96fd6d64c525f4b2a8531e191b23e40bea96624f5713c09d31e0aa1860
b6207b851a8889b69ac80ce8ab80da1447884af23c56de6bbc5919bd7dc7c81e
b666cd4fde0554c6dbd946339abca10c1aba4fd4ebebc434e7fe38aa32b301e6
b7b62f2446d15d4dd07cec4fce5b7b0122d25e9bf003d648fe06c884238b44fe
b95421475a479c62fae8628219833abdc8daea6602f024e91452c616447856c8
ba55fdfb610eb4e610eaddf226c00d8a5d50fcc4f6ad724be4b0fec54a2184b4
ba70adf2020216558d39892f39d469a3b8eabefe26e3fe038c4e14272fcc1506
ba9fc9624e57831b2d1db24a54c4f8e0670760bd8f7b2ca1a83f9930ff6f2b64
bdbb3b88367e0dc7f2af34b3bb701fe2523c8653a48cdfd8aaf67c2d1e18b76d
c63635ffe1ea1c4731169ccfa13c0499174c7634d264beb4fca4809b7e75c0ee
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c9267a35f1b0c26590e326c316d08ef1d1c3daad8721067a2d0f01401a9921da
c9d9aab53026a6d1146c4363f7bc4ba87a78e3a740b7f390f6e4352020e1c6c3
ca093bc5b18e400067cb18c7f3efead5b4e915d3cd23cd7523ce99188f19c8d4
cac13dc2bb4b603ce92aaff5fcb4d1d6aab5a3357e87bb66d75755d4d8cf6c78
cae87a091fc40b6d12c3a5bc83c64c648d0a50e10e95da4a6a33a6574e1528d3
cda99e455c2a8ac7f16d927187b61cd0c2e8e442d32b30b39ab0a7c2145df726
cdd3ce298d44b81261b5e2156e9529a73c974f0ead62c84b28cf76861ab39dcc
ce4d52171bc885026ff87cfbd134b7a8af9636f7e884a7ffc3a03339eaa1df55
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1327da68c36f48498d5238b23dc4af4075c581a4dff7a8876503b7b11dba780
d4632051f15257ef10881ff1175bfc524a8f9e520d4258f9cd491bba0d6778c2
d5a74380995358a1c9116a783a2a0819237f3e4401aa82bc7f0105e1ecc87453
d98131bed30c97894a8469ba0ee8a21e796ceb0686143245b644b27ce4458eb5
da347fabb14e2490788cbcd14ea24dcaed86736124fa2ddfa5451291e49e663c
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e25140d3ad5020c3929f640f4f1b0be678d5133d8aa16a9c18cb3655df051f3f
e32795cfeef1a2dcc9f0887b6abe5ca3e66f8255e42d778db81a33dd6e84ece9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46f6a4ea2ce525c84061e20456cfd0b6d784cec588c4f059edae62873845eaf
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e6e826dedd2a56d4a81ad8b2a0bd469f1cce4605aac34fe972bcaf93796d44cf
e811e414f4376d969d84db459974e258fbea5cb9aaa9fc90049c18946eb2a6e7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0db5318410d235e626a560cc516c9cb237b1a8c400b8f246c9a75b53e917c6a
f11884de40899d47234c1cf86074c4e1daf2adf2b83ecff07996dba83044fa47
f124f29732727c8c6b214150fccd00790d8e95fc7bd068286c34cef32e4c66e1
f3fd9ceda41e1e915b4938ebada265a9e28c23c922a66d0a1a1b9f89a3ee41cd
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855
f5a79050187027c8758bea038fff4b90bf5243a41c8732f616b5bb3a35ecb4ff
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7d18dc71c2cca5cfd7c7b4fbf56ef0bd7e05d43d0b87dcf6aa64a01419c8e8a
fb46933a19e891f12ddd91564c8dab071f4e52f0fb7bc1831bb5daa138268fbe
fbdb6eec6681be6828834cbbef6925d395afbbb85a2016a01e15d3d8ac54bea0
fc133862015e1764b860a26501804c39d3589f3f01b152055f80b12ea421d109
fd71b49b9265833c0089f19d4b3b01df7368504636b840abd582a3aca7b22409
fdac1a3247f6636b0a366c779803ca0af16f5cf36b2ab34a5d48a0911cd59e1a
fe6f2f49871d5a611da36647c78cfb182f2ab3dc3ca042d67f22e8f8938ad239